|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: iSCSI - Change - Login/Text commands with the binary stage codeSteve, my comments in text - Julo Steve Senum <ssenum@cisco.com>@ece.cmu.edu on 25-08-2001 01:54:47 Please respond to Steve Senum <ssenum@cisco.com> Sent by: owner-ips@ece.cmu.edu To: ietf-ips <ips@ece.cmu.edu> cc: Subject: Re: iSCSI - Change - Login/Text commands with the binary stage code Hi Julian, A have two questions on your proposal with respect to the new CNxSG field. 1. In the section: > Stage transition is performed through a command exchange > (request/response) carrying the F bit and the same current stage code. > During this exchange, the next stage selected is the lower of the two > next stage codes. The initiator can request a transition whenever it is > ready but a target can respond with a transition only after it is > offered one by the initiator. I assume from this that the target must always return the same "current stage" as the initiator, so there is no way for the stages to go backwards (which is fine with me). +++ that is correct. Stages can't go backwards +++ 2. In the section: > If the initiator is willing no negotiate security but it is unwilling to > make the initial parameter offer and may accept a connection without > security it issues the Login with the F bit set to 1, the CNxSG set to > SecurityNegotiation in the current stage and LoginOperationalNegotiation > in the next stage. If the target is also ready to forego security the > Login response is empty and has F bit is set to 1 and the CNxSG set to > SecurityNegotiation in the current stage and LoginOperationalNegotiation > in the next stage. So, if the initiator opens with: I-> Login (CNxSG=0,1 F=1) And the target responds with: T-> Login-PR (CNxSG=0,1 F=0) AuthMethod=CHAP And the initiator responds with: I-> Text (CNxSG=0,1 F=0) AuthMethod=CHAP The target should respond with a blank text message? T-> Text (CNxSG=0,1 F=0) Since all of the AuthMethods in Appendix A specify that the initiator MUST start the authentication sequence (which is fine with me). ++++ that is a correct sequence but the initiator could as well start the parameters on the same PDU it is acking the use of CHAP like: I-> Text (CNxSG=0,1 F=0) AuthMethod=CHAP A=<A1,A2...> True the sequences are not symmetric as we decided early on that the target has to reject and say why while the initiator will drop connections. +++++ Regards, Steve Senum
Home Last updated: Tue Sep 04 01:03:54 2001 6315 messages in chronological order |