Re: iSCSI - Login changes and the latest agreements

To: ietf-ips <ips@ece.cmu.edu>, Julian Satran <julian_satran@il.ibm.com>
Subject: Re: iSCSI - Login changes and the latest agreements
From: Steve Senum <ssenum@cisco.com>
Date: Fri, 31 Aug 2001 16:53:19 -0500
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset=us-ascii
References: <OF09E4CA94.762BADDA-ONC2256AB9.001E9C51@telaviv.ibm.com>
Sender: owner-ips@ece.cmu.edu

Hi Julian,

Ayman and I have spent some time looking at your
latest login proposal.  We believe it solves
all of the issues with login that we knew of,
and provides a bit (no pun intended) cleaner approach.

Though we also think simply requiring the security phase,
including the old SecurityContextComplete=yes
handshake, would have solved the same issues with
draft 07.

The addition of the "C" bit solves our concerns
with the use of only login command/login response
pairs for the entire login sequence.

I have some (mostly) editorial comments on your
current proposal:

1. You might consider changing the name of the
   F (Final) bit to something like the T (Transition)
   bit to help alert implementers that the semantics
   of the bit have changed.

2. In the login header:

       +---------------+---------------+---------------+---------------+
      0|X|I| 0x03      |F|C 0 0| CNxSG | Version-max   | Version-min   |
       +---------------+---------------+---------------+---------------+

   You might want to insert a "|" between the "C" and "0" bits.

3. Section 2.12.3 F (Final) Bit:

      If set to 1 indicates that the initiator has no more parameters to set.

   You might want to change this text to better reflect the F bit's
   expanded role, like you did for section 2.13.1.

4. Section 2.13.1 F (Final) Bit:

   You might want to mention that the target can only set the F bit
   on the response if the initiator set it on the command.

5. Login Response Status Table:

   You should remove code 0002 since it is no longer needed.
   You might also want to remove code 0001, since it seems
   to now provide redundant information with the CNxSG field,
   and remove or simplify the note about status code 0000.

6. End of section 4.1:

   Remove text about when IIN and ITN can be sent, since they
   are now required in the initial Login request.

   Move the sentence:

      The iSCSI Names MUST be in text command format.

   To the paragraph near the begining of section 4 that
   starts "The initial Login request MUST include the
   InitiatorName ...."


Regards,
Steve Senum

References:
- iSCSI - Login changes and the latest agreements
  - From: "Julian Satran" <Julian_Satran@il.ibm.com>

Prev by Date: RE: IKE and iSCSI Authentication
Next by Date: iSCSI: Public Key Method
Prev by thread: iSCSI - Login changes and the latest agreements
Next by thread: Re: iSCSI - Login changes and the latest agreements
Index(es):
- Date
- Thread

Home

Last updated: Tue Sep 04 01:03:48 2001
6315 messages in chronological order