Re: iSCSI boot
David Robinson <David.Robinson@EBay.Sun.COM> Fri, 25 May 2001 22:01 UTC
Received: from ece.cmu.edu ([128.2.236.200]) by ietf.org (8.9.1a/8.9.1a) with SMTP id SAA25986 for <ips-archive@odin.ietf.org>; Fri, 25 May 2001 18:01:11 -0400 (EDT)
Received: (from majordom@localhost) by ece.cmu.edu (8.11.0/8.10.2) id f4PJsXB28827 for ips-outgoing; Fri, 25 May 2001 15:54:33 -0400 (EDT)
X-Authentication-Warning: ece.cmu.edu: majordom set sender to owner-ips@ece.cmu.edu using -f
Received: from mercury.Sun.COM (mercury.Sun.COM [192.9.25.1]) by ece.cmu.edu (8.11.0/8.10.2) with ESMTP id f4PJsV328823 for <ips@ece.cmu.edu>; Fri, 25 May 2001 15:54:32 -0400 (EDT)
Received: from phys-ha6nwka.ebay.sun.com ([129.149.1.82]) by mercury.Sun.COM (8.9.3+Sun/8.9.3) with ESMTP id MAA14998 for <ips@ece.cmu.edu>; Fri, 25 May 2001 12:54:30 -0700 (PDT)
Received: from ebay.sun.com (jetsun [129.149.169.37]) by phys-ha6nwka.ebay.sun.com (8.9.3+Sun/8.9.3/ENSMAIL, v2.1p1) with ESMTP id MAA02831 for <ips@ece.cmu.edu>; Fri, 25 May 2001 12:54:29 -0700 (PDT)
Message-ID: <3B0EB875.DAE93D98@ebay.sun.com>
Date: Fri, 25 May 2001 12:54:29 -0700
From: David Robinson <David.Robinson@EBay.Sun.COM>
Organization: Sun Microsystems, Inc.
X-Mailer: Mozilla 4.7 [en] (X11; I; SunOS 5.8 sun4u)
X-Accept-Language: en
MIME-Version: 1.0
To: ips@ece.cmu.edu
Subject: Re: iSCSI boot
References: <NEBBJGDMMLHHCIKHGBEJOEAMCIAA.dotis@sanlight.net>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: owner-ips@ece.cmu.edu
Precedence: bulk
Content-Transfer-Encoding: 7bit
Douglas Otis wrote: > If there already is a means of discovering either LDAP or SLP in conjunction > with DCHP together will some security features defined within the PXE > specification, then adding iSCSI specific information is not really > required. If you assume there is security present within LDAP and there is > a defined schema, the ability to retrieve information related to things like > ISID, Initiator Name, Target Name, mount point, etc can be made available > through those standard services with security providing the initial filter. > LDAP can store state as it is commonly used to keep password counts and the > like. It is not a direct property of LDAP, but a well structured schema > should make this task easier. I know that I will hear, "Send in the Draft" > but until there is consensus as to what is needed and how it is to be used, > it would be a likely futile venture. I think you are over complicating things Doug. We already have a well defined standard for Network Adapters to discover their identity and their "root" storage device using DHCP. All that is really needed by the IPS WG is to define the syntax and semantics of the string that indicates where the iSCSI target is. While LDAP provides a lot of features and can easily be used as the directory service behind a DHCP server (and in fact is often is), it is highly unlikely that vendors will embed LDAP into the PROMs of their adapters to retrieve a simple string that can just as easily be served using their existing DHCP/PXE PROMs. Security is actively being worked on the the DHCP community so that is something that iSCSI can leverage. (draft-ietf-dhc-authentication-16.txt) So I won't say "Send in a Draft" but instead "The IESG won't let us reinvent existing protocols". -David
- iSCSI and secure boot Bernard Aboba
- Re: iSCSI boot David Robinson
- Re: iSCSI boot David Robinson
- RE: iSCSI boot Douglas Otis
- RE: iSCSI boot Douglas Otis
- iSCSI boot Black_David
- RE: iSCSI boot Douglas Otis