iSCSI: security conflict

To: <julian_satran@il.ibm.com>, <ips@ece.cmu.edu>
Subject: iSCSI: security conflict
From: "Eddy Quicksall" <EQuicksall@mediaone.net>
Date: Fri, 6 Jul 2001 14:34:29 -0400
Content-Transfer-Encoding: 7bit
Content-Type: text/plain;charset="iso-8859-1"
Importance: Normal
Sender: owner-ips@ece.cmu.edu

draft 06-92:

In section "4.2 iSCSI Security and Integrity Negotiation"  it says:

   The security exchange sets the security mechanism and authenticates
   the user and the target to each other. The exchange proceeds
   according to the algorithms that were chosen in the negotiation phase
   and is conducted by the text commands key=value parameters.

   The negotiation proceeds as follows:

      -The initiator sends a text command with an ordered list of the
      options it supports for each subject (authentication algorithm,

But a few lines down it says:

      If security is to be established,
      the initiator MUST NOT send parameters other than security
      parameters in the login command.

These two statements conflict because the 1st says he must send security
parameters in text commands but the 2nd says "login command".

The examples clearly point out that security commands can be in the Login
command.

Maybe the above text should be changed to "by the login/text commands" and
"sends a login/text command".

Comments anyone?

Eddy_Quicksall@iVivity.com

Follow-Ups:
- Re: iSCSI: security conflict
  - From: Stephen Bailey <steph@cs.uchicago.edu>

Prev by Date: Sense data and Response Data
Next by Date: Re: iSCSI: security conflict
Prev by thread: Re: FW: Sense data and Response Data
Next by thread: Re: iSCSI: security conflict
Index(es):
- Date
- Thread

Home

Last updated: Tue Sep 04 01:04:21 2001
6315 messages in chronological order