Re: iscsi : HeaderDigest & DataDigest as operational keys ?

[Mark Bakke <mbakke@cisco.com>]

I agree with Santosh; the keys are in with security for
purely historical reasons, since there used to be a few
cryptographic digest methods defined that depended on the
authentication methods.

Santosh Rao wrote:
> 
> Julian,
> 
> Can the keys HeaderDigest & DataDigest be moved to operational keys,
> instead of their current location in security keys ?
> 
> This would allow an initiator that is using header & data digests, but
> no security authentication to complete all of its login key negotiation
> in 1 phase, namely, the operational phase. It reduces login to a single
> handshake for initiators that do not perform security authentication.
> 
> The digest keys are meant for data integrity rather than security and I
> am wondering why they need to be placed in the security keys (?).
> 
> Thanks,
> Santosh
> 
> --
> ##################################
> Santosh Rao
> Software Design Engineer,
> HP-UX iSCSI Driver Team,
> Hewlett Packard, Cupertino.
> email : santoshr@cup.hp.com
> Phone : 408-447-3751
> ##################################

-- 
Mark A. Bakke
Cisco Systems
mbakke@cisco.com
763.398.1054