RE: iSCSI - Login proposed change

To: "Julian Satran" <Julian_Satran@il.ibm.com>
Subject: RE: iSCSI - Login proposed change
From: "Bill Strahm" <bill@sanera.net>
Date: Thu, 30 Aug 2001 14:09:32 -0700
Cc: "Ips@Ece. Cmu. Edu" <ips@ece.cmu.edu>
Content-Transfer-Encoding: 7bit
Content-Type: text/plain;charset="us-ascii"
Importance: Normal
In-Reply-To: <OF48C22E07.2F07CD1B-ONC2256AB8.005AF60F@telaviv.ibm.com>
Sender: owner-ips@ece.cmu.edu

I'll make some comments on the text... I'll copy the current text from your
.txt file then a comment denoted by [bills][\bills]


Security associations established before the Login request are outside the
scope of this document although they may realize a related function (e.g.,
establish a IPsec tunnel).
[bill]
Establish IPsec SAs using IKE or other methods.  I do not see a need to
specify tunnel/transport modes etc.
[\bills]


When a target detects an attempt to open a new session by the same SCSI
initiator port (same InitiatorName and ISID) to the same target portal group
it MUST check if the old session is still active.  If it is not active and
then the old-session must be reset by the target and a new session is
established. Otherwise, the Login MUST be terminated with a Login Response
of "Session already open with this initiator".
[bills]
How are we to determine that a TCP connection is active.  Do we send data on
it and wait for a timeout (3 minutes ???) before we can continue.  If the
TCP connection is not active, and the TCP connection is shutdown, what do
you mean by reset by the target ?
[\bills]



Indicates the version supported (the highest version supported by the target
and initiator). If the target does not support a version within the range
specified by the initiator, the target rejects the login and this field
indicates the lowest version supported by the target.
[bill]
I would rather see a failed login result in the socket closing, and not
leaking implementation details to the client.  Ok maybe I am a little
paranoid.
[\bills]


-----------------------------------------------------------------
Authentication| 0201 | 1   | The initiator could not be
Failure       |      |     | successfully authenticated.
-----------------------------------------------------------------
Authorization | 0202 | 1   | The initiator is not allowed access
Failure       |      |     | to the given target.
-----------------------------------------------------------------
[bills]
This is leaking interesting information.  Kind of like an operating system
telling you that it can't log you in (wrong password) vs. Unknown user...
This is information that doesn't need to be passed to the initiator that
can't authenticate.
[\bills]

If the Status Class is not 0, the initiator and target MUST close the TCP
connection.
[bills]
NO... The TARGET WILL close the connection.  Think about a DOS attack, I
just attempt a login, then leave my session open.  The TARGET MUST close the
socket
[\bills]


Security MUST be completely negotiated within the Login Phase or provided by
external means (e.g., IPSec).
[bills]
I thought we were providing security with IPsec...
[\bills]

Bill Strahm
Sanera Systems Inc.

-----Original Message-----
From: owner-ips@ece.cmu.edu [mailto:owner-ips@ece.cmu.edu]On Behalf Of
Julian Satran
Sent: Thursday, August 30, 2001 9:35 AM
To: ips@ece.cmu.edu
Subject: iSCSI - Login proposed change


I am not sure that I sent the right set of proposed changes - here is a
complete one:

Julo

(See attached file: Login-changes.txt)

References:
- iSCSI - Login proposed change
  - From: "Julian Satran" <Julian_Satran@il.ibm.com>

Prev by Date: RE: iSCSI: reusing ISID for recovery
Next by Date: RE: iSCSI-08 Draft Availability?
Prev by thread: iSCSI - Login proposed change
Next by thread: RE: iSCSI - Login proposed change
Index(es):
- Date
- Thread

Home

Last updated: Tue Sep 04 01:03:49 2001
6315 messages in chronological order