SORT BY:

LIST ORDER
THREAD
AUTHOR
SUBJECT


SEARCH

IPS HOME


    [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

    Re: iSCSI boot



    Douglas Otis wrote:
    > If there already is a means of discovering either LDAP or SLP in conjunction
    > with DCHP together will some security features defined within the PXE
    > specification, then adding iSCSI specific information is not really
    > required.  If you assume there is security present within LDAP and there is
    > a defined schema, the ability to retrieve information related to things like
    > ISID, Initiator Name, Target Name, mount point, etc can be made available
    > through those standard services with security providing the initial filter.
    > LDAP can store state as it is commonly used to keep password counts and the
    > like. It is not a direct property of LDAP, but a well structured schema
    > should make this task easier.  I know that I will hear, "Send in the Draft"
    > but until there is consensus as to what is needed and how it is to be used,
    > it would be a likely futile venture.
    
    I think you are over complicating things Doug. We already have a well
    defined
    standard for Network Adapters to discover their identity and their
    "root"
    storage device using DHCP.  All that is really needed by the IPS WG is
    to define
    the syntax and semantics of the string that indicates where the iSCSI
    target is.
    
    While LDAP provides a lot of features and can easily be used as the
    directory
    service behind a DHCP server (and in fact is often is), it is highly
    unlikely
    that vendors will embed LDAP into the PROMs of their adapters to
    retrieve
    a simple string that can just as easily be served using their existing
    DHCP/PXE
    PROMs.
    
    Security is actively being worked on the the DHCP community so that
    is something that iSCSI can leverage.
    (draft-ietf-dhc-authentication-16.txt)
    
    So I won't say "Send in a Draft" but instead "The IESG won't let us
    reinvent existing protocols".
    
    	-David
    


Home

Last updated: Tue Sep 04 01:04:37 2001
6315 messages in chronological order