Re: iSCSI Login Questions

To: ips@ece.cmu.edu
Subject: Re: iSCSI Login Questions
From: Steve Senum <ssenum@cisco.com>
Date: Fri, 27 Jul 2001 10:55:37 -0500
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset=us-ascii
References: <NFBBKBDFJCDMGCBKJLCJKEINFCAA.deva@platys.com>
Sender: owner-ips@ece.cmu.edu

Deva,

I think I might have lead you down the wrong track,
at least with respect to what problem I was
trying to discuss in my last message to Julian.

See my reply to Julian on this thread.

BTW, I would prefer to keep Operational Parameters
Negotiation start after the final handshake message
(sequence 2 below).

Steve Senum

Dev - Platys wrote:
> 
> Steve,
> 
> I've closely following the thread and after going through the interactions,
> I think I've to clear my doubts and present my opinion. If I am NOT on right
> track, please set me straight.
> 
> I agree that the current login sequence is highly flexible and compliance
> testing between initiator and targets will become a real issue.
> As said else where in this discussion we should give thoughts to reducing
> the number of handshakes for a login with and without authentication.
> 
> I would also think that the initiator has implied that authmethod is none by
> not including it. Hence the following sequence is OK. I think if the order
> of the key=value pair of authentication namely authmethod (if not present
> assumed no authentication), SecurityCompleteContext=Yes be specified to be
> ahead of the other parameters. It will be helpful but not a necessity
> though.
> 
>  I-> Login    SecurityContextComplete=yes + additional parameters.
>  T-> Login-FR SecurityContextComplete=yes + additional parameters
> 
> I think the side that requires authentication will give an error. If it is a
> target then login response will be an error code
> of authentication failure and if it is the initiator it can decide not to
> connect to the target by logging off the connection.
> 
> BTW, Which one of the sequences are you suggesting? I guess you are for
> sequence 2) below.
> 
> 1) I -> Login - AuthMethod=None
> T -> Login PR - SecurityContextComplete = Yes (May send a final response
> with error if the target requires authentication)
> I -> Text FR -  SecurityContextComplete = Yes + additional parameters
> T -> Target Final Response - SecurityContextComplete = Yes + additional
> parameters
> 
> 2) I -> Login - AuthMethod=None
> T -> Login PR - SecurityContextComplete = Yes (May send a final response
> with error if the target requires authentication)
> I -> Text PR -  SecurityContextComplete = Yes
> T -> Text PR - SecurityContextComplete = Yes
> I -> Text FR - Parameters for negotiation
> T -> Target Final Response - Negotiated parameters
> 
> thanks & regards
> 
> Deva

References:
- RE: iSCSI Login Questions
  - From: "Dev - Platys" <deva@platys.com>

Prev by Date: Re: iSCSI: NOP-Out closing the command window
Next by Date: Re: iSCSI: NOP-Out closing the command window
Prev by thread: RE: iSCSI Login Questions
Next by thread: Re: iSCSI Login Questions
Index(es):
- Date
- Thread

Home

Last updated: Tue Sep 04 01:04:11 2001
6315 messages in chronological order