iSCSI - long key values

["Julian Satran" <Julian_Satran@il.ibm.com>]

Dear colleagues,

Ofer brought recently to my attention that some security key values are
likely to exceed our stated limit
of 255 bytes for a value.  A good example may be a certificate (or chained
certificate).

We have to enable those to be in the Login phase.

To handle this we might want to consider the following options (but not
only those):

   enable a "long hexadecimal coding" that should indicate a "long" value
   (e.g. use 0L instead of 0x) and raise the limit for those keys to
   something longer (say 3072 bytes?)
   enable "concatenated" values and indicate them through a "coding scheme"
   as follows:
     the value "0sxx" indicates a name suffix (as in "key = 0s08" means
     that the keys "key00" , "key01" etc) have to be concatenated
     use the "suffixed keys" to "build the value"
   use a named key coding (as in "0Nname" in a value means that you have to
   use later get=value to get a "binary response" containing the whole
   binary object)


I  think that option 2 (limited to a 3 digit prefix?) covers well what we
need and offers some extension space and option 1 is probably good enough
for certificates.

Comments?

Julo