From david.black@emc.com Wed Oct 5 16:50:11 2011 Return-Path: X-Original-To: storm@ietfa.amsl.com Delivered-To: storm@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A972021F8CBF for ; Wed, 5 Oct 2011 16:50:11 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -106.217 X-Spam-Level: X-Spam-Status: No, score=-106.217 tagged_above=-999 required=5 tests=[AWL=0.382, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ClgNT7x+dPOg for ; Wed, 5 Oct 2011 16:50:10 -0700 (PDT) Received: from mexforward.lss.emc.com (mexforward.lss.emc.com [128.222.32.20]) by ietfa.amsl.com (Postfix) with ESMTP id 9928A21F8CB1 for ; Wed, 5 Oct 2011 16:50:10 -0700 (PDT) Received: from hop04-l1d11-si02.isus.emc.com (HOP04-L1D11-SI02.isus.emc.com [10.254.111.55]) by mexforward.lss.emc.com (Switch-3.4.3/Switch-3.4.3) with ESMTP id p95NrIs6010740 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 5 Oct 2011 19:53:18 -0400 Received: from mailhub.lss.emc.com (mailhub.lss.emc.com [10.254.222.130]) by hop04-l1d11-si02.isus.emc.com (RSA Interceptor) for ; Wed, 5 Oct 2011 19:53:02 -0400 Received: from mxhub05.corp.emc.com (mxhub05.corp.emc.com [128.221.46.113]) by mailhub.lss.emc.com (Switch-3.4.3/Switch-3.4.3) with ESMTP id p95Nr288015697 for ; Wed, 5 Oct 2011 19:53:02 -0400 Received: from mx14a.corp.emc.com ([169.254.1.78]) by mxhub05.corp.emc.com ([128.221.46.113]) with mapi; Wed, 5 Oct 2011 19:53:02 -0400 From: To: Importance: high X-Priority: 1 Date: Wed, 5 Oct 2011 19:53:00 -0400 Thread-Topic: Help: RDDP (iWARP) registry draft author needed Thread-Index: AcyDueoQolKwd5kAT0uCUhzIk33N3Q== Message-ID: <7C4DFCE962635144B8FAE8CA11D0BF1E058CF59D34@MX14A.corp.emc.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: acceptlanguage: en-US Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-EMM-MHVC: 1 Subject: [storm] Help: RDDP (iWARP) registry draft author needed X-BeenThere: storm@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Storage Maintenance WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 Oct 2011 23:50:11 -0000 We've hit a last-minute issue with the MPA draft, and need someone to write another draft. The RDDP error codes are spread over multiple documents, and with the MPA draft (and the RDMAP extensions draft), we are also now spreading operation codes for individual protocol elements over multiple documents/drafts. We need to establish a set of IANA registries to record all of these codes, and the MPA draft will not be approved by the IESG until a draft that creates and populates these registries is sent to the IESG. IMHO, this is a reasonable position, and in 20/20 hindsight, this is partly my responsibility for letting this slide back when I was the RDDP WG chair. We have an urgent need for someone to write the Internet-Draft to establish and populate these registries. This is mostly a copy/paste exercise to pull all the definitions from the existing RFCs into one place plus add some instructions to IANA on what each registry entry needs to contain and how to add entries (publish a standards-track RFC). The draft author needs to be familiar with the RDDP (iWARP) protocols in order to correctly describe what the various codes do. This is an opportunity for the proverbial "15 minutes of fame." It would be ideal to get this done this month - the final draft cutoff for the Taipei meetings is October 31st, and having that registry draft in WG Last Call by then would be an aggressive (but achievable) goal. Who would like to volunteer (hint: before Tom and I start twisting some arms behind the scenes)??=20 Thanks, --David (storm WG chair) ---------------------------------------------------- David L. Black, Distinguished Engineer EMC Corporation, 176 South St., Hopkinton, MA=A0 01748 +1 (508) 293-7953=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 FAX: +1 (508) 293-778= 6 david.black@emc.com=A0=A0=A0=A0=A0=A0=A0 Mobile: +1 (978) 394-7754 ---------------------------------------------------- From cbm@chadalapaka.com Mon Oct 10 11:39:47 2011 Return-Path: X-Original-To: storm@ietfa.amsl.com Delivered-To: storm@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 84F5D21F8C65 for ; Mon, 10 Oct 2011 11:39:47 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: 0.002 X-Spam-Level: X-Spam-Status: No, score=0.002 tagged_above=-999 required=5 tests=[BAYES_50=0.001, HTML_MESSAGE=0.001] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WNBAbJGBNRQI for ; Mon, 10 Oct 2011 11:39:46 -0700 (PDT) Received: from snt0-omc1-s13.snt0.hotmail.com (snt0-omc1-s13.snt0.hotmail.com [65.55.90.24]) by ietfa.amsl.com (Postfix) with ESMTP id 9036F21F8C19 for ; Mon, 10 Oct 2011 11:39:46 -0700 (PDT) Received: from SNT131-DS2 ([65.55.90.9]) by snt0-omc1-s13.snt0.hotmail.com with Microsoft SMTPSVC(6.0.3790.4675); Mon, 10 Oct 2011 11:39:46 -0700 X-Originating-IP: [131.107.0.94] X-Originating-Email: [cbm@chadalapaka.com] Message-ID: From: Mallikarjun Chadalapaka To: Date: Mon, 10 Oct 2011 11:39:44 -0700 MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_05B1_01CC8741.4EE36090" X-Mailer: Microsoft Outlook 14.0 Thread-Index: AcyHe94FZEUv7+U5SFqYK2vwz++PxA== Content-Language: en-us X-OriginalArrivalTime: 10 Oct 2011 18:39:46.0125 (UTC) FILETIME=[FBBF57D0:01CC877B] Subject: [storm] Draft iSCSI Consolidated spec w/ Last Call resolutions X-BeenThere: storm@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Storage Maintenance WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 10 Oct 2011 18:39:47 -0000 ------=_NextPart_000_05B1_01CC8741.4EE36090 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Hi everyone, I have just published a draft copy of the iSCSI Consolidated draft, addressing almost all feedback from the recently finished Last Call review comments. Here are the changes that went into this draft: . Required in section 4.2.7.1 that iSCSI Target Name must be the same as iSCSI Initiator Name for SCSI (composite) devices with both roles. . Clarified in section 10.2 that ACA is a SHOULD requirement only for iSCSI targets. . Fixed literally a couple of hundred broken cross-references . Made a few editorial updates throughout . Fixed the incorrect MUST requirement on target authentication, now back at MAY The document has change bars reflecting the above: http://www.chadalapaka.com/Documents/draft-ietf-storm-iscsi-cons-04.pdf The only two updates that I am waiting on at this point: - Updated text from David Black to keep up with IPSec version updates - Some security-related clarification text from Julian Satran Plus, there are a couple of pending editorial updates (e.g. acknowledgments). Please take a look at the draft, and let me know ASAP if your Last Call comment has not been addressed. Thanks! Mallikarjun ------=_NextPart_000_05B1_01CC8741.4EE36090 Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

Hi = everyone,

 

I have just published a draft copy of the iSCSI = Consolidated draft, addressing almost all feedback from the recently = finished Last Call review comments.  Here are the changes that went = into this draft:

 

·         = Required in section 4.2.7.1 that iSCSI = Target Name must be the same as iSCSI Initiator Name for SCSI = (composite) devices with both roles.

·         = Clarified in section 10.2 that ACA is a = SHOULD requirement only for iSCSI targets.

·         = Fixed literally a couple of hundred = broken cross-references

·         = Made a few editorial updates = throughout

·         = Fixed the incorrect MUST requirement on = target authentication, now back at MAY

 

The document = has change bars reflecting the above: http://www.chadalapaka.com/Documents/draft-ietf-storm-iscsi-cons-= 04.pdf

 

The only two updates that I am waiting on at this = point:

 

-          = Updated text from David Black to keep up with = IPSec version updates

-          = Some security-related clarification text from = Julian Satran

 

Plus, there are a couple of pending editorial updates = (e.g. acknowledgments).

 

Please take = a look at the draft, and let me know ASAP if your Last Call comment has = not been addressed.

 

Thanks!

 

Mallikarjun

 

