SORT BY:

LIST ORDER
THREAD
AUTHOR
SUBJECT


SEARCH

IPS HOME


    [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

    RE: Regarding CSG and NSG



    Matthew,

              Yes I am setting the T bit to 1, and CSG = 0 and NSG = 1  in my login response.

    But the initiator seems to drop the connection and trying to set up a new connection.

     

    The following is the complete procedure,

    Login Request   T = 1, CSG = 0, NSG = 1 (auth = None, session type = Discovery)

    Login Response T  = 1, CSG = 0, NSG = 1.

     

    Should I set the the T = 0, CSG = 1, NSG = x ?

     

    -- Sajjan

     

    -----Original Message-----
    From: BURBRIDGE,MATTHEW (HP-UnitedKingdom,ex2) [mailto:matthew_burbridge@hp.com]
    Sent:
    Thursday, July 25, 2002 1:53 PM
    To: 'Rao, Sajjan'; ips@ece.cmu.edu
    Subject: RE: Regarding CSG and NSG

     

    Sajjan,

     

    It depends whether the initiator has its T bit set.  If T=0 then the initiator is saying that it is security phase and is not yet ready to move to the next phase (NSG=ignore: if T=0, NSG is reserved). This implies that it does want to negotiate security (i.e. authentication).  If T=1, it says that is has no more security to negotiate and is ready to move to operational phase (as NSG=1) when the target says it's ready.  In the latter of these two options (T=1,CSG=0,NSG=1) then the initiator is giving the target chance to start authentication.

     

    Alternatively, if the initiator does not want to negotiate security it can set CSG=1 in the initial login.  This removes one message exchange if the target does not want to negotiate security but runs the risk of receiving a login failure if the target does want to negotiate security. If it wants to negotiate parameters then: T=0,CSG=1,NSG=reserved.  If it does not want to negotiate text parameters then T=1, CSG=1, NSG=3.

     

    In your example I am presuming that T=1 in 1). which is fine. Initiator is giving the target the opportunity to negotiate security but does not wish to start it itself.  In 2), the T bit MUST be 0 as it can not be the final login response.  The target is informing the initiator that it is happy to enter operational phase (CSG=1).  As the T bit must be 0 in 2) NSG = reserved.

     

        1) Suppose the initiator sets T=1, CSG = 0 and NSG = 1  in login request, and says requires no authentication.

     

        2) Can the target set the CSG = 1 and NSG = full feature phase, in its login response?  NO

     

        It should be

     

     

        2) Can the target set the T=0, CSG = 1 and NSG = reserved, in its login response?

     

     

    Matthew Burbridge
    Principal Engineer
    Nearline NSS
    Bristol

    Hewlett Packard
    Tel: +44 117 312 7010
    E-mail:
    matthewb@bri.hp.com


    -----Original Message-----
    From: Rao, Sajjan [mailto:sajjan_rao@adaptec.com]
    Sent:
    Thursday, July 25, 2002 5:53 AM
    To: ips@ece.cmu.edu
    Subject: Regarding CSG and NSG

    Hi,

        I have a couple of questions.

    1) Suppose the initiator sets CSG = 0 and NSG = 1 in login request, and says requires no authentication.

    2) Can the target set the CSG = 1 and NSG = full feature phase, in its login response?

     

    Sajjan



Home

Last updated: Tue Jul 30 10:39:10 2002
11481 messages in chronological order