Re: iSCSI Login Questions

To: ips@ece.cmu.edu
Subject: Re: iSCSI Login Questions
From: "Julian Satran" <Julian_Satran@il.ibm.com>
Date: Fri, 27 Jul 2001 09:27:41 +0300
Content-type: text/plain; charset=us-ascii
Importance: Normal
Sender: owner-ips@ece.cmu.edu

Steve,

The sequence was meant to end always with an I,T handshake. If T starts it
then we have a T,I,T exchange
This is what I suggest for the my new proposal too. Phase transition starts
always after a complete "instruction" (request response).

Julo

Steve Senum <ssenum@cisco.com> on 27-07-2001 02:35:41

Please respond to Steve Senum <ssenum@cisco.com>

To:   ips@ece.cmu.edu
cc:
Subject:  Re: iSCSI Login Questions

Julian:

If the sequences mentioned below are all valid,
plus the trivial sequence:

I-> Login
I-> Login-PR

where these are all followed by Operational
Parameter negotiation, I have a concern.

Since either side is allowed to initiate
the SecurityContextComplete=yes handshake,
I would think that either Initiator or Target
would transition to the next phase too soon
if one side thought the handshake was needed,
and the other side didn't.

The only way I see to keep this from happening
is either:

1. Don't allow the SecurityContextComplete=yes handshake
unless AuthMethod, HeaderDigest, or DataDigest keys
have been offered.

2. Always require the SecurityContextComplete=yes handshake.

Regards,
Steve Senum

Julian Satran wrote:
>
> Yes that is (in 07)  a legitmate sequence.  Julo
>
> Steve Senum <ssenum@cisco.com> on 26-07-2001 00:25:19
>
> Please respond to Steve Senum <ssenum@cisco.com>
>
> To:   ietf-ips <ips@ece.cmu.edu>
> cc:
> Subject:  Re: iSCSI Login Questions
>
> Julian,
>
> Is it valid (under draft -07) to offer the
> SecurityContextComplete key without the AuthMethod,
> HeaderDigest or DataDigest keys having been offered?
>
> In other words, are the following sequences valid?
>
> Sequence 1:
>
> I-> Login    SecurityContextComplete=yes
> T-> Login-PR SecurityContextComplete=yes
>
> Sequence 2:
>
> I-> Login
> T-> Login-PR SecurityContextComplete=yes
> I-> Text     SecurityContextComplete=yes
> T-> Text     SecurityContextComplete=yes
>
> Sequence 3:
>
> I-> Login
> I-> Login-PR
> I-> Text     SecurityContextComplete=yes
> T-> Text     SecurityContextComplete=yes
>
> Thanks,
> Steve Senum

Follow-Ups:
- Re: iSCSI Login Questions
  - From: Steve Senum <ssenum@cisco.com>

Prev by Date: iSCSI login phasing
Next by Date: I-D ACTION:draft-ietf-ips-iscsi-name-disc-02.txt
Prev by thread: Re: iSCSI Login Questions
Next by thread: Re: iSCSI Login Questions
Index(es):
- Date
- Thread

Home

Last updated: Tue Sep 04 01:04:11 2001
6315 messages in chronological order