------=_NextPart_000_05B1_01CC8741.4EE36090-- From david.black@emc.com Thu Oct 13 13:55:20 2011 Return-Path: X-Original-To: storm@ietfa.amsl.com Delivered-To: storm@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AAF3621F8B7E for ; Thu, 13 Oct 2011 13:55:20 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -106.599 X-Spam-Level: X-Spam-Status: No, score=-106.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nshhU4qVRCpI for ; Thu, 13 Oct 2011 13:55:20 -0700 (PDT) Received: from mexforward.lss.emc.com (mexforward.lss.emc.com [128.222.32.20]) by ietfa.amsl.com (Postfix) with ESMTP id 0D13021F8B72 for ; Thu, 13 Oct 2011 13:55:19 -0700 (PDT) Received: from hop04-l1d11-si02.isus.emc.com (HOP04-L1D11-SI02.isus.emc.com [10.254.111.55]) by mexforward.lss.emc.com (Switch-3.4.3/Switch-3.4.3) with ESMTP id p9DKtGUQ016309 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 13 Oct 2011 16:55:16 -0400 Received: from mailhub.lss.emc.com (mailhub.lss.emc.com [10.254.222.226]) by hop04-l1d11-si02.isus.emc.com (RSA Interceptor) for ; Thu, 13 Oct 2011 16:55:13 -0400 Received: from mxhub28.corp.emc.com (mxhub28.corp.emc.com [10.254.110.184]) by mailhub.lss.emc.com (Switch-3.4.3/Switch-3.4.3) with ESMTP id p9DKtCZ2001388 for ; Thu, 13 Oct 2011 16:55:13 -0400 Received: from mx14a.corp.emc.com ([169.254.1.78]) by mxhub28.corp.emc.com ([10.254.110.184]) with mapi; Thu, 13 Oct 2011 16:55:11 -0400 From: To: Date: Thu, 13 Oct 2011 16:55:08 -0400 Thread-Topic: iSCSI: New IPsec security requirements Thread-Index: AcyJ6mQoFp+xw5EqSIyyWmUKXyNgjQ== Message-ID: <7C4DFCE962635144B8FAE8CA11D0BF1E058CFE6297@MX14A.corp.emc.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-cr-puzzleid: {6A98D782-E062-4CCB-86DA-0ED381EE0F1D} x-cr-hashedpuzzle: A3YX Bb3X CBxj CKpY CaoJ CcaJ C6IY Dj7a EIwB EjQW E5DJ GJ7z G8jD Jb+2 LLnX MFf5; 1; cwB0AG8AcgBtAEAAaQBlAHQAZgAuAG8AcgBnAA==; Sosha1_v1; 7; {6A98D782-E062-4CCB-86DA-0ED381EE0F1D}; ZABhAHYAaQBkAC4AYgBsAGEAYwBrAEAAZQBtAGMALgBjAG8AbQA=; Thu, 13 Oct 2011 20:55:08 GMT; aQBTAEMAUwBJADoAIABOAGUAdwAgAEkAUABzAGUAYwAgAHMAZQBjAHUAcgBpAHQAeQAgAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAA== acceptlanguage: en-US Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-EMM-MHVC: 1 Subject: [storm] iSCSI: New IPsec security requirements X-BeenThere: storm@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Storage Maintenance WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 13 Oct 2011 20:55:20 -0000 I've checked with the ipsecme WG and the responsible Security AD. The upshot is that there's still a lot of 2400-series RFC IPsec out there, = and hence the appropriate IPsec requirements for iSCSI are: - MUST implement IPsec, 2400-series RFCs (IPsec v2, IKEv1). - SHOULD implement IPsec, 4300-series RFCs (IPsec v3, IKEv2). The MUST is for interoperability and to acknowledge what's out there; the S= HOULD is to encourage implementers to move forward.=20 Now I need to go write the actual text to go into the draft, and the main i= SCSI draft will have to update RFC 3723 as part of this. Thanks, --David ---------------------------------------------------- David L. Black, Distinguished Engineer EMC Corporation, 176 South St., Hopkinton, MA=A0 01748 +1 (508) 293-7953=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 FAX: +1 (508) 293-778= 6 david.black@emc.com=A0=A0=A0=A0=A0=A0=A0 Mobile: +1 (978) 394-7754 ---------------------------------------------------- From cbm@chadalapaka.com Thu Oct 13 15:24:10 2011 Return-Path: X-Original-To: storm@ietfa.amsl.com Delivered-To: storm@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A978E21F8BA6 for ; Thu, 13 Oct 2011 15:24:10 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.299 X-Spam-Level: X-Spam-Status: No, score=-1.299 tagged_above=-999 required=5 tests=[AWL=1.300, BAYES_00=-2.599] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kF9ml+aP8jWz for ; Thu, 13 Oct 2011 15:24:10 -0700 (PDT) Received: from snt0-omc3-s24.snt0.hotmail.com (snt0-omc3-s24.snt0.hotmail.com [65.55.90.163]) by ietfa.amsl.com (Postfix) with ESMTP id 2B91521F8B84 for ; Thu, 13 Oct 2011 15:24:10 -0700 (PDT) Received: from SNT131-DS14 ([65.55.90.136]) by snt0-omc3-s24.snt0.hotmail.com with Microsoft SMTPSVC(6.0.3790.4675); Thu, 13 Oct 2011 15:24:10 -0700 X-Originating-IP: [131.107.0.94] X-Originating-Email: [cbm@chadalapaka.com] Message-ID: From: Mallikarjun Chadalapaka To: , References: <7C4DFCE962635144B8FAE8CA11D0BF1E058CFE6297@MX14A.corp.emc.com> In-Reply-To: <7C4DFCE962635144B8FAE8CA11D0BF1E058CFE6297@MX14A.corp.emc.com> Date: Thu, 13 Oct 2011 15:24:08 -0700 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable X-Mailer: Microsoft Outlook 14.0 Thread-Index: AQC5sW98KcfVaqXyRDrPoV0OUVJRPZegiZjg Content-Language: en-us X-OriginalArrivalTime: 13 Oct 2011 22:24:10.0377 (UTC) FILETIME=[D44E6790:01CC89F6] Subject: Re: [storm] iSCSI: New IPsec security requirements X-BeenThere: storm@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Storage Maintenance WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 13 Oct 2011 22:24:10 -0000 Thanks for the follow-up David! That sounds reasonable to me. I will = wait for the new text to get it into the draft getting now ready for = submission (I have published a draft copy to the mailing list earlier this week). Mallikarjun -----Original Message----- From: storm-bounces@ietf.org [mailto:storm-bounces@ietf.org] On Behalf = Of david.black@emc.com Sent: Thursday, October 13, 2011 1:55 PM To: storm@ietf.org Subject: [storm] iSCSI: New IPsec security requirements I've checked with the ipsecme WG and the responsible Security AD. The upshot is that there's still a lot of 2400-series RFC IPsec out = there, and hence the appropriate IPsec requirements for iSCSI are: - MUST implement IPsec, 2400-series RFCs (IPsec v2, IKEv1). - SHOULD implement IPsec, 4300-series RFCs (IPsec v3, IKEv2). The MUST is for interoperability and to acknowledge what's out there; = the SHOULD is to encourage implementers to move forward.=20 Now I need to go write the actual text to go into the draft, and the = main iSCSI draft will have to update RFC 3723 as part of this. Thanks, --David ---------------------------------------------------- David L. Black, Distinguished Engineer EMC Corporation, 176 South St., Hopkinton, MA=A0 01748 +1 (508) 293-7953=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 FAX: +1 (508) = 293-7786 david.black@emc.com=A0=A0=A0=A0=A0=A0=A0 Mobile: +1 (978) 394-7754 ---------------------------------------------------- _______________________________________________ storm mailing list storm@ietf.org https://www.ietf.org/mailman/listinfo/storm From internet-drafts@ietf.org Fri Oct 14 11:05:41 2011 Return-Path: X-Original-To: storm@ietfa.amsl.com Delivered-To: storm@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F1FD621F8C77; Fri, 14 Oct 2011 11:05:40 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.577 X-Spam-Level: X-Spam-Status: No, score=-102.577 tagged_above=-999 required=5 tests=[AWL=0.022, BAYES_00=-2.599, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 035xa4cOBasD; Fri, 14 Oct 2011 11:05:40 -0700 (PDT) Received: from ietfa.amsl.com (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 93AC421F8BB9; Fri, 14 Oct 2011 11:05:40 -0700 (PDT) MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable From: internet-drafts@ietf.org To: i-d-announce@ietf.org X-Test-IDTracker: no X-IETF-IDTracker: 3.60 Message-ID: <20111014180540.22997.26120.idtracker@ietfa.amsl.com> Date: Fri, 14 Oct 2011 11:05:40 -0700 Cc: storm@ietf.org Subject: [storm] I-D Action: draft-ietf-storm-iser-05.txt X-BeenThere: storm@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Storage Maintenance WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 14 Oct 2011 18:05:41 -0000 A New Internet-Draft is available from the on-line Internet-Drafts director= ies. This draft is a work item of the STORage Maintenance Working Group of = the IETF. Title : iSCSI Extensions for RDMA Specification Author(s) : Michael Ko Alexander Nezhinsky Filename : draft-ietf-storm-iser-05.txt Pages : 91 Date : 2011-10-14 iSCSI Extensions for RDMA provides the RDMA data transfer capability to iSCSI by layering iSCSI on top of an RDMA-Capable Protocol. An RDMA-Capable Protocol provides RDMA Read and Write services, which enable data to be transferred directly into SCSI I/O Buffers without intermediate data copies. This document describes the extensions to the iSCSI protocol to support RDMA services as provided by an RDMA- Capable Protocol. This document obsoletes RFC 5046. A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-storm-iser-05.txt Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ This Internet-Draft can be retrieved at: ftp://ftp.ietf.org/internet-drafts/draft-ietf-storm-iser-05.txt From Michael@huaweisymantec.com Fri Oct 14 11:12:39 2011 Return-Path: X-Original-To: storm@ietfa.amsl.com Delivered-To: storm@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8D1E821F8CB7 for ; Fri, 14 Oct 2011 11:12:39 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.598 X-Spam-Level: X-Spam-Status: No, score=-2.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zyOdIJbIwwdb for ; Fri, 14 Oct 2011 11:12:38 -0700 (PDT) Received: from mta2.huaweisymantec.com (mta2.huaweisymantec.com [218.17.155.15]) by ietfa.amsl.com (Postfix) with ESMTP id 7929421F8C6B for ; Fri, 14 Oct 2011 11:12:38 -0700 (PDT) MIME-version: 1.0 Content-type: multipart/alternative; boundary="Boundary_(ID_d/3oTtIhWJtDgSw8wOXY6g)" Received: from hstml01-in.huaweisymantec.com ([172.26.3.42]) by hstga02-in.huaweisymantec.com (Sun Java(tm) System Messaging Server 6.3-8.03 (built Apr 24 2009; 32bit)) with ESMTP id <0LT200KK2IKZFB50@hstga02-in.huaweisymantec.com> for storm@ietf.org; Sat, 15 Oct 2011 02:12:36 +0800 (CST) Received: from m90003900a ([10.47.140.11]) by hstml01-in.huaweisymantec.com (Sun Java(tm) System Messaging Server 6.3-8.03 (built Apr 24 2009; 32bit)) with ESMTPA id <0LT200JLOIKVLH00@hstml01-in.huaweisymantec.com> for storm@ietf.org; Sat, 15 Oct 2011 02:12:35 +0800 (CST) Message-id: <8F45362E6B6C47A889E98E1FB53BD7FA@china.huawei.com> From: Michael Ko To: storm@ietf.org References: <20111014180540.22997.26120.idtracker@ietfa.amsl.com> Date: Fri, 14 Oct 2011 11:12:30 -0700 X-Priority: 3 X-MSMail-priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.5931 X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2900.6109 Subject: Re: [storm] I-D Action: draft-ietf-storm-iser-05.txt X-BeenThere: storm@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Storage Maintenance WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 14 Oct 2011 18:12:39 -0000 This is a multi-part message in MIME format. --Boundary_(ID_d/3oTtIhWJtDgSw8wOXY6g) Content-type: text/plain; charset=iso-8859-1 Content-transfer-encoding: 7BIT There is only one change in this version. The default for MaxOutstandingUnexpectedPDUs has reverted back to its original value of '0' in RFC 5046 for backward compatibility reasons. A cautionary "SHOULD" has been added to recommend negotiating this key since the default value does not impose a bound on resources consumable by unexpected PDUs. Mike ----- Original Message ----- From: internet-drafts@ietf.org To: i-d-announce@ietf.org Cc: storm@ietf.org Sent: Friday, October 14, 2011 11:05 AM Subject: [storm] I-D Action: draft-ietf-storm-iser-05.txt A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the STORage Maintenance Working Group of the IETF. Title : iSCSI Extensions for RDMA Specification Author(s) : Michael Ko Alexander Nezhinsky Filename : draft-ietf-storm-iser-05.txt Pages : 91 Date : 2011-10-14 iSCSI Extensions for RDMA provides the RDMA data transfer capability to iSCSI by layering iSCSI on top of an RDMA-Capable Protocol. An RDMA-Capable Protocol provides RDMA Read and Write services, which enable data to be transferred directly into SCSI I/O Buffers without intermediate data copies. This document describes the extensions to the iSCSI protocol to support RDMA services as provided by an RDMA- Capable Protocol. This document obsoletes RFC 5046. A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-storm-iser-05.txt Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ This Internet-Draft can be retrieved at: ftp://ftp.ietf.org/internet-drafts/draft-ietf-storm-iser-05.txt _______________________________________________ storm mailing list storm@ietf.org https://www.ietf.org/mailman/listinfo/storm --Boundary_(ID_d/3oTtIhWJtDgSw8wOXY6g) Content-type: text/html; charset=iso-8859-1 Content-transfer-encoding: 7BIT
There is only one change in this version.  The default for MaxOutstandingUnexpectedPDUs has reverted back to its original value of '0' in RFC 5046 for backward compatibility reasons.  A cautionary "SHOULD" has been added to recommend negotiating this key since the default value does not impose a bound on resources consumable by unexpected PDUs.
 
Mike
----- Original Message -----
Sent: Friday, October 14, 2011 11:05 AM
Subject: [storm] I-D Action: draft-ietf-storm-iser-05.txt

A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the STORage Maintenance Working Group of the IETF.

Title           : iSCSI Extensions for RDMA Specification
Author(s)       : Michael Ko
                          Alexander Nezhinsky
Filename        : draft-ietf-storm-iser-05.txt
Pages           : 91
Date            : 2011-10-14

   iSCSI Extensions for RDMA provides the RDMA data transfer capability
   to iSCSI by layering iSCSI on top of an RDMA-Capable Protocol.  An
   RDMA-Capable Protocol provides RDMA Read and Write services, which
   enable data to be transferred directly into SCSI I/O Buffers without
   intermediate data copies.  This document describes the extensions to
   the iSCSI protocol to support RDMA services as provided by an RDMA-
   Capable Protocol.

   This document obsoletes RFC 5046.


