iSCSI: Security Phase Question

To: ietf-ips <ips@ece.cmu.edu>
Subject: iSCSI: Security Phase Question
From: Steve Senum <ssenum@cisco.com>
Date: Thu, 22 Aug 2002 15:56:10 -0500
CC: Julian Satran <julian_satran@il.ibm.com>
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset=us-ascii
Sender: owner-ips@ece.cmu.edu

Hi Julian,

I have a question on Security Phase negotiation.  From section 4.3.1:
 
  If the initiator is willing to negotiate iSCSI security, but is 
  unwilling to make the initial parameter proposal and may accept a 
  connection without iSCSI security, it issues the Login with the T bit 
  set to 1, the CSG set to SecurityNegotiation, and NSG set to LoginOp-
  erationalNegotiation. If the target is also ready to skip security, 
  the login response contains only the TargetPortalGroupTag key (see 
  Section 11.9 TargetPortalGroupTag), the T bit set to 1, the CSG set 
  to SecurityNegotiation, and NSG set to LoginOperationalNegotiation.

My question is, what should the Target do if the Initiator issues
the Login with the T bit set to 0 and the Target does want to
negotiate iSCSI security (AuthMethod).

1. Keep replying with an empty login with T=0 until the
   Initiator sends T=1.
2. Reply immediately with T=0 and AuthMethod.
3. Decide this is a protocol error and close the connection.
4. Do something else?

Regards,
Steve Senum

Prev by Date: Re: typo in Appendix D SendTargets Operation
Next by Date: Spice girls' vocal concert
Prev by thread: A couple of syntax errors in working draft
Next by thread: Re: iSCSI: Security Phase Question
Index(es):
- Date
- Thread

Home

Last updated: Fri Aug 23 16:18:59 2002
11668 messages in chronological order