RE: Login Proposal

To: "'Ayman Ghanem'" <aghanem@cisco.com>, ips@ece.cmu.edu
Subject: RE: Login Proposal
From: "KRUEGER,MARJORIE (HP-Roseville,ex1)" <marjorie_krueger@hp.com>
Date: Wed, 22 Aug 2001 13:53:35 -0400
Content-Type: text/plain;charset="iso-8859-1"
Sender: owner-ips@ece.cmu.edu


> One comment though. If the initiator has no security 
> parameters to negotiate
> (implied by absence of all 4 security keys), then the 
> initiator should be
> allowed to include the operational parameters in the login 
> cmd and set F=1.
> This would conclude the login in just one exchange (unless the target
> restarts the negotiation).
> 
> -Ayman
> 

The login proposal is a result of the groups decision (in London IETF) to
make login deterministic (simplify implementation) and to that end it was
agreed to separate login into two phases: security and operational
parameter.  The reason for this has been discussed extensively on this list
(see emails discussing UNH plugfest results).  What you suggest has caused
problems in practical implementation.  The security phase must be agreed to
be complete before it's safe to negotiate operational parameters, and the
target must have a "say" in the security negotiations before this phase can
be considered complete.

Marj

Prev by Date: RE: iSCSI: Login Proposal
Next by Date: RE: iSCSI: Login Proposal
Prev by thread: RE: Login Proposal
Next by thread: Login Proposal
Index(es):
- Date
- Thread

Home

Last updated: Mon Feb 25 23:18:02 2002
8887 messages in chronological order