A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-storm-iser-05.txt

Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/

This Internet-Draft can be retrieved at:
ftp://ftp.ietf.org/internet-drafts/draft-ietf-storm-iser-05.txt
_______________________________________________
storm mailing list
storm@ietf.org
https://www.ietf.org/mailman/listinfo/storm
--Boundary_(ID_d/3oTtIhWJtDgSw8wOXY6g)-- From david.black@emc.com Wed Oct 19 08:09:14 2011 Return-Path: X-Original-To: storm@ietfa.amsl.com Delivered-To: storm@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CE60921F8C6A for ; Wed, 19 Oct 2011 08:09:14 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -105.232 X-Spam-Level: X-Spam-Status: No, score=-105.232 tagged_above=-999 required=5 tests=[AWL=1.367, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LAQEraIzWFem for ; Wed, 19 Oct 2011 08:09:13 -0700 (PDT) Received: from mexforward.lss.emc.com (mexforward.lss.emc.com [128.222.32.20]) by ietfa.amsl.com (Postfix) with ESMTP id 2847F21F8C69 for ; Wed, 19 Oct 2011 08:09:12 -0700 (PDT) Received: from hop04-l1d11-si04.isus.emc.com (HOP04-L1D11-SI04.isus.emc.com [10.254.111.24]) by mexforward.lss.emc.com (Switch-3.4.3/Switch-3.4.3) with ESMTP id p9JF9AiC022639 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 19 Oct 2011 11:09:11 -0400 Received: from mailhub.lss.emc.com (mailhub.lss.emc.com [10.254.221.251]) by hop04-l1d11-si04.isus.emc.com (RSA Interceptor) for ; Wed, 19 Oct 2011 11:08:58 -0400 Received: from mxhub14.corp.emc.com (mxhub14.corp.emc.com [128.221.56.103]) by mailhub.lss.emc.com (Switch-3.4.3/Switch-3.4.3) with ESMTP id p9JF8uvK011467 for ; Wed, 19 Oct 2011 11:08:56 -0400 Received: from mx14a.corp.emc.com ([169.254.1.78]) by mxhub14.corp.emc.com ([128.221.56.103]) with mapi; Wed, 19 Oct 2011 11:08:56 -0400 From: To: Date: Wed, 19 Oct 2011 11:08:54 -0400 Thread-Topic: RDDP registries draft (and MPA peer connect draft) status Thread-Index: AcyOcQR9oRpaUusFSie+zqQvGZmtbg== Message-ID: <7C4DFCE962635144B8FAE8CA11D0BF1E058D073893@MX14A.corp.emc.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: yes X-MS-TNEF-Correlator: acceptlanguage: en-US Content-Type: multipart/mixed; boundary="_002_7C4DFCE962635144B8FAE8CA11D0BF1E058D073893MX14Acorpemcc_" MIME-Version: 1.0 X-EMM-MHVC: 1 Subject: [storm] RDDP registries draft (and MPA peer connect draft) status X-BeenThere: storm@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Storage Maintenance WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 Oct 2011 15:09:14 -0000 --_002_7C4DFCE962635144B8FAE8CA11D0BF1E058D073893MX14Acorpemcc_ Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable The draft to establish the RDDP registries has been submitted, and should b= e posted soon. I'm attaching a copy because the draft submission is curren= tly held up by some sort of -00 approval process misfire in the IETF datatr= acker. Many thanks to Mike Ko for doing the grunt work of copying all the values o= ut of the existing RFCs on short notice - that probably saved about a month= in getting the MPA peer connect draft approved and published. The plan for the MPA peer connect draft is that a -08 version that responds= to the IETF Last Call and IESG Evaluation comments should be submitted lat= er this week. That version will normatively reference the RDDP registries = draft, so the expectation is that IESG approval for the -08 MPA peer connec= t draft will happen fairly quickly, but the RFC Editor will hold that draft= (wait for Missing Reference) until the RDDP registries draft arrives. The plan for the RDDP registries draft is that a storm WG Last Call will st= art almost immediately when the -00 version is posted. That WG LC will run= past the draft cutoff for Taipei, hence the most likely result is that a s= lightly revised version will be submitted get sent to our AD during the Tai= pei meeting week (Nov 13-19). Thanks, --David (storm WG co-chair) ---------------------------------------------------- David L. Black, Distinguished Engineer EMC Corporation, 176 South St., Hopkinton, MA=A0 01748 +1 (508) 293-7953=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 FAX: +1 (508) 293-778= 6 david.black@emc.com=A0=A0=A0=A0=A0=A0=A0 Mobile: +1 (978) 394-7754 ---------------------------------------------------- --_002_7C4DFCE962635144B8FAE8CA11D0BF1E058D073893MX14Acorpemcc_ Content-Type: text/plain; name="draft-ietf-storm-rddp-registries-00.txt" Content-Description: draft-ietf-storm-rddp-registries-00.txt Content-Disposition: attachment; filename="draft-ietf-storm-rddp-registries-00.txt"; size=16860; creation-date="Tue, 18 Oct 2011 20:20:54 GMT"; modification-date="Wed, 19 Oct 2011 09:40:19 GMT" Content-Transfer-Encoding: base64 U3RvcmFnZSBNYWludGVuYW5jZSAoc3Rvcm0pIFdvcmtpbmcgR3JvdXAgICAgICAgICAgICAgICAg ICAgIE1pY2hhZWwgS28NCkludGVybmV0IERyYWZ0ICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgSHVhd2VpIFN5bWFudGVjDQpJbnRlbmRlZCBzdGF0dXM6IFByb3Bvc2Vk IFN0YW5kYXJkICAgICAgICAgICAgICAgICAgICAgICBEYXZpZCBMLiBCbGFjaw0KRXhwaXJlczog QXByaWwgMjAxMiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICBFTUMNCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICBPY3RvYmVyIDE4LCAyMDExDQoNCg0KDQogICAgICAgICAgICAgICAgICAgICAgICAgSUFO QSBSZWdpc3RyaWVzIGZvciB0aGUgUkREUA0KICAgICAgICAgICAgICAgICAgIChSZW1vdGUgRGly ZWN0IERhdGEgUGxhY2VtZW50KSBQcm90b2NvbHMNCiAgICAgICAgICAgICAgICAgICBkcmFmdC1p ZXRmLXN0b3JtLXJkZHAtcmVnaXN0cmllcy0wMC50eHQNCg0KU3RhdHVzIG9mIHRoaXMgTWVtbw0K DQogICBUaGlzIEludGVybmV0LURyYWZ0IGlzIHN1Ym1pdHRlZCB0byBJRVRGIGluIGZ1bGwgY29u Zm9ybWFuY2Ugd2l0aA0KICAgdGhlIHByb3Zpc2lvbnMgb2YgQkNQIDc4IGFuZCBCQ1AgNzkuDQoN CiAgIEludGVybmV0LURyYWZ0cyBhcmUgd29ya2luZyBkb2N1bWVudHMgb2YgdGhlIEludGVybmV0 IEVuZ2luZWVyaW5nDQogICBUYXNrIEZvcmNlIChJRVRGKSwgaXRzIGFyZWFzLCBhbmQgaXRzIHdv cmtpbmcgZ3JvdXBzLiAgTm90ZSB0aGF0DQogICBvdGhlciBncm91cHMgbWF5IGFsc28gZGlzdHJp YnV0ZSB3b3JraW5nIGRvY3VtZW50cyBhcw0KICAgSW50ZXJuZXQtRHJhZnRzLg0KDQogICBJbnRl cm5ldC1EcmFmdHMgYXJlIGRyYWZ0IGRvY3VtZW50cyB2YWxpZCBmb3IgYSBtYXhpbXVtIG9mIHNp eA0KICAgbW9udGhzIGFuZCBtYXkgYmUgdXBkYXRlZCwgcmVwbGFjZWQsIG9yIG9ic29sZXRlZCBi eSBvdGhlcg0KICAgZG9jdW1lbnRzIGF0IGFueSB0aW1lLiAgSXQgaXMgaW5hcHByb3ByaWF0ZSB0 byB1c2UgSW50ZXJuZXQtRHJhZnRzDQogICBhcyByZWZlcmVuY2UgbWF0ZXJpYWwgb3IgdG8gY2l0 ZSB0aGVtIG90aGVyIHRoYW4gYXMgIndvcmsgaW4NCiAgIHByb2dyZXNzLiINCg0KICAgVGhlIGxp c3Qgb2YgY3VycmVudCBJbnRlcm5ldC1EcmFmdHMgY2FuIGJlIGFjY2Vzc2VkIGF0DQogICBodHRw Oi8vd3d3LmlldGYub3JnLzFpZC1hYnN0cmFjdHMuaHRtbC4NCg0KICAgVGhlIGxpc3Qgb2YgSW50 ZXJuZXQtRHJhZnQgU2hhZG93IERpcmVjdG9yaWVzIGNhbiBiZSBhY2Nlc3NlZCBhdA0KICAgaHR0 cDovL3d3dy5pZXRmLm9yZy9zaGFkb3cuaHRtbC4NCg0KICAgVGhpcyBJbnRlcm5ldC1EcmFmdCB3 aWxsIGV4cGlyZSBvbiBBcHJpbCwgMjAxMi4NCg0KQWJzdHJhY3QNCg0KICAgVGhlIG9yaWdpbmFs IFJGQ3MgdGhhdCBzcGVjaWZpZWQgdGhlIFJERFAgcHJvdG9jb2wgc3VpdGUgZGlkIG5vdA0KICAg Y3JlYXRlIElBTkEgcmVnaXN0cmllcyBmb3IgUkREUCBlcnJvciBjb2Rlcywgb3BlcmF0aW9uIGNv ZGVzIGFuZA0KICAgZnVuY3Rpb24gY29kZXMuICBFeHRlbnNpb25zIHRvIHRoZSBSRERQIHByb3Rv Y29scyBub3cgcmVxdWlyZQ0KICAgdGhlc2UgcmVnaXN0cmllcyB0byBiZSBjcmVhdGVkLiAgVGhp cyBtZW1vIGNyZWF0ZXMgdGhlIFJERFANCiAgIHJlZ2lzdHJpZXMsIHBvcHVsYXRlcyB0aGVtIHdp dGggdmFsdWVzIGRlZmluZWQgaW4gdGhlIG9yaWdpbmFsDQogICBSRERQIFJGQ3MsIGFuZCBwcm92 aWRlcyBndWlkYW5jZSB0byBJQU5BIGZvciBmdXR1cmUgYXNzaWdubWVudA0KICAgb2YgY29kZSBw