|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: iSCSI: Negotiation clarifications still neededMartin, You don't have to send a declaration but there is no reason to prohibit you from doing so. If you would rather not check type, then don't send any new keys when one is incomplete. Thank you for pointing out that MaxRecvPDUDataSize isn't marked declaritive. It is subject to declaration so it should be marked declaritive and another label should be used to indicate that the key can be send during SecurityNegotiation stage. I suggest that keys that can be sent during SecurityNegatiation stage should have SN added to Use because use has the other information about when a key can be sent. I think clearly identifying which keys are not subject to negotiation is on topic for clarifying negotiation. Declarations are involved in the spanning/non-spanning issue. When one has gotten only a partial key one doesn't know whether it is a declaration or a negotiation. Pat -----Original Message----- From: Martins Krikis [mailto:mkrikis@yahoo.com] Sent: Tuesday, May 28, 2002 2:42 PM To: pat_thaler@agilent.com; Julian_Satran@il.ibm.com; cbm@rose.hp.com Cc: ips@ece.cmu.edu; mkrikis@yahoo.com; pat_thaler@agilent.com Subject: RE: iSCSI: Negotiation clarifications still needed --- pat_thaler@agilent.com wrote: > One could add after the second sentence "It may send > key-value responses > and declarations." I would rather not involve declarations here. It seems like a good idea to remind that responses may be sent, but I don't like having to start checking key types in order to figure out whether I should send it (or whether I can "nail" the other side for sending it :-)). > the sentence: > "Keys which are subject to declaration rather than > negotiation are marked declarative." This isn't entirely true, because MaxRecvPDUDataSize is subject to declaration but isn't marked declarative at the moment. I actually suggest not involving declarations in the non-spanning issue. Yes, we may end up sending a key or two later than would be possible otherwise, but the property that all keys (whether declarative or not) can be treated the same way by far outweighs this. > Ideally one would use different labels to > indicate that a key was subject to declaration and > that it could be sent in SecurityNegotiation stage. True, but we're getting off-topic. P.S. Just because I'm commenting on this does not mean that I've changed my mind about my own proposal---I still think it is simplest. Martins Krikis, Intel Corp. Disclaimer: these opinions are mine and may not be those of my employer. __________________________________________________ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com
Home Last updated: Tue May 28 19:18:34 2002 10363 messages in chronological order |