SORT BY:

LIST ORDER
THREAD
AUTHOR
SUBJECT


SEARCH

IPS HOME


    [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

    iSCSI: Security Phase Question



    Hi Julian,
    
    I have a question on Security Phase negotiation.  From section 4.3.1:
     
      If the initiator is willing to negotiate iSCSI security, but is 
      unwilling to make the initial parameter proposal and may accept a 
      connection without iSCSI security, it issues the Login with the T bit 
      set to 1, the CSG set to SecurityNegotiation, and NSG set to LoginOp-
      erationalNegotiation. If the target is also ready to skip security, 
      the login response contains only the TargetPortalGroupTag key (see 
      Section 11.9 TargetPortalGroupTag), the T bit set to 1, the CSG set 
      to SecurityNegotiation, and NSG set to LoginOperationalNegotiation.
    
    My question is, what should the Target do if the Initiator issues
    the Login with the T bit set to 0 and the Target does want to
    negotiate iSCSI security (AuthMethod).
    
    1. Keep replying with an empty login with T=0 until the
       Initiator sends T=1.
    2. Reply immediately with T=0 and AuthMethod.
    3. Decide this is a protocol error and close the connection.
    4. Do something else?
    
    Regards,
    Steve Senum
    


Home

Last updated: Fri Aug 23 16:18:59 2002
11668 messages in chronological order