b2ludHMgd2l0aGluIHRoZXNlIHJlZ2lzdHJpZXMuDQoNCg0KDQoNCg0KDQpLbyBhbmQgQmxhY2sg ICAgICAgICAgICAgIEV4cGlyZXMgQXByaWwgMjAxMiAgICAgICAgICAgICAgICAgIFtQYWdlIDFd DQoMDQpJbnRlcm5ldC1EcmFmdCAgICAgICBJQU5BIENvbnNpZGVyYXRpb25zIGZvciBSRERQICAg ICAgICBPY3RvYmVyIDIwMTENCg0KICAgVGFibGUgb2YgQ29udGVudHMNCg0KICAgMS4gICBJbnRy b2R1Y3Rpb24gLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4u Mg0KICAgMS4xICBDb252ZW50aW9ucyAuLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4u Li4uLi4uLi4uLi4uLi4uMg0KICAgMi4gICBTZWN1cml0eSBDb25zaWRlcmF0aW9ucyAuLi4uLi4u Li4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uMg0KICAgMy4gICBJQU5BIENvbnNpZGVyYXRp b25zIC4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uMg0KICAgMy4xICBS RE1BUCBFcnJvcnMgLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4u Li4uMw0KICAgMy4yICBERFAgRXJyb3JzIC4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4u Li4uLi4uLi4uLi4uLi4uLi4uNQ0KICAgMy4zICBNUEEgRXJyb3JzIC4uLi4uLi4uLi4uLi4uLi4u Li4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uNw0KICAgMy40ICBSRE1BUCBNZXNzYWdl IE9wZXJhdGlvbiBDb2RlcyAuLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uOA0KICAgMy41 ICBTQ1RQIEZ1bmN0aW9uIENvZGVzIGZvciBERFAgU3RyZWFtIFNlc3Npb24gQ29udHJvbCAuLi4u Li4uLi4uOQ0KICAgNC4gICBOb3JtYXRpdmUgUmVmZXJlbmNlcyAuLi4uLi4uLi4uLi4uLi4uLi4u Li4uLi4uLi4uLi4uLi4uLi4uLi4xMA0KICAgNS4gICBJbmZvcm1hdGl2ZSBSZWZlcmVuY2VzIC4u Li4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4xMA0KICAgNi4gICBBY2tub3dsZWRn bWVudHMgLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4xMA0KDQoN CjEuIEludHJvZHVjdGlvbg0KDQogICBUaGUgb3JpZ2luYWwgUkZDcyB0aGF0IHNwZWNpZmllZCB0 aGUgUkREUCBwcm90b2NvbCBzdWl0ZQ0KICAgW1JGQzUwNDBdW1JGQzUwNDFdW1JGQzUwNDNdW1JG QzUwNDRdIGRpZCBub3QgY3JlYXRlIElBTkEgcmVnaXN0cmllcy4NCiAgIEV4dGVuc2lvbnMgdG8g dGhlIFJERFAgcHJvdG9jb2xzIFtNUEEtUEVFUl1bUkRNQVAtRVhUXSBub3cgcmVxdWlyZXMNCiAg IGNyZWF0aW9uIGFuZCB1c2Ugb2YgSUFOQSByZWdpc3RyaWVzLiAgVGhpcyBtZW1vIGNyZWF0ZXMg dGhlIFJERFAtDQogICByZWxhdGVkIElBTkEgcmVnaXN0cmllcywgc3BlY2lmaWVzIHRoZWlyIGlu aXRpYWwgY29udGVudHMgYmFzZWQgb24NCiAgIHRoZSB2YWx1ZXMgZGVmaW5lZCBpbiB0aGUgb3Jp Z2luYWwgUkREUCBSRkNzLCBhbmQgcHJvdmlkZXMgZ3VpZGFuY2UNCiAgIHRvIElBTkEgZm9yIGZ1 dHVyZSBhc3NpZ25tZW50cyBmcm9tIHRoZXNlIHJlZ2lzdHJpZXMuDQoNCjEuMSAgQ29udmVudGlv bnMNCg0KICAgVGhlIGtleSB3b3JkcyAiTVVTVCIsICJNVVNUIE5PVCIsICJSRVFVSVJFRCIsICJT SEFMTCIsICJTSEFMTCBOT1QiLA0KICAgIlNIT1VMRCIsICJTSE9VTEQgTk9UIiwgIlJFQ09NTUVO REVEIiwgIk1BWSIsIGFuZCAiT1BUSU9OQUwiIGluIHRoaXMNCiAgIGRvY3VtZW50IGFyZSB0byBi ZSBpbnRlcnByZXRlZCBhcyBkZXNjcmliZWQgaW4gUkZDIDIxMTkgW1JGQzIxMTldLg0KDQoyLiBT ZWN1cml0eSBDb25zaWRlcmF0aW9ucw0KDQogICBTaW5jZSB0aGlzIGRvY3VtZW50IGlzIG9ubHkg Y29uY2VybmVkIHdpdGggY3JlYXRpb24gYW5kIElBTkENCiAgIG1hbmFnZW1lbnQgb2YgUkREUCBy ZWdpc3RyaWVzLCBpdCByYWlzZXMgbm8gbmV3IHNlY3VyaXR5IGlzc3Vlcy4NCg0KMy4gSUFOQSBD b25zaWRlcmF0aW9ucw0KDQogICBUaGlzIG1lbW8gY3JlYXRlcyB0aGUgZm9sbG93aW5nIFJERFAg cmVnaXN0cmllcyBmb3IgSUFOQSB0byBtYW5hZ2U6DQoNCiAgICAgbyBSRE1BUCBFcnJvcnMgKFNl Y3Rpb24gMy4xKQ0KICAgICBvIEREUCBFcnJvcnMgKFNlY3Rpb24gMy4yKQ0KICAgICBvIE1QQSBF cnJvcnMgKFNlY3Rpb24gMy4zKQ0KICAgICBvIFJETUFQIE1lc3NhZ2UgT3BlcmF0aW9uIENvZGVz IChTZWN0aW9uIDMuNCkNCiAgICAgbyBTQ1RQIEZ1bmN0aW9uIENvZGVzIGZvciBERFAgU3RyZWFt IFNlc3Npb24gQ29udHJvbCAoU2VjdGlvbiAzLjUpDQoNCg0KDQpLbyBhbmQgQmxhY2sgICAgICAg ICAgICAgIEV4cGlyZXMgQXByaWwgMjAxMiAgICAgICAgICAgICAgICAgIFtQYWdlIDJdDQoMDQpJ bnRlcm5ldC1EcmFmdCAgICAgICBJQU5BIENvbnNpZGVyYXRpb25zIGZvciBSRERQICAgICAgICBP Y3RvYmVyIDIwMTENCg0KICAgRWFjaCBvZiB0aGUgZm9sbG93aW5nIHNlY3Rpb25zIHNwZWNpZmll cyBhIHJlZ2lzdHJ5LCBpdHMgaW5pdGlhbA0KICAgY29udGVudHMgYW5kIHRoZSBhZG1pbmlzdHJh dGlvbiBwb2xpY3kgaW4gbW9yZSBkZXRhaWwuDQoNCjMuMSAgUkRNQVAgRXJyb3JzDQoNCiAgIE5h bWUgb2YgdGhlIHJlZ2lzdHJ5OiAiUkRNQVAgRXJyb3JzIg0KDQogICBOYW1lc3BhY2UgZGV0YWls czogQW4gUkRNQVAgKFJlbW90ZSBEaXJlY3QgTWVtb3J5IEFjY2VzcyBQcm90b2NvbCkNCiAgIGVy cm9yIGlzIGEgMTYgYml0IGZpZWxkIGRpdmlkZWQgaW50byB0aHJlZSBzdWJmaWVsZHMgW1JGQzUw NDBdOg0KICAgICAgbyA0LWJpdCBMYXllciwgTVVTVCBiZSAweDAgZm9yIFJETUFQIGVycm9ycw0K ICAgICAgbyA0LWJpdCBFcnJvciBUeXBlDQogICAgICBvIDgtYml0IEVycm9yIENvZGUNCiAgIFRo ZSBFcnJvciBDb2RlIGZpZWxkIGlzIE9QVElPTkFMIGZvciB0aGlzIHJlZ2lzdHJ5LCBhcyBFcnJv ciBDb2Rlcw0KICAgYXJlIG5vdCB1c2VkIHdpdGggYWxsIFJETUFQIEVycm9yIFR5cGVzLiAgQW55 IDgtYml0IHZhbHVlIE1BWSBiZQ0KICAgdXNlZCBhcyB0aGUgRXJyb3IgQ29kZSB3aGVuIHRoZSBF cnJvciBDb2RlIGZpZWxkIGlzIG9taXR0ZWQgZnJvbSB0aGUNCiAgIGNvcnJlc3BvbmRpbmcgcmVn aXN0cnkgZW50cnksIGFzIHRoZSBMYXllciBhbmQgRXJyb3IgVHlwZSB2YWx1ZXMgYXJlDQogICBz dWZmaWNpZW50IHRvIHNwZWNpZnkgdGhlIGVycm9yLiAgRm9yIHRoaXMgcmVhc29uLCBpZiBhbiBS RE1BUCBFcnJvcg0KICAgVHlwZSBpcyByZWdpc3RlcmVkIHdpdGhvdXQgYW4gRXJyb3IgQ29kZSwg SUFOQSBNVVNUIE5PVCBhZGQgYW4gZW50cnkNCiAgIHRvIHRoaXMgcmVnaXN0cnkgd2l0aCBhbiBF cnJvciBDb2RlIGZvciB0aGUgc2FtZSBFcnJvciBUeXBlLg0KDQogICBJbmZvcm1hdGlvbiB0aGF0 IG11c3QgYmUgcHJvdmlkZWQgdG8gYXNzaWduIGEgbmV3IHZhbHVlOiBBbiBJRVNHLQ0KICAgYXBw cm92ZWQgc3RhbmRhcmRzLXRyYWNrIHNwZWNpZmljYXRpb24gZGVmaW5pbmcgdGhlIHNlbWFudGlj cyBhbmQNCiAgIGludGVyb3BlcmFiaWxpdHkgcmVxdWlyZW1lbnRzIG9mIHRoZSBwcm9wb3NlZCBu ZXcgdmFsdWUgYW5kIHRoZQ0KICAgZmllbGRzIHRvIGJlIHJlY29yZGVkIGluIHRoZSByZWdpc3Ry eS4NCg0KICAgQXNzaWdubWVudCBwb2xpY3k6IElmIHRoZSByZXF1ZXN0ZWQgdmFsdWUgaXMgbm90 IGFscmVhZHkgYXNzaWduZWQsDQogICBpdCBtYXkgYmUgYXNzaWduZWQgdG8gdGhlIHJlcXVlc3Rl ci4NCg0KICAgRmllbGRzIHRvIHJlY29yZCBpbiB0aGUgcmVnaXN0cnk6IExheWVyL0Vycm9yLVR5 cGUvRXJyb3ItQ29kZSwNCiAgIEVycm9yLVR5cGUtTmFtZS9FcnJvci1Db2RlLU5hbWUsIFJGQyBS ZWZlcmVuY2UuICBUaGUgRXJyb3ItQ29kZQ0KICAgYW5kIEVycm9yLUNvZGUtTmFtZSBhcmUgb21p dHRlZCBmb3IgRXJyb3ItVHlwZXMgdGhhdCBkbyBub3QgaGF2ZQ0KICAgRXJyb3ItQ29kZXMuDQoN CiAgIEluaXRpYWwgcmVnaXN0cnkgY29udGVudHM6DQoNCiAgIDB4MC8weDAsIExvY2FsIENhdGFz dHJvcGhpYyBFcnJvciwgW1JGQzUwNDBdDQoNCiAgIDB4MC8weDEvMHgwMCwgUmVtb3RlIFByb3Rl Y3Rpb24gRXJyb3IgLyBJbnZhbGlkIFN0ZWVyaW5nIFRhZywNCiAgIFtSRkM1MDQwXQ0KDQogICAw eDAvMHgxLzB4MDEsIFJlbW90ZSBQcm90ZWN0aW9uIEVycm9yIC8gQmFzZSBvciBib3VuZHMgdmlv bGF0aW9uLA0KICAgW1JGQzUwNDBdDQoNCiAgIDB4MC8weDEvMHgwMiwgUmVtb3RlIFByb3RlY3Rp b24gRXJyb3IgLyBBY2Nlc3MgcmlnaHRzIHZpb2xhdGlvbiwNCiAgIFtSRkM1MDQwXQ0KDQoNCg0K DQpLbyBhbmQgQmxhY2sgICAgICAgICAgICAgIEV4cGlyZXMgQXByaWwgMjAxMiAgICAgICAgICAg ICAgICAgIFtQYWdlIDNdDQoMDQpJbnRlcm5ldC1EcmFmdCAgICAgICBJQU5BIENvbnNpZGVyYXRp b25zIGZvciBSRERQICAgICAgICBPY3RvYmVyIDIwMTENCg0KICAgMHgwLzB4MS8weDAzLCBSZW1v dGUgUHJvdGVjdGlvbiBFcnJvciAvIFN0ZWVyaW5nIFRhZyBub3QgYXNzb2NpYXRlZA0KICAgd2l0 aCBSRE1BUCBTdHJlYW0sIFtSRkM1MDQwXQ0KDQogICAweDAvMHgxLzB4MDQsIFJlbW90ZSBQcm90 ZWN0aW9uIEVycm9yIC8gVGFnZ2VkIE9mZnNldCB3cmFwLA0KICAgW1JGQzUwNDBdDQoNCiAgIDB4 MC8weDEvMHgwOSwgUmVtb3RlIFByb3RlY3Rpb24gRXJyb3IgLyBTdGVlcmluZyBUYWcgY2Fubm90 IGJlDQogICBpbnZhbGlkYXRlZCwgW1JGQzUwNDBdDQoNCiAgIDB4MC8weDEvMHhmZiwgUmVtb3Rl IFByb3RlY3Rpb24gRXJyb3IgLyBVbnNwZWNpZmllZCBFcnJvciwNCiAgIFtSRkM1MDQwXQ0KDQog ICAweDAvMHgyLzB4MDUsIFJlbW90ZSBPcGVyYXRpb24gRXJyb3IgLyBJbnZhbGlkIFJETUFQIHZl cnNpb24sDQogICBbUkZDNTA0MF0NCg0KICAgMHgwLzB4Mi8weDA2LCBSZW1vdGUgT3BlcmF0aW9u IEVycm9yIC8gVW5leHBlY3RlZCBPcENvZGUsDQogICBbUkZDNTA0MF0NCg0KICAgMHgwLzB4Mi8w eDA3LCBSZW1vdGUgT3BlcmF0aW9uIEVycm9yIC8gQ2F0YXN0cm9waGljIGVycm9yLA0KICAgbG9j YWxpemVkIHRvIFJETUFQIFN0cmVhbSwgW1JGQzUwNDBdDQoNCiAgIDB4MC8weDIvMHgwOCwgUmVt b3RlIE9wZXJhdGlvbiBFcnJvciAvIENhdGFzdHJvcGhpYyBlcnJvciwgZ2xvYmFsLA0KICAgW1JG QzUwNDBdDQoNCiAgIDB4MC8weDIvMHgwOSwgUmVtb3RlIE9wZXJhdGlvbiBFcnJvciAvIFN0ZWVy aW5nIFRhZyBjYW5ub3QgYmUNCiAgIEludmFsaWRhdGVkLCBbUkZDNTA0MF0NCg0KICAgMHgwLzB4 