Auth method negotiation

[Chirag Wighe <chirag.wighe@windriver.com>]

Hi

In section 10.4 in Draft v13 it says
"The AuthMethod selection is followed by an "authentication exchange" 
specific to the authentication method selected. "
Should the "is" be replaced by a "MUST" for any AuthMethod selection other 
than "None"?

As an example closely related to one in the Appendix.
If the login begins as

I- Login (CSG,NSG=0,1 T=1)
InitiatorName=iqn.1999-07.com.os.hostid.77
TargetName=iqn.1999-07.com.acme.diskarray.sn.88
AuthMethod=KRB5,SRP,CHAP,None

And the target chooses CHAP.
One question that I have is whether choosing CHAP implies the statement in 
section 4.3
"Targets MUST NOT submit parameters that require an additional initiator 
login request in a login response with the T bit set to 1."
So if the target chooses CHAP,  does it imply that it expects a CHAP_A 
response and is not permitted to set the T bit to one even if the target is 
not interested in authenticating the initiator.
So is the following reply illegal?
T- Login-PR (CSG,NSG=1,0 T=1)
AuthMethod=CHAP

If the above is not illegal, then if the initiator is also not interested 
in authenticating the target, can the initiator transition to the next stage.

I realize that the above problem might only be a syntactic one as the 
proper ordering of Auth Methods in the requests sent by the initiator not 
interested in Authentication would be for None to precede other options and 
the target will then choose None if it is also not interested in 
authentication either.

Thanks
Chirag Wighe
Software Development Engineer
Wind River Systems