draft-ietf-ips-iscsi-slp-07.txt   draft-ietf-ips-iscsi-slp-08.txt 
Internet Draft Mark Bakke Internet Draft Mark Bakke
<draft-ietf-ips-iscsi-slp-07.txt> Cisco <draft-ietf-ips-iscsi-slp-08.txt> Cisco
Expires October 2004 Expires October 2004
John Hufferd John Hufferd
Kaladhar Voruganti Kaladhar Voruganti
IBM IBM
Marjorie Krueger Marjorie Krueger
HP HP
Todd Sperry Todd Sperry
Adaptec Adaptec
skipping to change at page 16, line 51 skipping to change at page 16, line 51
# is 255. # is 255.
# Normally, only one or a few values will be in the list. # Normally, only one or a few values will be in the list.
# Using the equivalence search on this will evaluate to "true" # Using the equivalence search on this will evaluate to "true"
# if any one of the items in this list matches the query. # if any one of the items in this list matches the query.
# If this list contains the default name "any", any initiator # If this list contains the default name "any", any initiator
# is allowed to access this target, provided it matches the # is allowed to access this target, provided it matches the
# other auth-xxx attributes. # other auth-xxx attributes.
# #
# This attribute contains security policy information. If this # This attribute contains security policy information. If this
# attribute is distributed via an Attribute Reply message, # attribute is distributed via an Attribute Reply message,
# IPsec MUST be used. # IPsec MUST be implemented.
auth-addr = string M X auth-addr = string M X
# A list of initiator IP addresses (or host names) which will # A list of initiator IP addresses (or host names) which will
# be allowed access to this target. If this list contains the # be allowed access to this target. If this list contains the
# default name "any", any IP address is allowed access to this # default name "any", any IP address is allowed access to this
# target, provided it matches the other auth-xxx attributes. # target, provided it matches the other auth-xxx attributes.
# #
# This attribute contains security policy information. If this # This attribute contains security policy information. If this
# attribute is distributed via an Attribute Reply message, # attribute is distributed via an Attribute Reply message,
# IPsec MUST be used. # IPsec MUST be implemented.
auth-cred = string M X auth-cred = string M X
# A list of credentials which will be allowed access to the target # A list of credentials which will be allowed access to the target
# (provided they can provide the correct password or other # (provided they can provide the correct password or other
# authenticator). Entries in this list are of the form # authenticator). Entries in this list are of the form
# "method/identifier", where the currently defined methods are # "method/identifier", where the currently defined methods are
# "chap" and "srp", both of which take usernames as their # "chap" and "srp", both of which take usernames as their
# identifiers. # identifiers.
# #
# This attribute contains security policy information. If this # This attribute contains security policy information. If this
# attribute is distributed via an Attribute Reply message, # attribute is distributed via an Attribute Reply message,
# IPsec MUST be used. # IPsec MUST be implemented.
boot-list = string M O boot-list = string M O
# A list of iSCSI Initiator Names that can boot from this target. # A list of iSCSI Initiator Names that can boot from this target.
# This list works precisely like the auth-name attribute. A name # This list works precisely like the auth-name attribute. A name
# appearing in this list must either appear in the access-list, # appearing in this list must either appear in the access-list,
# or the access-list must contain the initiator name "iscsi". # or the access-list must contain the initiator name "iscsi".
# Otherwise, an initiator will be unable to find its boot target. # Otherwise, an initiator will be unable to find its boot target.
# If boot-list contains the name "iscsi", any host can boot from it, # If boot-list contains the name "iscsi", any host can boot from it,
# but I am not sure if this is useful to anyone. # but I am not sure if this is useful to anyone.
# If this attribute is not registered, this target is not "bootable". # If this attribute is not registered, this target is not "bootable".
# #
# Note that the LUN the host boots from is not specified here; a # Note that the LUN the host boots from is not specified here; a
# host will generally attempt to boot from LUN 0. # host will generally attempt to boot from LUN 0.
# #
# It is quite possible that other attributes will need to be defined # It is quite possible that other attributes will need to be defined
# here for booting as well. # here for booting as well.
# #
# This attribute contains security policy information. If this # This attribute contains security policy information. If this
# attribute is distributed via an Attribute Reply message, # attribute is distributed via an Attribute Reply message,
# IPsec MUST be used. # IPsec MUST be implemented.
--------------------------template ends here------------------------ --------------------------template ends here------------------------
5.3. iSCSI Storage Management Service Templates 5.3. iSCSI Storage Management Service Templates
This template defines the service "service:iscsi:sms". An entity This template defines the service "service:iscsi:sms". An entity
supporting one or more iSCSI management service protocols may supporting one or more iSCSI management service protocols may
register itself with SLP as this service type. register itself with SLP as this service type.
iSCSI clients and servers wishing to discover storage management iSCSI clients and servers wishing to discover storage management
skipping to change at page 19, line 4 skipping to change at page 19, line 4
# protocol for access management, health monitoring, and # protocol for access management, health monitoring, and
# discovery management services. This protocol is defined # discovery management services. This protocol is defined
# in [ISNS]. # in [ISNS].
isns isns
transports = string M L transports = string M L
tcp tcp
# This is a list of transport protocols that the registered # This is a list of transport protocols that the registered
# entity supports. # entity supports.
tcp, udp tcp, udp
server-priority = integer
# The priority a client should give this server, when choosing
# between multiple servers with the same protocol type.
# When multiple servers are discovered for a given protocol type,
# this parameter indicates their relative precedence. Server
# precedence is protocol-specific; for some protocols, the primary
# server may have the highest server-priority value, while for
# others it may have the lowest. For example, with iSNS, the primary
# server has the lowest value (value 0).
--------------------------template ends here------------------------ --------------------------template ends here------------------------
6. Security Considerations 6. Security Considerations
The SLPv2 security model as specified in [RFC2608] does not provide The SLPv2 security model as specified in [RFC2608] does not provide
confidentiality, but does provide an authentication mechanism for UAs confidentiality, but does provide an authentication mechanism for UAs
to assure that service advertisements only come from trusted SAs with to assure that service advertisements only come from trusted SAs with
the exception that it does not provide a mechanism to authenticate the exception that it does not provide a mechanism to authenticate
"zero-result responses". See [RFC3723] for a discussion of the SLPv2 "zero-result responses". See [RFC3723] for a discussion of the SLPv2
[RFC2608] security model. [RFC2608] security model.
 End of changes. 

This html diff was produced by rfcdiff 1.23, available from http://www.levkowetz.com/ietf/tools/rfcdiff/