Mi8weGZmLCBSZW1vdGUgT3BlcmF0aW9uIEVycm9yIC8gVW5zcGVjaWZpZWQgRXJyb3IsIFtSRkM1 MDQwXQ0KDQogICBBbGwgY29tYmluYXRpb25zIG5vdCBsaXN0ZWQgYWJvdmUgdGhhdCBjb21iaW5l IDB4MCBhcyB0aGUgTGF5ZXIgd2l0aA0KICAgYW4gRXJyb3IgVHlwZSBhbmQgRXJyb3IgQ29kZSBh cmUgVW5hc3NpZ25lZCBhbmQgYXZhaWxhYmxlIHRvIElBTkENCiAgIGZvciBhc3NpZ25tZW50Lg0K DQogICBBbGxvY2F0aW9uIFBvbGljeTogU3RhbmRhcmRzIEFjdGlvbiAoW1JGQzUyMjZdKQ0KDQoN Cg0KDQoNCg0KDQoNCg0KDQoNCg0KDQoNCg0KS28gYW5kIEJsYWNrICAgICAgICAgICAgICBFeHBp cmVzIEFwcmlsIDIwMTIgICAgICAgICAgICAgICAgICBbUGFnZSA0XQ0KDA0KSW50ZXJuZXQtRHJh ZnQgICAgICAgSUFOQSBDb25zaWRlcmF0aW9ucyBmb3IgUkREUCAgICAgICAgT2N0b2JlciAyMDEx DQoNCjMuMiAgRERQIEVycm9ycw0KDQogICBOYW1lIG9mIHRoZSByZWdpc3RyeTogIkREUCBFcnJv cnMiDQoNCiAgIE5hbWVzcGFjZSBkZXRhaWxzOiBBIEREUCAoRGlyZWN0IERhdGEgUGxhY2VtZW50 KSBlcnJvciBpcyBhIDE2IGJpdA0KICAgZmllbGQgZGl2aWRlZCBpbnRvIHRocmVlIHN1YmZpZWxk cyBbUkZDNTA0MV06DQogICAgICBvIDQtYml0IExheWVyLCBNVVNUIGJlIDB4MSBmb3IgRERQIGVy cm9ycw0KICAgICAgbyA0LWJpdCBFcnJvciBUeXBlDQogICAgICBvIDgtYml0IEVycm9yIENvZGUN CiAgIFRoZSBFcnJvciBDb2RlIGZpZWxkIGlzIFJFUVVJUkVEIGZvciB0aGlzIHJlZ2lzdHJ5Lg0K DQogICBJbmZvcm1hdGlvbiB0aGF0IG11c3QgYmUgcHJvdmlkZWQgdG8gYXNzaWduIGEgbmV3IHZh bHVlOiBBbiBJRVNHLQ0KICAgYXBwcm92ZWQgc3RhbmRhcmRzLXRyYWNrIHNwZWNpZmljYXRpb24g ZGVmaW5pbmcgdGhlIHNlbWFudGljcyBhbmQNCiAgIGludGVyb3BlcmFiaWxpdHkgcmVxdWlyZW1l bnRzIG9mIHRoZSBwcm9wb3NlZCBuZXcgdmFsdWUgYW5kIHRoZQ0KICAgZmllbGRzIHRvIGJlIHJl Y29yZGVkIGluIHRoZSByZWdpc3RyeS4NCg0KICAgQXNzaWdubWVudCBwb2xpY3k6IElmIHRoZSBy ZXF1ZXN0ZWQgdmFsdWUgaXMgbm90IGFscmVhZHkgYXNzaWduZWQsDQogICBpdCBtYXkgYmUgYXNz aWduZWQgdG8gdGhlIHJlcXVlc3Rlci4NCg0KICAgRmllbGRzIHRvIHJlY29yZCBpbiB0aGUgcmVn aXN0cnk6IExheWVyL0Vycm9yLVR5cGUvRXJyb3ItQ29kZSwNCiAgIEVycm9yLVR5cGUtTmFtZS9F cnJvci1Db2RlLU5hbWUsIFJGQyBSZWZlcmVuY2UuDQoNCiAgIEluaXRpYWwgcmVnaXN0cnkgY29u dGVudHM6DQoNCiAgIDB4MS8weDAvMHgwMCwgTG9jYWwgQ2F0YXN0cm9waGljLCBbUkZDNTA0MV0N Cg0KICAgMHgxLzB4MS8weDAwLCBUYWdnZWQgQnVmZmVyIEVycm9yIC8gSW52YWxpZCBTdGVlcmlu ZyBUYWcsIFtSRkM1MDQxXQ0KDQogICAweDEvMHgxLzB4MDEsIFRhZ2dlZCBCdWZmZXIgRXJyb3Ig LyBCYXNlIG9yIGJvdW5kcyB2aW9sYXRpb24sDQogICBbUkZDNTA0MV0NCg0KICAgMHgxLzB4MS8w eDAyLCBUYWdnZWQgQnVmZmVyIEVycm9yIC8gU3RlZXJpbmcgVGFnIG5vdCBhc3NvY2lhdGVkIHdp dGgNCiAgIEREUCBTdHJlYW0sIFtSRkM1MDQxXQ0KDQogICAweDEvMHgxLzB4MDMsIFRhZ2dlZCBC dWZmZXIgRXJyb3IgLyBUYWdnZWQgT2Zmc2V0IHdyYXAsIFtSRkM1MDQxXQ0KDQogICAweDEvMHgx LzB4MDQsIFRhZ2dlZCBCdWZmZXIgRXJyb3IgLyBJbnZhbGlkIEREUCB2ZXJzaW9uLCBbUkZDNTA0 MV0NCg0KICAgMHgxLzB4Mi8weDAxLCBVbnRhZ2dlZCBCdWZmZXIgRXJyb3IgLyBJbnZhbGlkIFF1 ZXVlIE51bWJlciwNCiAgIFtSRkM1MDQxXQ0KDQogICAweDEvMHgyLzB4MDIsIFVudGFnZ2VkIEJ1 ZmZlciBFcnJvciAvIEludmFsaWQgTWVzc2FnZSBTZXF1ZW5jZQ0KICAgTnVtYmVyIC0gbm8gYnVm ZmVyIGF2YWlsYWJsZSwgW1JGQzUwNDFdDQoNCiAgIDB4MS8weDIvMHgwMywgVW50YWdnZWQgQnVm ZmVyIEVycm9yIC8gSW52YWxpZCBNZXNzYWdlIFNlcXVlbmNlDQogICBOdW1iZXIgLSBNZXNzYWdl IFNlcXVlbmNlIE51bWJlciByYW5nZSBpcyBub3QgdmFsaWQsIFtSRkM1MDQxXQ0KDQoNCg0KS28g YW5kIEJsYWNrICAgICAgICAgICAgICBFeHBpcmVzIEFwcmlsIDIwMTIgICAgICAgICAgICAgICAg ICBbUGFnZSA1XQ0KDA0KSW50ZXJuZXQtRHJhZnQgICAgICAgSUFOQSBDb25zaWRlcmF0aW9ucyBm b3IgUkREUCAgICAgICAgT2N0b2JlciAyMDExDQoNCiAgIDB4MS8weDIvMHgwNCwgVW50YWdnZWQg QnVmZmVyIEVycm9yIC8gSW52YWxpZCBNZXNzYWdlIE9mZnNldCwNCiAgIFtSRkM1MDQxXQ0KDQog ICAweDEvMHgyLzB4MDUsIFVudGFnZ2VkIEJ1ZmZlciBFcnJvciAvIEREUCBNZXNzYWdlIHRvbyBs b25nIGZvcg0KICAgYXZhaWxhYmxlIGJ1ZmZlciwgW1JGQzUwNDFdDQoNCiAgIDB4MS8weDIvMHgw NiwgVW50YWdnZWQgQnVmZmVyIEVycm9yIC8gSW52YWxpZCBERFAgdmVyc2lvbiwNCiAgIFtSRkM1 MDQxXQ0KDQogICAweDEvMHgzLCBSZXNlcnZlZCBmb3IgdXNlIGJ5IExvd2VyIExheWVyIFByb3Rv Y29sLCBbUkZDNTA0MV0NCg0KICAgQWxsIGNvbWJpbmF0aW9ucyBub3QgbGlzdGVkIGFib3ZlIHRo YXQgY29tYmluZSAweDEgYXMgdGhlIExheWVyIHdpdGgNCiAgIGFuIEVycm9yIFR5cGUgYW5kIEVy cm9yIENvZGUgYXJlIFVuYXNzaWduZWQgYW5kIGF2YWlsYWJsZSB0byBJQU5BDQogICBmb3IgYXNz aWdubWVudC4NCg0KICAgQWxsb2NhdGlvbiBQb2xpY3k6IFN0YW5kYXJkcyBBY3Rpb24gKFtSRkM1 MjI2XSkNCg0KDQoNCg0KDQoNCg0KDQoNCg0KDQoNCg0KDQoNCg0KDQoNCg0KDQoNCg0KDQoNCg0K DQoNCg0KDQoNCg0KDQoNCktvIGFuZCBCbGFjayAgICAgICAgICAgICAgRXhwaXJlcyBBcHJpbCAy MDEyICAgICAgICAgICAgICAgICAgW1BhZ2UgNl0NCgwNCkludGVybmV0LURyYWZ0ICAgICAgIElB TkEgQ29uc2lkZXJhdGlvbnMgZm9yIFJERFAgICAgICAgIE9jdG9iZXIgMjAxMQ0KDQozLjMgIE1Q QSBFcnJvcnMNCg0KICAgTmFtZSBvZiB0aGUgcmVnaXN0cnk6ICJNUEEgRXJyb3JzIg0KDQogICBO YW1lc3BhY2UgZGV0YWlsczogQW4gTVBBIChNYXJrZXIgUERVIEFsaWduZWQgRnJhbWluZyBmb3Ig VENQKSBlcnJvcg0KICAgaXMgYSAxNiBiaXQgZmllbGQgZGl2aWRlZCBpbnRvIHRocmVlIHN1YmZp ZWxkcyBbUkZDNTA0NF06DQogICAgICBvIDQtYml0IExheWVyLCBNVVNUIGJlIDB4MiBmb3IgTVBB IGVycm9ycw0KICAgICAgbyA0LWJpdCBFcnJvciBUeXBlDQogICAgICBvIDgtYml0IEVycm9yIENv ZGUNCiAgIFRoZSBFcnJvciBDb2RlIGZpZWxkIGlzIFJFUVVJUkVEIGZvciB0aGlzIHJlZ2lzdHJ5 Lg0KDQogICBJbmZvcm1hdGlvbiB0aGF0IG11c3QgYmUgcHJvdmlkZWQgdG8gYXNzaWduIGEgbmV3 IHZhbHVlOiBBbiBJRVNHLQ0KICAgYXBwcm92ZWQgc3RhbmRhcmRzLXRyYWNrIHNwZWNpZmljYXRp b24gZGVmaW5pbmcgdGhlIHNlbWFudGljcyBhbmQNCiAgIGludGVyb3BlcmFiaWxpdHkgcmVxdWly ZW1lbnRzIG9mIHRoZSBwcm9wb3NlZCBuZXcgdmFsdWUgYW5kIHRoZQ0KICAgZmllbGRzIHRvIGJl IHJlY29yZGVkIGluIHRoZSByZWdpc3RyeS4NCg0KICAgQXNzaWdubWVudCBwb2xpY3k6IElmIHRo ZSByZXF1ZXN0ZWQgdmFsdWUgaXMgbm90IGFscmVhZHkgYXNzaWduZWQsDQogICBpdCBtYXkgYmUg YXNzaWduZWQgdG8gdGhlIHJlcXVlc3Rlci4NCg0KICAgRmllbGRzIHRvIHJlY29yZCBpbiB0aGUg cmVnaXN0cnk6IExheWVyL0Vycm9yLVR5cGUvRXJyb3ItQ29kZSwNCiAgIEVycm9yLVR5cGUtTmFt ZS9FcnJvci1Db2RlLU5hbWUsIFJGQyBSZWZlcmVuY2UuDQoNCiAgIEluaXRpYWwgcmVnaXN0cnkg Y29udGVudHM6DQoNCiAgIDB4Mi8weDAvMHgwMSwgTVBBIEVycm9yIC8gVENQIGNvbm5lY3Rpb24g Y2xvc2VkLCB0ZXJtaW5hdGVkLCBvcg0KICAgbG9zdCwgW1JGQzUwNDRdDQoNCiAgIDB4Mi8weDAv MHgwMiwgTVBBIEVycm9yIC8gTVBBIENSQyBFcnJvciwgW1JGQzUwNDRdDQoNCiAgIDB4Mi8weDAv MHgwMywgTVBBIEVycm9yIC8gTVBBIE1hcmtlciBhbmQgVUxQRFUgTGVuZ3RoIGZpZWxkDQogICBt aXNtYXRjaCwgW1JGQzUwNDRdDQoNCiAgIDB4Mi8weDAvMHgwNCwgTVBBIEVycm9yIC8gSW52YWxp ZCBNUEEgUmVxdWVzdCBGcmFtZSBvciBNUEENCiAgIFJlc3BvbnNlIEZyYW1lLCBbUkZDNTA0NF0N Cg0KICAgQWxsIGNvbWJpbmF0aW9ucyBub3QgbGlzdGVkIGFib3ZlIHRoYXQgY29tYmluZSAweDIg YXMgdGhlIExheWVyIHdpdGgNCiAgIGFuIEVycm9yIFR5cGUgYW5kIEVycm9yIENvZGUgYXJlIFVu YXNzaWduZWQgYW5kIGF2YWlsYWJsZSB0byBJQU5BDQogICBmb3IgYXNzaWdubWVudC4NCg0KICAg QWxsb2NhdGlvbiBQb2xpY3k6IFN0YW5kYXJkcyBBY3Rpb24gKFtSRkM1MjI2XSkNCg0KDQoNCg0K DQoNCg0KDQoNCktvIGFuZCBCbGFjayAgICAgICAgICAgICAgRXhwaXJlcyBBcHJpbCAyMDEyICAg ICAgICAgICAgICAgICAgW1BhZ2UgN10NCgwNCkludGVybmV0LURyYWZ0ICAgICAgIElBTkEgQ29u c2lkZXJhdGlvbnMgZm9yIFJERFAgICAgICAgIE9jdG9iZXIgMjAxMQ0KDQozLjQgIFJETUFQIE1l c3NhZ2UgT3BlcmF0aW9uIENvZGVzDQoNCiAgIE5hbWUgb2YgdGhlIHJlZ2lzdHJ5OiAiUkRNQVAg TWVzc2FnZSBPcGVyYXRpb24gQ29kZXMiDQoNCiAgIE5hbWVzcGFjZSBkZXRhaWxzOiBSRE1BUCBP cGVyYXRpb24gQ29kZXMgYXJlIDQtYml0IHZhbHVlcyBbUkZDNTA0MF0uDQoNCiAgIEluZm9ybWF0 aW9uIHRoYXQgbXVzdCBiZSBwcm92aWRlZCB0byBhc3NpZ24gYSBuZXcgdmFsdWU6IEFuIElFU0ct DQogICBhcHByb3ZlZCBzdGFuZGFyZHMtdHJhY2sgc3BlY2lmaWNhdGlvbiBkZWZpbmluZyB0aGUg c2VtYW50aWNzIGFuZA0KICAgaW50ZXJvcGVyYWJpbGl0eSByZXF1aXJlbWVudHMgb2YgdGhlIHBy b3Bvc2VkIG5ldyB2YWx1ZSBhbmQgdGhlDQogICBmaWVsZHMgdG8gYmUgcmVjb3JkZWQgaW4gdGhl IHJlZ2lzdHJ5Lg0KDQogICBBc3NpZ25tZW50IHBvbGljeTogSWYgdGhlIHJlcXVlc3RlZCB2YWx1 ZSBpcyBub3QgYWxyZWFkeSBhc3NpZ25lZCwNCiAgIGl0IG1heSBiZSBhc3NpZ25lZCB0byB0aGUg cmVxdWVzdGVyLg0KDQogICBGaWVsZHMgdG8gcmVjb3JkIGluIHRoZSByZWdpc3RyeTogUkRNQVAg TWVzc2FnZSBPcGVyYXRpb24gQ29kZSwNCiAgIE1lc3NhZ2UgVHlwZSwgUkZDIFJlZmVyZW5jZQ0K DQogICBJbml0aWFsIHJlZ2lzdHJ5IGNvbnRlbnRzOg0KDQogICAweDAsIFJETUEgV3JpdGUsIFtS RkM1MDQwXQ0KDQogICAweDEsIFJETUEgUmVhZCBSZXF1ZXN0LCBbUkZDNTA0MF0NCg0KICAgMHgy