RE: iSCSI boot
"Douglas Otis" <dotis@sanlight.net> Fri, 25 May 2001 23:18 UTC
Received: from ece.cmu.edu ([128.2.236.200]) by ietf.org (8.9.1a/8.9.1a) with SMTP id TAA27064 for <ips-archive@odin.ietf.org>; Fri, 25 May 2001 19:18:50 -0400 (EDT)
Received: (from majordom@localhost) by ece.cmu.edu (8.11.0/8.10.2) id f4PLXpT06130 for ips-outgoing; Fri, 25 May 2001 17:33:51 -0400 (EDT)
X-Authentication-Warning: ece.cmu.edu: majordom set sender to owner-ips@ece.cmu.edu using -f
Received: from gateway.sanlight.org (adsl-63-202-160-80.dsl.snfc21.pacbell.net [63.202.160.80]) by ece.cmu.edu (8.11.0/8.10.2) with ESMTP id f4PLXn306126 for <ips@ece.cmu.edu>; Fri, 25 May 2001 17:33:50 -0400 (EDT)
Received: from ljoy (10.0.0.18.lan.sanlight.net [10.0.0.18]) by gateway.sanlight.org (8.11.0/8.11.0) with SMTP id f4PMee185167; Fri, 25 May 2001 15:40:40 -0700 (PDT) (envelope-from dotis@sanlight.net)
From: Douglas Otis <dotis@sanlight.net>
To: David Robinson <David.Robinson@EBay.Sun.COM>, ips@ece.cmu.edu
Subject: RE: iSCSI boot
Date: Fri, 25 May 2001 14:31:23 -0700
Message-ID: <NEBBJGDMMLHHCIKHGBEJKEBACIAA.dotis@sanlight.net>
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0)
In-Reply-To: <3B0EB875.DAE93D98@ebay.sun.com>
Importance: Normal
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200
Sender: owner-ips@ece.cmu.edu
Precedence: bulk
Content-Transfer-Encoding: 7bit
David, I think you misunderstand where this code would exist. It would not be within the DHCP/PXE PROM code. Use the existing environment and previously defined parameters in conjunction with existing servers and existing protocols. Doug > Douglas Otis wrote: > > If there already is a means of discovering either LDAP or SLP > in conjunction > > with DCHP together will some security features defined within the PXE > > specification, then adding iSCSI specific information is not really > > required. If you assume there is security present within LDAP > and there is > > a defined schema, the ability to retrieve information related > to things like > > ISID, Initiator Name, Target Name, mount point, etc can be made > available > > through those standard services with security providing the > initial filter. > > LDAP can store state as it is commonly used to keep password > counts and the > > like. It is not a direct property of LDAP, but a well structured schema > > should make this task easier. I know that I will hear, "Send > in the Draft" > > but until there is consensus as to what is needed and how it is > to be used, > > it would be a likely futile venture. > > I think you are over complicating things Doug. We already have a well > defined > standard for Network Adapters to discover their identity and their > "root" > storage device using DHCP. All that is really needed by the IPS WG is > to define > the syntax and semantics of the string that indicates where the iSCSI > target is. > > While LDAP provides a lot of features and can easily be used as the > directory > service behind a DHCP server (and in fact is often is), it is highly > unlikely > that vendors will embed LDAP into the PROMs of their adapters to > retrieve > a simple string that can just as easily be served using their existing > DHCP/PXE > PROMs. > > Security is actively being worked on the the DHCP community so that > is something that iSCSI can leverage. > (draft-ietf-dhc-authentication-16.txt) > > So I won't say "Send in a Draft" but instead "The IESG won't let us > reinvent existing protocols". > > -David >
- iSCSI and secure boot Bernard Aboba
- Re: iSCSI boot David Robinson
- Re: iSCSI boot David Robinson
- RE: iSCSI boot Douglas Otis
- RE: iSCSI boot Douglas Otis
- iSCSI boot Black_David
- RE: iSCSI boot Douglas Otis