[Docs] [txt|pdf] [Tracker] [WG] [Email] [Diff1] [Diff2] [Nits]

Versions: 00 01 02 03 RFC 4850

IP Storage Working Group                                  D. Wysochanski
Internet-Draft                                         November 21, 2006
Updates: 3720 (if approved)
Intended status: Standards Track
Expires: May 25, 2007


      Declarative Public Extension Key for iSCSI Node Architecture
                draft-ietf-ips-iscsi-nodearch-key-03.txt

Status of this Memo

   By submitting this Internet-Draft, each author represents that any
   applicable patent or other IPR claims of which he or she is aware
   have been or will be disclosed, and any of which he or she becomes
   aware will be disclosed, in accordance with Section 6 of BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF), its areas, and its working groups.  Note that
   other groups may also distribute working documents as Internet-
   Drafts.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   The list of current Internet-Drafts can be accessed at
   http://www.ietf.org/ietf/1id-abstracts.txt.

   The list of Internet-Draft Shadow Directories can be accessed at
   http://www.ietf.org/shadow.html.

   This Internet-Draft will expire on May 25, 2007.

Copyright Notice

   Copyright (C) The Internet Society (2006).













Wysochanski               Expires May 25, 2007                  [Page 1]

Internet-Draft           iSCSI Node Architecture           November 2006


Abstract

   The iSCSI protocol, described in RFC 3720 [2], allows for extension
   items to the protocol in the form of Private or Public Extension
   Keys.  This Internet-Draft describes a Public Extension Key for the
   purpose of enhancing iSCSI supportability.  The key accomplishes this
   objective by allowing iSCSI nodes to communicate architecture details
   during the iSCSI login sequence.  The receiving node can then use
   this information for enhanced logging and support.  This document
   updates RFC 3720 to allow iSCSI extension items to be defined by
   standards track RFCs and experimental RFCs in addition to
   informational RFCs.







































Wysochanski               Expires May 25, 2007                  [Page 2]

Internet-Draft           iSCSI Node Architecture           November 2006


1.  Introduction

1.1.  Terminology

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in RFC 2119 [1].

1.2.  Overview

   This Internet-Draft describes a declarative Public Extension Key as
   defined by section 12.22 of RFC 3720 [2] that may be used to
   communicate additional iSCSI node information to the peer node in a
   session.  The information carried in the described key has been found
   to be valuable in real iSCSI customer environments as initiator and
   target vendors collaborate to resolve technical issues and better
   understand the interaction of iSCSI implementations.

   The key has been modeled after the HTTP "Server" and "User-Agent"
   header fields as specified in sections 14.38 and 14.43 of RFC 2616
   [3], with the text-value(s) of the key roughly equivalent to Product
   Tokens in section 3.8 of RFC 2616 [3].  Note however that the text-
   value(s) in the key's list-of-values MUST conform to the Text Format
   as specified in section 5.1 of RFC 3720 [2].

   The key is sent during operational parameter negotiation of an iSCSI
   session's login phase.  The intended use of this key is to provide
   enhanced logging and support capabilities, and to enable collection
   of iSCSI implementation and usage information.






















Wysochanski               Expires May 25, 2007                  [Page 3]

Internet-Draft           iSCSI Node Architecture           November 2006


2.  Definition

   The definition of the key is as follows, conforming to sections 11
   and 12 of RFC 3720 [2], with example list-of-values conforming to
   section 5.1 of RFC 3720 [2].

   The key is defined with a Use of "LO", making it a Leading Only key,
   and does not modify sections 11 or 12 of RFC 3720 [2].  Thus, the key
   MUST only be sent on the leading connection, MUST NOT be changed
   after the leading connection login, and MUST only be sent after the
   security negotiation login stage has completed (during operational
   negotiation login stage).  The key may be sent during normal or
   discovery sessions.

2.1.  X#NodeArchitecture

   Use: LO, Declarative
   Senders: Initiator and Target
   Scope: SW

   X#NodeArchitecture=<list-of-values>

   Examples:

      X#NodeArchitecture=ExampleOS/v1234,ExampleInc_SW_Initiator/1.05a
      X#NodeArchitecture=ExampleInc_HW_Initiator/4010,Firmware/2.0.0.5
      X#NodeArchitecture=ExampleInc_SW_Initiator/2.1,CPU_Arch/i686

   The initiator or target declares the details of its iSCSI node
   architecture to the remote endpoint.  These details may include, but
   are not limited to, iSCSI vendor software, firmware, or hardware
   versions, the OS version, or hardware architecture.