LCBSRE1BIFJlYWQgUmVzcG9uc2UsIFtSRkM1MDQwXQ0KDQogICAweDMsIFNlbmQsIFtSRkM1MDQw XQ0KDQogICAweDQsIFNlbmQgd2l0aCBJbnZhbGlkYXRlLCBbUkZDNTA0MF0NCg0KICAgMHg1LCBT ZW5kIHdpdGggU29saWNpdGVkIEV2ZW50LCBbUkZDNTA0MF0NCg0KICAgMHg2LCBTZW5kIHdpdGgg U29saWNpdGVkIEV2ZW50IGFuZCBJbnZhbGlkYXRlLCBbUkZDNTA0MF0NCg0KICAgMHg3LCBUZXJt aW5hdGUsIFtSRkM1MDQwXQ0KDQogICBBbGwgb3RoZXIgdmFsdWVzIGFyZSBVbmFzc2lnbmVkIGFu ZCBhdmFpbGFibGUgdG8gSUFOQSBmb3IgYXNzaWdubWVudC4NCg0KICAgQWxsb2NhdGlvbiBQb2xp Y3k6IFN0YW5kYXJkcyBBY3Rpb24gKFtSRkM1MjI2XSkNCg0KDQoNCg0KDQoNCg0KDQoNCg0KDQpL byBhbmQgQmxhY2sgICAgICAgICAgICAgIEV4cGlyZXMgQXByaWwgMjAxMiAgICAgICAgICAgICAg ICAgIFtQYWdlIDhdDQoMDQpJbnRlcm5ldC1EcmFmdCAgICAgICBJQU5BIENvbnNpZGVyYXRpb25z IGZvciBSRERQICAgICAgICBPY3RvYmVyIDIwMTENCg0KMy41ICBTQ1RQIEZ1bmN0aW9uIENvZGVz IGZvciBERFAgU3RyZWFtIFNlc3Npb24gQ29udHJvbA0KDQogICBOYW1lIG9mIHRoZSByZWdpc3Ry eTogIlNDVFAgRnVuY3Rpb24gQ29kZXMgZm9yIEREUCBTZXNzaW9uIENvbnRyb2wiDQoNCiAgIE5h bWVzcGFjZSBkZXRhaWxzOiBTQ1RQIChTdHJlYW0gQ29udHJvbCBUcmFuc21pc3Npb24gUHJvdG9j b2wpDQogICBmdW5jdGlvbiBjb2RlcyBmb3IgRERQIHNlc3Npb24gY29udHJvbCBhcmUgMTYtYml0 IHZhbHVlcyBbUkZDNTA0M10uDQoNCiAgIEluZm9ybWF0aW9uIHRoYXQgbXVzdCBiZSBwcm92aWRl ZCB0byBhc3NpZ24gYSBuZXcgdmFsdWU6IEFuIElFU0ctDQogICBhcHByb3ZlZCBzdGFuZGFyZHMt dHJhY2sgc3BlY2lmaWNhdGlvbiBkZWZpbmluZyB0aGUgc2VtYW50aWNzIGFuZA0KICAgaW50ZXJv cGVyYWJpbGl0eSByZXF1aXJlbWVudHMgb2YgdGhlIHByb3Bvc2VkIG5ldyB2YWx1ZSBhbmQgdGhl DQogICBmaWVsZHMgdG8gYmUgcmVjb3JkZWQgaW4gdGhlIHJlZ2lzdHJ5Lg0KDQogICBBc3NpZ25t ZW50IHBvbGljeTogSWYgdGhlIHJlcXVlc3RlZCB2YWx1ZSBpcyBub3QgYWxyZWFkeSBhc3NpZ25l ZCwNCiAgIGl0IG1heSBiZSBhc3NpZ25lZCB0byB0aGUgcmVxdWVzdGVyLg0KDQogICBGaWVsZHMg dG8gcmVjb3JkIGluIHRoZSByZWdpc3RyeTogU0NUUCBGdW5jdGlvbiBDb2RlLCBTQ1RQDQogICBG dW5jdGlvbiBOYW1lLCBSRkMgUmVmZXJlbmNlDQoNCiAgIEluaXRpYWwgcmVnaXN0cnkgY29udGVu dHM6DQoNCiAgIDB4MDAwMSwgRERQIFN0cmVhbSBTZXNzaW9uIEluaXRpYXRlLCBbUkZDNTA0M10N Cg0KICAgMHgwMDAyLCBERFAgU3RyZWFtIFNlc3Npb24gQWNjZXB0LCBbUkZDNTA0M10NCg0KICAg MHgwMDAzLCBERFAgU3RyZWFtIFNlc3Npb24gUmVqZWN0LCBbUkZDNTA0M10NCg0KICAgMHgwMDA0 LCBERFAgU3RyZWFtIFNlc3Npb24gVGVybWluYXRlLCBbUkZDNTA0M10NCg0KICAgQWxsIG90aGVy IHZhbHVlcyBhcmUgVW5hc3NpZ25lZCBhbmQgYXZhaWxhYmxlIHRvIElBTkEgZm9yIGFzc2lnbm1l bnQuDQoNCiAgIEFsbG9jYXRpb24gUG9saWN5OiBTdGFuZGFyZHMgQWN0aW9uIChbUkZDNTIyNl0p DQoNCg0KDQoNCg0KDQoNCg0KDQoNCg0KDQoNCg0KDQoNCg0KDQpLbyBhbmQgQmxhY2sgICAgICAg ICAgICAgIEV4cGlyZXMgQXByaWwgMjAxMiAgICAgICAgICAgICAgICAgIFtQYWdlIDldDQoMDQpJ bnRlcm5ldC1EcmFmdCAgICAgICBJQU5BIENvbnNpZGVyYXRpb25zIGZvciBSRERQICAgICAgICBP Y3RvYmVyIDIwMTENCg0KNC4gTm9ybWF0aXZlIFJlZmVyZW5jZXMNCg0KICAgW1JGQzIxMTldIFMu IEJyYWRuZXIsICJLZXkgV29yZHMgZm9yIHVzZSBpbiBSRkNzIHRvIEluZGljYXRlDQogICAgICAg UmVxdWlyZW1lbnQgTGV2ZWxzIiwgQkNQIDE0LCBSRkMgMjExOSwgTWFyY2ggMTk5Ny4NCg0KICAg W1JGQzUwNDBdIFIuIFJlY2lvIGV0IGFsLiwgIkFuIFJETUEgUHJvdG9jb2wgU3BlY2lmaWNhdGlv biIsDQogICAgICAgUkZDIDUwNDAsIE9jdG9iZXIgMjAwNy4NCg0KICAgW1JGQzUwNDFdIEguIFNo YWggZXQgYWwuLCAiRGlyZWN0IERhdGEgUGxhY2VtZW50IG92ZXIgUmVsaWFibGUNCiAgICAgICBU cmFuc3BvcnRzIiwgUkZDIDUwNDEsIE9jdG9iZXIgMjAwNy4NCg0KICAgW1JGQzUwNDNdIEMuIEJl c3RsZXIgZXQgYWwuLCAiU3RyZWFtIENvbnRyb2wgVHJhbnNtaXNzaW9uIFByb3RvY29sDQogICAg ICAgKFNDVFApIERpcmVjdCBEYXRhIFBsYWNlbWVudCAoRERQKSBBZGFwdGF0aW9uIiwgUkZDIDUw NDMsDQogICAgICAgT2N0b2JlciAyMDA3Lg0KDQogICBbUkZDNTA0NF0gUC4gQ3VsbGV5IGV0IGFs LiwgIk1hcmtlciBQRFUgQWxpZ25lZCBGcmFtaW5nIGZvciBUQ1ANCiAgICAgICBTcGVjaWZpY2F0 aW9uIiwgUkZDIDUwNDQsIE9jdG9iZXIgMjAwNy4NCg0KICAgW1JGQzUyMjZdIFQuIE5hcnRlbiBh bmQgSC4gQWx2ZXN0cmFuZCwgIkd1aWRlbGluZXMgZm9yIFdyaXRpbmcNCiAgICAgICBhbiBJQU5B IENvbnNpZGVyYXRpb25zIFNlY3Rpb24gaW4gUkZDcyIsIFJGQyA1MjI2LCBCQ1AgMjYsDQogICAg ICAgTWF5IDIwMDguDQoNCjUuIEluZm9ybWF0aXZlIFJlZmVyZW5jZXMNCg0KICAgW01QQS1QRUVS XSBBLiBLYW5ldnNreSwgZXQgYWwuLCAiRW5oYW5jZWQgUkRNQSBDb25uZWN0aW9uDQogICAgICAg RXN0YWJsaXNobWVudCIsIGRyYWZ0LWlldGYtc3Rvcm0tbXBhLXBlZXItY29ubmVjdC0wNywgd29y aw0KICAgICAgIGluIHByb2dyZXNzLCBTZXB0ZW1iZXIgMjAxMS4NCg0KICAgW1JETUFQLUVYVF0g SC4gU2hhaCwgZXQgYWwuLCAiUkRNQSBQcm90b2NvbCBFeHRlbnNpb25zIiwNCiAgICAgICBkcmFm dC1pZXRmLXN0b3JtLXJkbWFwLWV4dC0wMSwgd29yayBpbiBwcm9ncmVzcywgSnVseSAyMDExLg0K DQoNCjYuIEFja25vd2xlZGdtZW50cw0KDQogICBUQkQNCg0KDQoNCg0KDQoNCg0KDQoNCg0KDQoN Cg0KDQpLbyBhbmQgQmxhY2sgICAgICAgICAgICAgIEV4cGlyZXMgQXByaWwgMjAxMiAgICAgICAg ICAgICAgICAgW1BhZ2UgMTBdDQoMDQpJbnRlcm5ldC1EcmFmdCAgICAgICBJQU5BIENvbnNpZGVy YXRpb25zIGZvciBSRERQICAgICAgICBPY3RvYmVyIDIwMTENCg0KQXV0aG9yJ3MgQWRkcmVzcw0K DQogICBNaWNoYWVsIEtvDQogICBIdWF3ZWkgU3ltYW50ZWMNCiAgIDIwMjQ1IFN0ZXZlbnMgQ3Jl ZWsgQmx2ZC4NCiAgIEN1cGVydGlubywgQ0EgOTUwMTQsIFVTQQ0KICAgUGhvbmU6ICsxLTQwOC01 MTAtNzQ2NQ0KICAgRW1haWw6IG1pY2hhZWxAaHVhd2Vpc3ltYW50ZWMuY29tDQoNCiAgIERhdmlk IEwuIEJsYWNrDQogICBFTUMgQ29ycG9yYXRpb24NCiAgIDE3NiBTb3V0aCBTdC4NCiAgIEhvcGtp bnRvbiwgTUEgIDAxNzQ4LCBVU0ENCiAgIFBob25lOiArMS01MDgtMjkzLTc5NTMNCiAgIEVtYWls OiBkYXZpZC5ibGFja0BlbWMuY29tDQoNCg0KQ29weXJpZ2h0IE5vdGljZQ0KDQogICBDb3B5cmln aHQgKGMpIDIwMTEgSUVURiBUcnVzdCBhbmQgdGhlIHBlcnNvbnMgaWRlbnRpZmllZCBhcyB0aGUN CiAgIGRvY3VtZW50IGF1dGhvcnMuIEFsbCByaWdodHMgcmVzZXJ2ZWQuDQoNCiAgIFRoaXMgZG9j dW1lbnQgaXMgc3ViamVjdCB0byBCQ1AgNzggYW5kIHRoZSBJRVRGIFRydXN0J3MgTGVnYWwNCiAg IFByb3Zpc2lvbnMgUmVsYXRpbmcgdG8gSUVURiBEb2N1bWVudHMgKGh0dHA6Ly90cnVzdGVlLmll dGYub3JnLw0KICAgbGljZW5zZS1pbmZvKSBpbiBlZmZlY3Qgb24gdGhlIGRhdGUgb2YgcHVibGlj YXRpb24gb2YgdGhpcyBkb2N1bWVudC4NCiAgIFBsZWFzZSByZXZpZXcgdGhlc2UgZG9jdW1lbnRz IGNhcmVmdWxseSwgYXMgdGhleSBkZXNjcmliZSB5b3VyDQogICByaWdodHMgYW5kIHJlc3RyaWN0 aW9ucyB3aXRoIHJlc3BlY3QgdG8gdGhpcyBkb2N1bWVudC4gIENvZGUNCiAgIENvbXBvbmVudHMg ZXh0cmFjdGVkIGZyb20gdGhpcyBkb2N1bWVudCBtdXN0IGluY2x1ZGUgU2ltcGxpZmllZA0KICAg QlNEIExpY2Vuc2UgdGV4dCBhcyBkZXNjcmliZWQgaW4gU2VjdGlvbiA0LmUgb2YgdGhlIFRydXN0 IExlZ2FsDQogICBQcm92aXNpb25zIGFuZCBhcmUgcHJvdmlkZWQgd2l0aG91dCB3YXJyYW50eSBh cyBkZXNjcmliZWQgaW4gdGhlDQogICBTaW1wbGlmaWVkIEJTRCBMaWNlbnNlLg0KDQoNCg0KDQoN Cg0KDQoNCg0KDQoNCg0KDQoNCg0KDQoNCg0KS28gYW5kIEJsYWNrICAgICAgICAgICAgICBFeHBp cmVzIEFwcmlsIDIwMTIgICAgICAgICAgICAgICAgIFtQYWdlIDExXSAMDA0K --_002_7C4DFCE962635144B8FAE8CA11D0BF1E058D073893MX14Acorpemcc_-- From david.black@emc.com Wed Oct 19 15:04:43 2011 Return-Path: X-Original-To: storm@ietfa.amsl.com Delivered-To: storm@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ECEE611E80AC for ; Wed, 19 Oct 2011 15:04:43 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -105.779 X-Spam-Level: X-Spam-Status: No, score=-105.779 tagged_above=-999 required=5 tests=[AWL=0.820, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MwaCfBnIL5S3 for ; Wed, 19 Oct 2011 15:04:42 -0700 (PDT) Received: from mexforward.lss.emc.com (mexforward.lss.emc.com [128.222.32.20]) by ietfa.amsl.com (Postfix) with ESMTP id 8C97D11E808A for ; Wed, 19 Oct 2011 15:04:42 -0700 (PDT) Received: from hop04-l1d11-si02.isus.emc.com (HOP04-L1D11-SI02.isus.emc.com [10.254.111.55]) by mexforward.lss.emc.com (Switch-3.4.3/Switch-3.4.3) with ESMTP id p9JM4c8j020949 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 19 Oct 2011 18:04:38 -0400 Received: from mailhub.lss.emc.com (mailhub.lss.emc.com [10.254.222.130]) by hop04-l1d11-si02.isus.emc.com (RSA Interceptor); Wed, 19 Oct 2011 18:04:23 -0400 Received: from mxhub14.corp.emc.com (mxhub14.corp.emc.com [128.221.56.103]) by mailhub.lss.emc.com (Switch-3.4.3/Switch-3.4.3) with ESMTP id p9JM4NK1030608; Wed, 19 Oct 2011 18:04:23 -0400 Received: from mx14a.corp.emc.com ([169.254.1.78]) by mxhub14.corp.emc.com ([128.221.56.103]) with