Re: iSCSI: Security Phase Question

To: Steve Senum <ssenum@cisco.com>
Subject: Re: iSCSI: Security Phase Question
From: "Julian Satran" <Julian_Satran@il.ibm.com>
Date: Fri, 23 Aug 2002 11:21:34 +0300
Cc: ietf-ips <ips@ece.cmu.edu>
Content-Type: multipart/alternative; boundary="=_alternative 002C859FC2256C1E_="
Sender: owner-ips@ece.cmu.edu

the lucky number is 2 - julo

Steve Senum <ssenum@cisco.com>

08/22/2002 11:56 PM

To: ietf-ips <ips@ece.cmu.edu>
cc: Julian Satran/Haifa/IBM@IBMIL
Subject: iSCSI: Security Phase Question

Hi Julian,

I have a question on Security Phase negotiation. From section 4.3.1:

If the initiator is willing to negotiate iSCSI security, but is
unwilling to make the initial parameter proposal and may accept a
connection without iSCSI security, it issues the Login with the T bit
set to 1, the CSG set to SecurityNegotiation, and NSG set to LoginOp-
erationalNegotiation. If the target is also ready to skip security,
the login response contains only the TargetPortalGroupTag key (see
Section 11.9 TargetPortalGroupTag), the T bit set to 1, the CSG set
to SecurityNegotiation, and NSG set to LoginOperationalNegotiation.

My question is, what should the Target do if the Initiator issues
the Login with the T bit set to 0 and the Target does want to
negotiate iSCSI security (AuthMethod).

1. Keep replying with an empty login with T=0 until the
Initiator sends T=1.
2. Reply immediately with T=0 and AuthMethod.
3. Decide this is a protocol error and close the connection.
4. Do something else?

Regards,
Steve Senum

Prev by Date: Spice girls' vocal concert
Next by Date: RE: iSCSI-Eddy Quicksall's diagrams available
Prev by thread: iSCSI: Security Phase Question
Next by thread: Spice girls' vocal concert
Index(es):
- Date
- Thread

Home

Last updated: Fri Aug 23 10:18:53 2002
11667 messages in chronological order