SORT BY:

LIST ORDER
THREAD
AUTHOR
SUBJECT


SEARCH

IPS HOME


    [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

    RE: Login Proposal



    
    > One comment though. If the initiator has no security 
    > parameters to negotiate
    > (implied by absence of all 4 security keys), then the 
    > initiator should be
    > allowed to include the operational parameters in the login 
    > cmd and set F=1.
    > This would conclude the login in just one exchange (unless the target
    > restarts the negotiation).
    > 
    > -Ayman
    > 
    
    The login proposal is a result of the groups decision (in London IETF) to
    make login deterministic (simplify implementation) and to that end it was
    agreed to separate login into two phases: security and operational
    parameter.  The reason for this has been discussed extensively on this list
    (see emails discussing UNH plugfest results).  What you suggest has caused
    problems in practical implementation.  The security phase must be agreed to
    be complete before it's safe to negotiate operational parameters, and the
    target must have a "say" in the security negotiations before this phase can
    be considered complete.
    
    Marj
    


Home

Last updated: Mon Feb 25 23:18:02 2002
8887 messages in chronological order