Re: iSCSI: Login Proposal

To: ietf-ips <ips@ece.cmu.edu>
Subject: Re: iSCSI: Login Proposal
From: Steve Senum <ssenum@cisco.com>
Date: Tue, 21 Aug 2001 15:13:48 -0500
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset=us-ascii
References: <0B9A57FF1D57D411B47500D0B73E5CC101E7A831@dickens.bri.hp.com>
Sender: owner-ips@ece.cmu.edu

Matthew/Marjorie/Bob:

Some questions on your login proposal:

1. Why the following restriction?

    SecurityContextComplete=yes MUST NOT be present
    in the login command.

I don't see the benefit in not allowing something like:

I: AuthMethod:none
   HeaderDigest:crc-32c,none
   DataDigest:crc-32c,none
   SecurityContextComplete=yes
T: AuthMethod:none
   HeaderDigest:crc-32c
   DataDigest:crc-32c
   SecurityContextComlete=yes

2. In the following:

    If the login command does not contain security parameters
    the target MUST perform one of the two actions below:

    a) If the target requires security negotiation
       to be performed, then it MUST enter the security
       phase and MUST send a text response containing
       one or more security parameters and F=0.

    b)

Is this really needed?  Why not simply require the
initiator to offer security parameters if it supports them?
I would hope authentication would become the typical case
for login.

3. Is there only one Login Reponse then (just asking)?

Regards,
Steve Senum

References:
- Login Proposal
  - From: "BURBRIDGE,MATTHEW (HP-UnitedKingdom,ex2)" <matthew_burbridge@hp.com>

Prev by Date: RE: Login Proposal
Next by Date: RE: iSCSI: Login Proposal
Prev by thread: Login Proposal
Next by thread: Target record not to span PDUs?
Index(es):
- Date
- Thread

Home

Last updated: Tue Sep 04 01:03:58 2001
6315 messages in chronological order