|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Auth method negotiationHi In section 10.4 in Draft v13 it says "The AuthMethod selection is followed by an "authentication exchange" specific to the authentication method selected. " Should the "is" be replaced by a "MUST" for any AuthMethod selection other than "None"? As an example closely related to one in the Appendix. If the login begins as I- Login (CSG,NSG=0,1 T=1) InitiatorName=iqn.1999-07.com.os.hostid.77 TargetName=iqn.1999-07.com.acme.diskarray.sn.88 AuthMethod=KRB5,SRP,CHAP,None And the target chooses CHAP. One question that I have is whether choosing CHAP implies the statement in section 4.3 "Targets MUST NOT submit parameters that require an additional initiator login request in a login response with the T bit set to 1." So if the target chooses CHAP, does it imply that it expects a CHAP_A response and is not permitted to set the T bit to one even if the target is not interested in authenticating the initiator. So is the following reply illegal? T- Login-PR (CSG,NSG=1,0 T=1) AuthMethod=CHAP If the above is not illegal, then if the initiator is also not interested in authenticating the target, can the initiator transition to the next stage. I realize that the above problem might only be a syntactic one as the proper ordering of Auth Methods in the requests sent by the initiator not interested in Authentication would be for None to precede other options and the target will then choose None if it is also not interested in authentication either. Thanks Chirag Wighe Software Development Engineer Wind River Systems
Home Last updated: Fri Jun 21 17:18:44 2002 10927 messages in chronological order |