|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: Login Proposal> One comment though. If the initiator has no security > parameters to negotiate > (implied by absence of all 4 security keys), then the > initiator should be > allowed to include the operational parameters in the login > cmd and set F=1. > This would conclude the login in just one exchange (unless the target > restarts the negotiation). > > -Ayman > The login proposal is a result of the groups decision (in London IETF) to make login deterministic (simplify implementation) and to that end it was agreed to separate login into two phases: security and operational parameter. The reason for this has been discussed extensively on this list (see emails discussing UNH plugfest results). What you suggest has caused problems in practical implementation. The security phase must be agreed to be complete before it's safe to negotiate operational parameters, and the target must have a "say" in the security negotiations before this phase can be considered complete. Marj
Home Last updated: Mon Feb 25 23:18:02 2002 8887 messages in chronological order |