|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: iSCSI Login QuestionsSteve, comments in text - Julo Steve Senum <ssenum@cisco.com> on 19-07-2001 23:28:55 Please respond to Steve Senum <ssenum@cisco.com> To: ietf-ips <ips@ece.cmu.edu> cc: Subject: iSCSI Login Questions Julian: Is the following valid (taking into account the changes requested from the UNH Plugfest)? I: Login: AuthMethod:none SecurityContextComplete=Yes I would assume not, that the initiator must wait until after the initial exchange of the AuthMethod, HeaderDigest, and DataDigest keys to send the SecurityContextComplete key. +++ It is correct because either the target will answer with T->Login AuthMethod:none SecurityContextComplete=Yes (accept and perhaps goon) or it wil send a login reject and drop the connection +++++ Also, if further simplification of the login process is desired, the working group might want to consider requiring the initiator to send the AuthMethod HeaderDigest and the DataDigest keys on the first login, so that the login sequence would always look like: I: Login: AuthMethod=a1,a2,aN HeaderDigest=hd1,hd2,hdN DataDigest=dd1,dd2,ddN T: LoginPR: AuthMethod=a1 HeaderDigest=hd1 DataDigest=dd1 ...Authentication phase, if needed I: Text: SecurityContextComplete=yes T: Text: SecurityContextComplete=yes ...Operational Parameter Negotiating phase ...Full Feature Phase +++ We will consider it +++ Regards, Steve Senum
Home Last updated: Tue Sep 04 01:04:15 2001 6315 messages in chronological order |