mapi; Wed, 19 Oct 2011 18:04:23 -0400 From: To: , Date: Wed, 19 Oct 2011 18:04:20 -0400 Thread-Topic: New IPsec security text for iSCSI Thread-Index: AcyHe94FZEUv7+U5SFqYK2vwz++PxAHLDkpA Message-ID: <7C4DFCE962635144B8FAE8CA11D0BF1E058D073AB1@MX14A.corp.emc.com> References: In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: yes X-MS-TNEF-Correlator: acceptlanguage: en-US Content-Type: multipart/mixed; boundary="_002_7C4DFCE962635144B8FAE8CA11D0BF1E058D073AB1MX14Acorpemcc_" MIME-Version: 1.0 X-EMM-MHVC: 1 Subject: [storm] New IPsec security text for iSCSI X-BeenThere: storm@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Storage Maintenance WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 Oct 2011 22:04:44 -0000 --_002_7C4DFCE962635144B8FAE8CA11D0BF1E058D073AB1MX14Acorpemcc_ Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable The attached text file contains the new security text for the iSCSI consoli= dated draft, with differences marked against the -03 version of that draft. The = primary changes are to rewrite the IPsec requirements as previously announced: - MUST implement IPsec, 2400-series RFCs (IPsec v2, IKEv1). - SHOULD implement IPsec, 4300-series RFCs (IPsec v3, IKEv2). In addition, I have made the following three IPsec requirements changes tha= t seemed appropriate - an important purpose of this message is to solicit comments o= n them (including any objections): 1) If IKEv2 is supported, then AES GCM SHOULD be implemented. AES GCM is (IMHO) a better choice than the combination of AES CBC MAC with XCBC and AES CTR, but I did not remove the SHOULD recommendations for the latter two (FWIW, both of these SHOULD be implemented for IKEv2, see RFC 4307). 2) For implementations expected to operate at 1Gbps or greater: If ESPv3 (part of IPsec v3) is implemented, extended (64-bit) sequence numbers MUST be implemented and SHOULD be used (RFC 3720 indicated that this requirement was coming, so here it is ...). 3) DES MUST NOT be used (RFC 3720 specified that DES SHOULD NOT be used). The reason for this change should be obvious ;-). I also added a paragraph to indicate that determination of which versions o= f IPsec are supported by a target is out of scope, but if both initiator and target= support both IPsec v2 and v3, then use of v3 is recommended [lower case, this is de= liberate]. Note that RFC 3723 needs to be added to the list of RFCs that are updated b= y the iSCSI consolidated draft. There will be a number of references that will n= eed to be added - I didn't put those into the attached text file. Thanks, --David ---------------------------------------------------- David L. Black, Distinguished Engineer EMC Corporation, 176 South St., Hopkinton, MA=A0 01748 +1 (508) 293-7953=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 FAX: +1 (508) 293-778= 6 david.black@emc.com=A0=A0=A0=A0=A0=A0=A0 Mobile: +1 (978) 394-7754 ---------------------------------------------------- --_002_7C4DFCE962635144B8FAE8CA11D0BF1E058D073AB1MX14Acorpemcc_ Content-Type: text/plain; name="iSCSI Cons new security.txt" Content-Description: iSCSI Cons new security.txt Content-Disposition: attachment; filename="iSCSI Cons new security.txt"; size=11354; creation-date="Wed, 19 Oct 2011 16:28:53 GMT"; modification-date="Wed, 19 Oct 2011 17:43:25 GMT" Content-Transfer-Encoding: base64 LT4gQWRkIDM3MjMgdG8gdGhlIGxpc3Qgb2YgUkZDcyB1cGRhdGVkIGJ5IHRoZSBjb25zb2xpZGF0 ZWQgaVNDU0kgZHJhZnQuDQoNCjkuMy4gSVBzZWMNCg0KICAgaVNDU0kgdXNlcyB0aGUgSVBzZWMg bWVjaGFuaXNtIGZvciBwYWNrZXQgcHJvdGVjdGlvbg0KICAgKGNyeXB0b2dyYXBoaWMgaW50ZWdy aXR5LCBhdXRoZW50aWNhdGlvbiwgYW5kIGNvbmZpZGVudGlhbGl0eSkgYXQNCiAgIHRoZSBJUCBs ZXZlbCBiZXR3ZWVuIHRoZSBpU0NTSSBjb21tdW5pY2F0aW5nIGVuZCBwb2ludHMuIFRoZQ0KICAg Zm9sbG93aW5nIHNlY3Rpb25zIGRlc2NyaWJlIHRoZSBJUHNlYyBwcm90b2NvbHMgdGhhdCBtdXN0 IGJlDQogICBpbXBsZW1lbnRlZCBmb3IgZGF0YSBpbnRlZ3JpdHkgYW5kIGF1dGhlbnRpY2F0aW9u LA0KICAgY29uZmlkZW50aWFsaXR5LCBhbmQgY3J5cHRvZ3JhcGhpYyBrZXkgbWFuYWdlbWVudC4N Cg0KICAgQW4gaVNDU0kgaW5pdGlhdG9yIG9yIHRhcmdldCBtYXkgcHJvdmlkZSB0aGUgcmVxdWly ZWQgSVBzZWMNCiAgIHN1cHBvcnQgZnVsbHkgaW50ZWdyYXRlZCBvciBpbiBjb25qdW5jdGlvbiB3 aXRoIGFuIElQc2VjIGZyb250LWVuZA0KICAgZGV2aWNlLiBJbiB0aGUgbGF0dGVyIGNhc2UsIHRo ZSBjb21wbGlhbmNlIHJlcXVpcmVtZW50cyB3aXRoDQogICByZWdhcmQgdG8gSVBzZWMgc3VwcG9y dCBhcHBseSB0byB0aGUgImNvbWJpbmVkIGRldmljZSIuIE9ubHkgdGhlDQogICAiY29tYmluZWQg ZGV2aWNlIiBpcyB0byBiZSBjb25zaWRlcmVkIGFuIGlTQ1NJIGRldmljZS4NCg0KICAgRGV0YWls ZWQgY29uc2lkZXJhdGlvbnMgYW5kIHJlY29tbWVuZGF0aW9ucyBmb3IgdXNpbmcgSVBzZWMgZm9y DQogICBpU0NTSSBhcmUgcHJvdmlkZWQgaW4gW1JGQzM3MjNdLg0KDQpORVcNCiAgIFRoaXMgZG9j dW1lbnQgdXBkYXRlcyBSRkMgMzcyMyB0byBhZGQgcmVxdWlyZW1lbnRzIGZvciBJUHNlYyB2Mw0K ICAgYXMgc3BlY2lmaWVkIGluIFtSRkM0MzAxXSBhbmQgcmVsYXRlZCBSRkNzLiAgVGhlIHJlcXVp cmVtZW50cyB0aGF0DQogICBJUHNlYyB2MiBhcyBzcGVjaWZpZWQgaW4gW1JGQzI0MDFdIGFuZCBy ZWxhdGVkIFJGQ3MgTVVTVCBiZSBpbXBsZW1lbnRlZA0KICAgYXJlIHVuY2hhbmdlZCBmcm9tIFtS RkMzNzIzXTsgdGhpcyBkb2N1bWVudCBhZGRzIHJlcXVpcmVtZW50cyB0aGF0DQogICBJUHNlYyB2 MyBhcyBzcGVjaWZpZWQgaW4gW1JGQzQzMDFdIGFuZCByZWxhdGVkIFJGQ3MgKGUuZy4sIElLRXYy DQogICBbUkZDNTk5Nl0pIFNIT1VMRCBiZSBpbXBsZW1lbnRlZC4gIFRoZSBtYW5kYXRvcnkgcmVx dWlyZW1lbnQgZm9yIElQc2VjDQogICB2MiBwcmVzZXJ2ZXMgaW50ZXJvcGVyYWJpbGl0eSB3aXRo IGV4aXN0aW5nIGltcGxlbWVudGF0aW9ucywgYW5kIHRoZQ0KICAgc3Ryb25nIHJlY29tbWVuZGF0 aW9uIGZvciBJUHNlYyB2MyBlbmNvdXJhZ2VzIGltcGxlbWVudGVycyB0byBtb3ZlDQogICBmb3J3 YXJkIHRvIHRoYXQgbmV3ZXIgdmVyc2lvbiBvZiBJUHNlYy4NCkVORA0KDQo5LjMuMS4gRGF0YSBJ bnRlZ3JpdHkgYW5kIEF1dGhlbnRpY2F0aW9uDQoNCiAgIERhdGEgYXV0aGVudGljYXRpb24gYW5k IGludGVncml0eSBpcyBwcm92aWRlZCBieSBhIGNyeXB0b2dyYXBoaWMNCiAgIGtleWVkIE1lc3Nh Z2UgQXV0aGVudGljYXRpb24gQ29kZSBpbiBldmVyeSBzZW50IHBhY2tldC4gVGhpcyBjb2RlDQog ICBwcm90ZWN0cyBhZ2FpbnN0IG1lc3NhZ2UgaW5zZXJ0aW9uLCBkZWxldGlvbiwgYW5kIG1vZGlm aWNhdGlvbi4NCiAgIFByb3RlY3Rpb24gYWdhaW5zdCBtZXNzYWdlIHJlcGxheSBpcyByZWFsaXpl ZCBieSB1c2luZyBhIHNlcXVlbmNlDQogICBjb3VudGVyLg0KDQpPTEQNCiAgIEFuIGlTQ1NJIGNv bXBsaWFudCBpbml0aWF0b3Igb3IgdGFyZ2V0IE1VU1QgcHJvdmlkZSBkYXRhIGludGVncml0eQ0K ICAgYW5kIGF1dGhlbnRpY2F0aW9uIGJ5IGltcGxlbWVudGluZyBJUHNlYyBbUkZDNDMwMV0gd2l0 aCBFU1ANCiAgIFtSRkM0MzAzXSBpbiB0dW5uZWwgbW9kZSBhbmQgTUFZIHByb3ZpZGUgZGF0YSBp bnRlZ3JpdHkgYW5kDQogICBhdXRoZW50aWNhdGlvbiBieSBpbXBsZW1lbnRpbmcgSVBzZWMgd2l0 aCBFU1AgaW4gdHJhbnNwb3J0IG1vZGUuDQpORVcNCiAgIEFuIGlTQ1NJIGNvbXBsaWFudCBpbml0 aWF0b3Igb3IgdGFyZ2V0IE1VU1QgcHJvdmlkZSBkYXRhIGludGVncml0eQ0KICAgYW5kIGF1dGhl bnRpY2F0aW9uIGJ5IGltcGxlbWVudGluZyBJUHNlYyB2MiBbUkZDMjQwMV0gd2l0aCBFU1B2Mg0K ICAgW1JGQzI0MDZdIGluIHR1bm5lbCBtb2RlLCBTSE9VTEQgcHJvdmlkZSBkYXRhIGludGVncml0 eSBhbmQNCiAgIGF1dGhlbnRpY2F0aW9uIGJ5IGltcGxlbWVudGluZyBJUHNlYyB2MyBbUkZDNDMw MV0gd2l0aCBFU1B2Mw0KICAgW1JGQzQzMDNdIGluIHR1bm5lbCBtb2RlLCBhbmQgTUFZIHByb3Zp ZGUgZGF0YSBpbnRlZ3JpdHkgYW5kDQogICBhdXRoZW50aWNhdGlvbiBieSBpbXBsZW1lbnRpbmcg ZWl0aGVyIElQc2VjIHYyIG9yIHYzIHdpdGggdGhlDQogICBhcHByb3ByaWF0ZSB2ZXJzaW9uIG9m IEVTUCBpbiB0cmFuc3BvcnQgbW9kZS4NCkVORA0KICAgVGhlIElQc2VjIGltcGxlbWVudGF0aW9u IE1VU1QgZnVsZmlsbCB0aGUgZm9sbG93aW5nIGlTQ1NJIHNwZWNpZmljDQogICByZXF1aXJlbWVu dHM6DQoNCiAgICAgLSBITUFDLVNIQTEgTVVTVCBiZSBpbXBsZW1lbnRlZCBbUkZDMjQwNF0uDQoN CiAgICAgLSBBRVMgQ0JDIE1BQyB3aXRoIFhDQkMgZXh0ZW5zaW9ucyBTSE9VTEQgYmUgaW1wbGVt ZW50ZWQNCiAgICAgICBbUkZDMzU2Nl0uDQpORVcNCiAgICAgLSBJbXBsZW1lbnRhdGlvbnMgdGhh