iSCSI: SecurityContextComplete without operational parameters

To: <julian_satran@il.ibm.com>
Subject: iSCSI: SecurityContextComplete without operational parameters
From: "Eddy Quicksall" <EQuicksall@mediaone.net>
Date: Tue, 24 Jul 2001 08:55:05 -0400
Cc: <ips@ece.cmu.edu>
Content-Transfer-Encoding: 7bit
Content-Type: text/plain;charset="iso-8859-1"
Importance: Normal
Sender: owner-ips@ece.cmu.edu

In section "4.2 iSCSI Security and Integrity Negotiation", it would be best
if the target is required to send SecurityContextComplete=yes without any
new operational parameters within the same PDU.

It makes coding cleaner because the initiator can have a simple send/receive
loop that pops out when security is complete. If operational parameters are
allowed with SecurityContextComplete=yes, the initiator's security module
must also have operational parameter code or it must set flags, leave
information in buffers, etc that all create messy code.

The spec says:

           If the initiator has been the last to complete the handshake it
           MUST NOT start sending operational parameters within the same
           text command.

How about if we say the same thing for the target? There shouldn't be any
harm because I suspect everyone is doing that anyway.

Comments?


Eddy_Quicksall@iVivity.com

Prev by Date: I-D ACTION:draft-ietf-ips-iscsi-07.txt
Next by Date: Re: iSCSI: TargetAddress in the spec twice
Prev by thread: I-D ACTION:draft-ietf-ips-iscsi-07.txt
Next by thread: Re: iSCSI: SecurityContextComplete without operational parameters
Index(es):
- Date
- Thread

Home

Last updated: Tue Sep 04 01:04:14 2001
6315 messages in chronological order