   The length of the key value (total length of the list-of-values) MUST
   NOT be greater than 255 bytes.

   X#NodeArchitecture MUST NOT be redeclared.














Wysochanski               Expires May 25, 2007                  [Page 4]

Internet-Draft           iSCSI Node Architecture           November 2006


3.  Implementation

   Functional behavior of the iSCSI node (this includes the iSCSI
   protocol logic -- the SCSI, iSCSI, and TCP/IP protocols) MUST NOT
   depend on the presence, absence, or content of the key.  The key MUST
   NOT be used by iSCSI nodes for interoperability, or exclusion of
   other nodes.  To ensure proper use, key values SHOULD be set by the
   node itself, and there SHOULD NOT be provisions for the key values to
   contain user-defined text.

   Nodes implementing this key MAY choose to only transmit the key, only
   log the key values received from other nodes, or both transmit and
   log the key values.  Each node choosing to implement transmission of
   the key values MUST be prepared to handle the response of RFC 3720
   [2] compliant nodes that do not understand the key (RFC 3720 [2]
   states that compliant nodes MUST respond with
   X#NodeArchitecture=NotUnderstood).

   Nodes that implement transmission and/or logging of the key values
   may also implement administrative mechanisms that disable and/or
   change the logging and key transmission detail (see Security
   Considerations).  Thus, a valid implementation of this key may be
   that a node is completely silent (the node does not transmit any key
   value, and simply discards any key values it receives without issuing
   a NotUnderstood response).


























Wysochanski               Expires May 25, 2007                  [Page 5]

Internet-Draft           iSCSI Node Architecture           November 2006


4.  Security Considerations

   This extension key transmits specific implementation details about
   the node that sends it; such details may be considered sensitive in
   some environments.  For example, if a certain software or firmware
   version is known to contain security weaknesses, announcing the
   presence of that version via this key may not be desirable.  The
   countermeasures for this security concern are:

   o  sending less detailed information in the key values, or

   o  not sending the extension key, or

   o  using IPsec to provide confidentiality for the iSCSI connection on
      which the key is sent (see RFC 3720 [2] and RFC 3723 [4]).

   To support the first and second countermeasures, all implementations
   of this extension key MUST provide an administrative mechanism to
   disable sending the key.  In addition, all implementations SHOULD
   provide an administrative mechanism to configure a verbosity level of
   the key value, thereby controlling the amount of information sent.
   For example, a lower verbosity might enable transmission of node
   architecture component names only, but no version numbers.

   The choice of which countermeasure is most appropriate depends on the
   environment.  However, sending less detailed information in the key
   values may be an acceptable countermeasure in many environments,
   since it provides a compromise between sending too much information
   and the other more complete countermeasures of not sending the key at
   all or using IPsec.

   In addition to security considerations involving transmission of the
   key contents, any logging method(s) used for the key values MUST keep
   the information secure from intruders.  For all implementations, the
   requirements to address this security concern are:

   o  display of the log MUST only be possible with administrative
      rights to the node

   o  options to disable logging to disk and to keep logs for a fixed
      duration SHOULD be provided

   Finally, it is important to note that different nodes may have
   different levels of risk, and these differences may affect the
   implementation.  The components of risk include assets, threats, and
   vulnerabilities.  Consider the following example iSCSI nodes, which
   demonstrate differences in assets and vulnerabilities of the nodes,
   and as a result, differences in implementation:



Wysochanski               Expires May 25, 2007                  [Page 6]

Internet-Draft           iSCSI Node Architecture           November 2006


   o  One iSCSI target based on a special-purpose operating system.
      Since the iSCSI target controls access to the data storage
      containing company assets, the asset level is seen as very high.
      Also, because of the special-purpose operating system, in which
      vulnerabilities are less well-known, the vulnerability level is
      viewed as low.

   o  Multiple iSCSI initiators in a blade farm, each running a general-
      purpose operating system.  The asset level of each node is viewed
      as low, since blades are replaceable and low cost.  However, the
      vulnerability level is viewed as high, since there are many well-
      known vulnerabilities to the general-purpose operating system.

   For the above target, an appropriate implementation might be logging
   of received key values, but no transmission of the key.  For the
   initiators, an appropriate implementation might be transmission of
   the key, but no logging of received key values.


































Wysochanski               Expires May 25, 2007                  [Page 7]

Internet-Draft           iSCSI Node Architecture           November 2006


5.  IANA Considerations

   The standards action of this document updates RFC 3720 to allow any
   iSCSI extension item, specifically X# extension text keys, Y# digest
   algorithms, and Z# authentication methods, to be defined by a
   standards track RFC or experimental RFC in addition to an
   informational RFC.  This document is a standards track RFC that
   defines an X# extension text key.

