SORT BY:

LIST ORDER
THREAD
AUTHOR
SUBJECT


SEARCH

IPS HOME


    [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

    Re: iSCSI: Security Phase Question




    the lucky number is 2 - julo


    Steve Senum <ssenum@cisco.com>

    08/22/2002 11:56 PM

           
            To:        ietf-ips <ips@ece.cmu.edu>
            cc:        Julian Satran/Haifa/IBM@IBMIL
            Subject:        iSCSI: Security Phase Question

           


    Hi Julian,

    I have a question on Security Phase negotiation.  From section 4.3.1:

     If the initiator is willing to negotiate iSCSI security, but is
     unwilling to make the initial parameter proposal and may accept a
     connection without iSCSI security, it issues the Login with the T bit
     set to 1, the CSG set to SecurityNegotiation, and NSG set to LoginOp-
     erationalNegotiation. If the target is also ready to skip security,
     the login response contains only the TargetPortalGroupTag key (see
     Section 11.9 TargetPortalGroupTag), the T bit set to 1, the CSG set
     to SecurityNegotiation, and NSG set to LoginOperationalNegotiation.

    My question is, what should the Target do if the Initiator issues
    the Login with the T bit set to 0 and the Target does want to
    negotiate iSCSI security (AuthMethod).

    1. Keep replying with an empty login with T=0 until the
      Initiator sends T=1.
    2. Reply immediately with T=0 and AuthMethod.
    3. Decide this is a protocol error and close the connection.
    4. Do something else?

    Regards,
    Steve Senum




Home

Last updated: Fri Aug 23 10:18:53 2002
11667 messages in chronological order