Protocol Action: 'Finding Internet Small Computer Systems Interface (iSCSI) Targets and Name Servers using Service Location Protocol version 2 (SLPv2)' to Proposed Standard

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

The IESG has approved the following document:

- 'Finding Internet Small Computer Systems Interface (iSCSI) Targets and Name 
   Servers using Service Location Protocol version 2 (SLPv2) '
   <draft-ietf-ips-iscsi-slp-09.txt> as a Proposed Standard

This document is the product of the IP Storage Working Group. 

The IESG contact persons are Allison Mankin and Jon Peterson.

Technical Summary

     This document defines the use of SLPv2 by iSCSI hosts, devices and
     management services, along with the SLP service type templates for
     describing these uses, and security considerations for uses.  The
     iSCSI protocol provides a way for hosts to access SCSI devices over
     TCP/IP.  

     
Working Group Summary

    The Working Group had consensus to advance this document to Proposed
    Standard. The SLPv2 and discovery aspects were given review and
    discussion on the mailing list by Erik Guttman and James Kempf, and this
    was an active discussion.   This document had a significant following
    IESG review which observed that security policy was exposed.  Now
    security policy-related information may be handled only if mandatory 
    security mechanisms are in use.
    
Protocol Quality

    The documents were reviewed for the IESG by Erik Guttman, James Kempf,
    Thomas Narten and Allison Mankin.    David Black has shepherded the 
    document, under the PROTO experiment.

RFC Editor Note

Section 6.1 Security Implementation

First paragraph:
OLD:
   Security for SLPv2 in an IP storage environment is specified in
   [RFC3723].

NEW:
   Security for SLPv2 in an IP storage environment is specified in
   [RFC3723].  IPsec is mandatory-to-implement for IPS clients and
   servers.  Thus, all IP storage clients, including those invoking SLP,
   can be assumed to support IPsec.  SLP servers, however, cannot be
   assumed to implement IPsec, since there is no such requirement in
   standard SLP.  In particular, SLP Directory Agents (DA) may be
   running on machines other than those running the IPS protocols.

Third paragraph:
OLD:
   SLPv2 authentication is OPTIONAL to implement and use, and SLPv2
   authentication SHOULD be implemented when IPsec is not supported.

NEW:   
   Because the IP storage services have their own authentication
   capabilities when located, SLPv2 authentication is OPTIONAL to
   implement and use (as discussed in more detail in [RFC3723]).


_______________________________________________

IETF-Announce@ietf.org
https://www1.ietf.org/mailman/listinfo/ietf-announce
[Index of Archives]     [IETF]     [IETF Discussion]     [Linux Kernel]

  Powered by Linux