SORT BY:

LIST ORDER
THREAD
AUTHOR
SUBJECT


SEARCH

IPS HOME


    [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

    Re: iSCSI: use of Text/Login with no data segment



    --- Julian Satran <Julian_Satran@il.ibm.com> wrote:
    
    > On a second though the following text may be more
    > appropriate:
    > 
    > A target or initiator MUST NOT use a Text/Login
    > Response or Text/
    > Login Request with no data segment
    > (DataSegmentLength 0) unless explicitly 
    > required by a general or a key-specific negotiation
    > rule.
    
    I think the words are unnecessarily strong and
    disallow such nice guestures as "please, you
    speak first" from the iSCSI nodes...
    
    > As it cover all the cases in which we  wanted to
    > avoid abuse.
    
    IMHO, you cannot really cover all abuse cases.
    What you have achieved is that the "abuser"
    (the guy, who says, "please, you first") now
    has to be a little more sophisticated, and instead
    of sending an empty data segment send the following:
    X-vendor_addr-you_speak_first-bogus_key_nr_x=yes.
    Whatever the response to this particular key is
    irrelevant, of course. But it achieved approximately
    the same effect as an empty PDU, and it can be used
    to abuse the negotiation process.
    
    This said, I don't think that the potential for
    abuse can be helped, nor do I think it is necessary
    to try to prevent all abuse. That's why I think
    this new wording was unnecessary, but it isn't 
    really worth fighting over either.
    
    Martins Krikis, Intel Corp.
    
    Disclaimer: these are my own opinions and
                may not be my employer's.
    
    
    __________________________________________________
    Do You Yahoo!?
    Yahoo! - Official partner of 2002 FIFA World Cup
    http://fifaworldcup.yahoo.com
    


Home

Last updated: Mon Jun 17 18:18:47 2002
10862 messages in chronological order