SORT BY:

LIST ORDER
THREAD
AUTHOR
SUBJECT


SEARCH

IPS HOME


    [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

    Re: iSCSI Login Questions



    Julian:
    
    If the sequences mentioned below are all valid,
    plus the trivial sequence:
    
    I-> Login
    I-> Login-PR
    
    where these are all followed by Operational
    Parameter negotiation, I have a concern.
    
    Since either side is allowed to initiate
    the SecurityContextComplete=yes handshake,
    I would think that either Initiator or Target
    would transition to the next phase too soon
    if one side thought the handshake was needed,
    and the other side didn't.
    
    The only way I see to keep this from happening
    is either:
    
    1. Don't allow the SecurityContextComplete=yes handshake
    unless AuthMethod, HeaderDigest, or DataDigest keys
    have been offered.
    
    2. Always require the SecurityContextComplete=yes handshake.
    
    Regards,
    Steve Senum
    
    
    
    Julian Satran wrote:
    > 
    > Yes that is (in 07)  a legitmate sequence.  Julo
    > 
    > Steve Senum <ssenum@cisco.com> on 26-07-2001 00:25:19
    > 
    > Please respond to Steve Senum <ssenum@cisco.com>
    > 
    > To:   ietf-ips <ips@ece.cmu.edu>
    > cc:
    > Subject:  Re: iSCSI Login Questions
    > 
    > Julian,
    > 
    > Is it valid (under draft -07) to offer the
    > SecurityContextComplete key without the AuthMethod,
    > HeaderDigest or DataDigest keys having been offered?
    > 
    > In other words, are the following sequences valid?
    > 
    > Sequence 1:
    > 
    > I-> Login    SecurityContextComplete=yes
    > T-> Login-PR SecurityContextComplete=yes
    > 
    > Sequence 2:
    > 
    > I-> Login
    > T-> Login-PR SecurityContextComplete=yes
    > I-> Text     SecurityContextComplete=yes
    > T-> Text     SecurityContextComplete=yes
    > 
    > Sequence 3:
    > 
    > I-> Login
    > I-> Login-PR
    > I-> Text     SecurityContextComplete=yes
    > T-> Text     SecurityContextComplete=yes
    > 
    > Thanks,
    > Steve Senum
    


Home

Last updated: Tue Sep 04 01:04:11 2001
6315 messages in chronological order