   The IANA iSCSI Extended Key registry does not correspond to RFC 3720
   that defined it.  The registry should contain three fields for each
   extended key:

   o  Key Name

   o  Description

   o  Reference

   IANA should modify the registry accordingly.

   IANA should register this key as follows:

   o  Key Name: X#NodeArchitecture

   o  Description: Node architecture details

   o  Reference: [this RFC-to-be]

   -- RFC Editor: The text from "The IANA iSCSI Extended Key" through
   "modify the registry accordingly." should be removed after the IANA
   actions for this document are performed prior to RFC publication.



















Wysochanski               Expires May 25, 2007                  [Page 8]

Internet-Draft           iSCSI Node Architecture           November 2006


6.  References

6.1.  Normative References

   [1]  Bradner, S., "Key words for use in RFCs to Indicate Requirement
        Levels", BCP 14, RFC 2119, March 1997.

   [2]  Satran, J., Meth, K., Sapuntzakis, C., Chadalapaka, M., and E.
        Zeidner, "Internet Small Computer Systems Interface (iSCSI)",
        RFC 3720, April 2004.

6.2.  Informative References

   [3]  Fielding, R., Gettys, J., Mogul, J., Frystyk, H., Masinter, L.,
        Leach, P., and T. Berners-Lee, "Hypertext Transfer Protocol --
        HTTP/1.1", RFC 2616, June 1999.

   [4]  Aboba, B., Tseng, J., Walker, J., Rangan, V., and F. Travostino,
        "Securing Block Storage Protocols over IP", RFC 3723,
        April 2004.































Wysochanski               Expires May 25, 2007                  [Page 9]

Internet-Draft           iSCSI Node Architecture           November 2006


Appendix A.  Acknowledgments

   The IP Storage (ips) Working Group in the Transport Area of IETF has
   been responsible for defining the iSCSI protocol (apart from a host
   of other relevant IP Storage protocols).  The editor acknowledges the
   contributions of the entire working group.

   The following individuals directly contributed to identifying issues
   and/or suggesting resolutions to the issues found in this document:
   David Black, Mallikarjun Chadalapaka, Paul Koning, Julian Satran,
   John Hufferd, Claire Kraft, Ranga Sankar, Joseph Pittman, Greg Berg,
   John Forte, Jim Yuill, William Studenmund, and Ken Sandars.  This
   document benefited from all these contributions.

   Finally, the author recognizes Network Appliance, Inc. for
   sponsorship and support during the development of this work.



































Wysochanski               Expires May 25, 2007                 [Page 10]

Internet-Draft           iSCSI Node Architecture           November 2006


Author's Address

   Dave Wysochanski
   8311 Brier Creek Parkway
   Suite 105-296
   Raleigh, NC  27617
   US

   Phone: +1 919 696 8130
   Email: wysochanski@pobox.com









































Wysochanski               Expires May 25, 2007                 [Page 11]

Internet-Draft           iSCSI Node Architecture           November 2006


Full Copyright Statement

   Copyright (C) The Internet Society (2006).

   This document is subject to the rights, licenses and restrictions
   contained in BCP 78, and except as set forth therein, the authors
   retain all their rights.

   This document and the information contained herein are provided on an
   "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
   OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
   ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
   INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
   INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
   WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.


Intellectual Property

   The IETF takes no position regarding the validity or scope of any
   Intellectual Property Rights or other rights that might be claimed to
   pertain to the implementation or use of the technology described in
   this document or the extent to which any license under such rights
   might or might not be available; nor does it represent that it has
   made any independent effort to identify any such rights.  Information
   on the procedures with respect to rights in RFC documents can be
   found in BCP 78 and BCP 79.

   Copies of IPR disclosures made to the IETF Secretariat and any
   assurances of licenses to be made available, or the result of an
   attempt made to obtain a general license or permission for the use of
   such proprietary rights by implementers or users of this
   specification can be obtained from the IETF on-line IPR repository at
   http://www.ietf.org/ipr.

   The IETF invites any interested party to bring to its attention any
   copyrights, patents or patent applications, or other proprietary
   rights that may cover technology that may be required to implement
   this standard.  Please address the information to the IETF at
   ietf-ipr@ietf.org.


Acknowledgment

   Funding for the RFC Editor function is provided by the IETF
   Administrative Support Activity (IASA).





Wysochanski               Expires May 25, 2007                 [Page 12]


Html markup produced by rfcmarkup 1.107, available from http://tools.ietf.org/tools/rfcmarkup/