dCBzdXBwb3J0IElLRXYyIFtSRkM1OTk2XSBTSE9VTEQgYWxzbw0KICAgICAgIGltcGxlbWVudCBB RVMgR0NNIFtSRkM0MTA2XS4NCkVORA0KDQogICBUaGUgRVNQIGFudGktcmVwbGF5IHNlcnZpY2Ug TVVTVCBhbHNvIGJlIGltcGxlbWVudGVkLg0KDQpPTEQNCiAgQXQgdGhlIGhpZ2ggc3BlZWRzIGlT Q1NJIGlzIGV4cGVjdGVkIHRvIG9wZXJhdGUsIGEgc2luZ2xlIElQc2VjIFNBDQogIGNvdWxkIHJh cGlkbHkgY3ljbGUgdGhyb3VnaCB0aGUgMzItYml0IElQc2VjIHNlcXVlbmNlIG51bWJlcg0KICBz cGFjZS4NCiAgSW4gdmlldyBvZiB0aGlzLCBhbiBpU0NTSSBpbXBsZW1lbnRhdGlvbiB0aGF0IG9w ZXJhdGVzIGF0IHNwZWVkcw0KICBvZiAxIEdicHMgb3IgZ3JlYXRlciBNVVNUIGltcGxlbWVudCB0 aGUgSVBzZWMgc2VxdWVuY2UgbnVtYmVyDQogIGV4dGVuc2lvbiBmb3IgYWxsIHN1cHBvcnRlZCB2 ZXJzaW9ucyBvZiBJUHNlYyAoW1JGQzQzMDNdIGFuZCBTSE9VTEQNCiAgdXNlIGl0IG9uIGlTQ1NJ IGNvbm5lY3Rpb25zLg0KTkVXDQogIEF0IHRoZSBoaWdoIHNwZWVkcyBpU0NTSSBpcyBleHBlY3Rl ZCB0byBvcGVyYXRlLCBhIHNpbmdsZSBJUHNlYyBTQQ0KICBjb3VsZCByYXBpZGx5IGN5Y2xlIHRo cm91Z2ggdGhlIEVTUCAzMi1iaXQgc2VxdWVuY2UgbnVtYmVyIHNwYWNlLg0KICBJbiB2aWV3IG9m IHRoaXMsIGFuIGlTQ1NJIGltcGxlbWVudGF0aW9uIHRoYXQgaXMgY2FwYWJsZSBvZiBvcGVyYXRp bmcNCiAgYXQgc3BlZWRzIG9mIDEgR2JwcyBhbmQgdGhhdCBpbXBsZW1lbnRzIGJvdGggSUtFdjIg W1JGQzU5OTZdIGFuZCBFU1B2Mw0KICBbUkZDNDMwM10gTVVTVCBhbHNvIGltcGxlbWVudCBleHRl bmRlZCAoNjQtYml0KSBzZXF1ZW5jZSBudW1iZXJzIGZvcg0KICBFU1B2MyBhbmQgU0hPVUxEIHVz ZSBFU1B2MyBleHRlbmRlZCBzZXF1ZW5jZSBudW1iZXJzIGZvciBhbGwgc2VjdXJpdHkNCiAgYXNz b2NpYXRpb25zIHRoYXQgdXNlIEVTUHYzIHRvIHByb3RlY3QgaVNDU0kgY29ubmVjdGlvbnMuDQpF TkQNCg0KOS4zLjIuIENvbmZpZGVudGlhbGl0eQ0KDQogIENvbmZpZGVudGlhbGl0eSBpcyBwcm92 aWRlZCBieSBlbmNyeXB0aW5nIHRoZSBkYXRhIGluIGV2ZXJ5DQogIHBhY2tldC4gV2hlbiBjb25m aWRlbnRpYWxpdHkgaXMgdXNlZCBpdCBNVVNUIGJlIGFjY29tcGFuaWVkIGJ5DQogIGRhdGEgaW50 ZWdyaXR5IGFuZCBhdXRoZW50aWNhdGlvbiB0byBwcm92aWRlIGNvbXByZWhlbnNpdmUNCiAgcHJv dGVjdGlvbiBhZ2FpbnN0IGVhdmVzZHJvcHBpbmcsIG1lc3NhZ2UgaW5zZXJ0aW9uLCBkZWxldGlv biwNCiAgbW9kaWZpY2F0aW9uLCBhbmQgcmVwbGF5aW5nLg0KDQpPTEQNCiAgQW4gaVNDU0kgY29t cGxpYW50IGluaXRpYXRvciBvciB0YXJnZXQgTVVTVCBwcm92aWRlDQogIGNvbmZpZGVudGlhbGl0 eSBieSBpbXBsZW1lbnRpbmcgSVBzZWMgW1JGQzQzMDFdIHdpdGggRVNQIFtSRkM0MzAzXQ0KICBp biB0dW5uZWwgbW9kZSBhbmQgTUFZIHByb3ZpZGUgY29uZmlkZW50aWFsaXR5IGJ5IGltcGxlbWVu dGluZw0KICBJUHNlYyB3aXRoIEVTUCBpbiB0cmFuc3BvcnQgbW9kZSwgd2l0aCB0aGUgZm9sbG93 aW5nIGlTQ1NJDQogIHNwZWNpZmljIHJlcXVpcmVtZW50czoNCk5FVw0KICBBbiBpU0NTSSBjb21w bGlhbnQgaW5pdGlhdG9yIG9yIHRhcmdldCBNVVNUIHByb3ZpZGUNCiAgY29uZmlkZW50aWFsaXR5 IGJ5IGltcGxlbWVudGluZyBJUHNlYyB2MiBbUkZDMjQwMV0gd2l0aCBFU1B2Mg0KICBbUkZDMjQw Nl0gaW4gdHVubmVsIG1vZGUsIFNIT1VMRCBwcm92aWRlIGNvbmZpZGVudGlhbGl0eSBieQ0KICBp bXBsZW1lbnRpbmcgSVBzZWMgdjMgW1JGQzQzMDFdIHdpdGggRVNQdjMgW1JGQzQzMDNdIA0KICBp biB0dW5uZWwgbW9kZSBhbmQgTUFZIHByb3ZpZGUgY29uZmlkZW50aWFsaXR5IGJ5IGltcGxlbWVu dGluZw0KICBlaXRoZXIgSVBzZWMgdjIgb3IgdjMgd2l0aCB0aGUgYXBwcm9wcmlhdGUgdmVyc2lv biBvZiBFU1AgaW4NCiAgdHJhbnNwb3J0IG1vZGUsIHdpdGggdGhlIGZvbGxvd2luZyBpU0NTSSBz cGVjaWZpYyByZXF1aXJlbWVudHMNCiAgdGhhdCBhcHBseSB0byBJUHNlYyB2MiBhbmQgSVBzZWMg djM6DQpFTkQNCg0KICAgICAtIDNERVMgaW4gQ0JDIG1vZGUgTVVTVCBiZSBpbXBsZW1lbnRlZCBb UkZDMjQ1MV0uDQoNCiAgICAgLSBBRVMgaW4gQ291bnRlciBtb2RlIFNIT1VMRCBiZSBpbXBsZW1l bnRlZCBbUkZDMzY4Nl0uDQoNCk5FVw0KICAgICAtIEltcGxlbWVudGF0aW9ucyB0aGF0IHN1cHBv cnQgSUtFdjIgW1JGQzU5OTZdIFNIT1VMRCBhbHNvDQogICAgICAgaW1wbGVtZW50IEFFUyBHQ00g W1JGQzQxMDZdLg0KRU5EDQoNCk9MRA0KICBERVMgaW4gQ0JDIG1vZGUgU0hPVUxEIE5PVCBiZSB1 c2VkIGR1ZSB0byBpdHMgaW5oZXJlbnQgd2Vha25lc3MuDQpORVcNCiAgREVTIGluIENCQyBtb2Rl IE1VU1QgTk9UIGJlIHVzZWQgZHVlIHRvIGl0cyBpbmhlcmVudCB3ZWFrbmVzcy4NCkVORA0KDQog IFRoZSBOVUxMIGVuY3J5cHRpb24gYWxnb3JpdGhtIE1VU1QgYWxzbyBiZSBpbXBsZW1lbnRlZC4N Cg0KOS4zLjMuIFBvbGljeSwgU2VjdXJpdHkgQXNzb2NpYXRpb25zLCBhbmQgQ3J5cHRvZ3JhcGhp YyBLZXkNCiAgICAgICAgTWFuYWdlbWVudA0KDQogIEEgY29tcGxpYW50IGlTQ1NJIGltcGxlbWVu dGF0aW9uIE1VU1QgbWVldCB0aGUgY3J5cHRvZ3JhcGhpYyBrZXkNCiAgbWFuYWdlbWVudCByZXF1 aXJlbWVudHMgb2YgdGhlIElQc2VjIHByb3RvY29sIHN1aXRlLg0KT0xEDQogIEF1dGhlbnRpY2F0 aW9uLCBzZWN1cml0eSBhc3NvY2lhdGlvbiBuZWdvdGlhdGlvbiwgYW5kDQogIGNyeXB0b2dyYXBo aWMga2V5IG1hbmFnZW1lbnQgTVVTVCBiZSBwcm92aWRlZCBieSBpbXBsZW1lbnRpbmcgSUtFDQog IFtSRkM1OTk2XSB1c2luZyB0aGUgSVBzZWMgRE9JIFtSRkM1OTk2XSB3aXRoIHRoZSBmb2xsb3dp bmcgaVNDU0kNCiAgc3BlY2lmaWMgcmVxdWlyZW1lbnRzOg0KTkVXDQogIEF1dGhlbnRpY2F0aW9u LCBzZWN1cml0eSBhc3NvY2lhdGlvbiBuZWdvdGlhdGlvbiwgYW5kDQogIGNyeXB0b2dyYXBoaWMg a2V5IG1hbmFnZW1lbnQgTVVTVCBiZSBwcm92aWRlZCBieSBpbXBsZW1lbnRpbmcgSUtFdjENCiAg W1JGQzI0MDldIHVzaW5nIHRoZSBJUHNlYyBET0kgW1JGQzI0MDddLCBhbmQgU0hPVUxEIGJlIHBy b3ZpZGVkIGJ5DQogIGltcGxlbWVudGluZyBJS0V2MiBbUkZDNTk5Nl0gd2l0aCB0aGUgZm9sbG93 aW5nIGlTQ1NJIHNwZWNpZmljDQogIHJlcXVpcmVtZW50cyB0aGF0IGFwcGx5IHRvIGJvdGggdmVy c2lvbnMgb2YgSUtFOg0KRU5EDQoNCk9MRA0KICAgICAtIFBlZXIgYXV0aGVudGljYXRpb24gdXNp bmcgYSBwcmUtc2hhcmVkIGNyeXB0b2dyYXBoaWMga2V5DQogICAgICAgTVVTVCBiZSBzdXBwb3J0 ZWQuIENlcnRpZmljYXRlLWJhc2VkIHBlZXIgYXV0aGVudGljYXRpb24NCiAgICAgICB1c2luZyBk aWdpdGFsIHNpZ25hdHVyZXMgTUFZIGJlIHN1cHBvcnRlZC4gUGVlcg0KICAgICAgYXV0aGVudGlj YXRpb24gdXNpbmcgdGhlIHB1YmxpYyBrZXkgZW5jcnlwdGlvbiBtZXRob2RzDQogICAgICBvdXRs aW5lZCBpbiBJS0Ugc2VjdGlvbnMgNS4yIGFuZCA1LjNbN10gU0hPVUxEIE5PVCBiZSB1c2VkLg0K TkVXDQogICAgIC0gUGVlciBhdXRoZW50aWNhdGlvbiB1c2luZyBhIHByZS1zaGFyZWQgY3J5cHRv Z3JhcGhpYyBrZXkNCiAgICAgICBNVVNUIGJlIHN1cHBvcnRlZC4gQ2VydGlmaWNhdGUtYmFzZWQg cGVlciBhdXRoZW50aWNhdGlvbg0KICAgICAgIHVzaW5nIGRpZ2l0YWwgc2lnbmF0dXJlcyBNQVkg YmUgc3VwcG9ydGVkLiBGb3IgSUtFdjEgW1JGQzI0MDldDQogICAgICAgcGVlciBhdXRoZW50aWNh dGlvbiB3aXRoIHB1YmxpYyBrZXkgZW5jcnlwdGlvbiAoc2VlIHNlY3Rpb25zDQogICAgICAgNS4y IGFuZCA1LjMgb2YgW1JGQzI0MDldKSBTSE9VTEQgTk9UIGJlIHVzZWQuDQpFTkQNCg0KICAgICAt IFdoZW4gZGlnaXRhbCBzaWduYXR1cmVzIGFyZSB1c2VkIHRvIGFjaGlldmUgYXV0aGVudGljYXRp b24sDQogICAgICAgYW4gSUtFIG5lZ290aWF0b3IgU0hPVUxEIHVzZSBJS0UgQ2VydGlmaWNhdGUg UmVxdWVzdA0KICAgICAgIFBheWxvYWQocykgdG8gc3BlY2lmeSB0aGUgY2VydGlmaWNhdGUgYXV0 aG9yaXR5LiBJS0UNCiAgICAgICBuZWdvdGlhdG9ycyBTSE9VTEQgY2hlY2sgdGhlIHBlcnRpbmVu dCBDZXJ0aWZpY2F0ZQ0KICAgICAgIFJldm9jYXRpb24gTGlzdCAoQ1JMKSBiZWZvcmUgYWNjZXB0 aW5nIGEgUEtJIGNlcnRpZmljYXRlIGZvcg0KICAgICAgIHVzZSBpbiBJS0UgYXV0aGVudGljYXRp b24gcHJvY2VkdXJlcy4NCg0KT0xEDQogICAgIC0gQ29uZm9ybWFudCBpU0NTSSBpbXBsZW1lbnRh dGlvbnMgTVVTVCBzdXBwb3J0IElLRSBNYWluIE1vZGUNCiAgICAgICBhbmQgU0hPVUxEIHN1cHBv cnQgQWdncmVzc2l2ZSBNb2RlLiBJS0UgbWFpbiBtb2RlIHdpdGggcHJlLQ0KICAgICAgIHNoYXJl ZCBrZXkgYXV0aGVudGljYXRpb24gbWV0aG9kIFNIT1VMRCBOT1QgYmUgdXNlZCB3aGVuDQogICAg ICAgZWl0aGVyIHRoZSBpbml0aWF0b3Igb3IgdGhlIHRhcmdldCB1c2VzIGR5bmFtaWNhbGx5IGFz c2lnbmVkDQogICAgICAgSVAgYWRkcmVzc2VzLiBXaGlsZSBpbiBtYW55IGNhc2VzIHByZS1zaGFy ZWQga2V5cyBvZmZlciBnb29kDQogICAgICAgc2VjdXJpdHksIHNpdHVhdGlvbnMgaW4gd2hpY2gg ZHluYW1pY2FsbHkgYXNzaWduZWQgYWRkcmVzc2VzDQogICAgICAgYXJlIHVzZWQgZm9yY2UgdGhl IHVzZSBvZiBhIGdyb3VwIHByZS1zaGFyZWQga2V5LCB3aGljaA0KICAgICAgIGNyZWF0ZXMgdnVs bmVyYWJpbGl0eSB0byBhIG1hbi1pbi10aGUtbWlkZGxlIGF0dGFjay4NCg0KICAgICAtIEluIHRo ZSBJS0UgUGhhc2UgMiBRdWljayBNb2RlLCBleGNoYW5nZXMgZm9yIGNyZWF0aW5nIHRoZQ0KICAg ICAgIFBoYXNlIDIgU0EsIHRoZSBJZGVudGl0eSBQYXlsb2FkLCBmaWVsZHMgTVVTVCBiZSBwcmVz ZW50Lg0KICAgICAgIElEX0lQVjRfQUREUiwgSURfSVBWNl9BRERSIChpZiB0aGUgcHJvdG9jb2wg c3RhY2sgc3VwcG9ydHMNCiAgICAgICBJUHY2KSBhbmQgSURfRlFETiBJZGVudGl0eSBwYXlsb2Fk cyBNVVNUIGJlIHN1cHBvcnRlZDsNCiAgICAgICBJRF9VU0VSX0ZRRE4gU0hPVUxEIGJlIHN1cHBv cnRlZC4gVGhlIElQIFN1Ym5ldCwgSVAgQWRkcmVzcw0KICAgICAgIFJhbmdlLCBJRF9ERVJfQVNO MV9ETiwgYW5kIElEX0RFUl9BU04xX0dOIGZvcm1hdHMgU0hPVUxEIE5PVA0KICAgICAgIGJlIHVz ZWQuIFRoZSBJRF9LRVlfSUQgSWRlbnRpdHkgUGF5bG9hZCBNVVNUIE5PVCBiZSB1c2VkLg0KTkVX DQogICAgIC0gQ29uZm9ybWFudCBpU0NTSSBpbXBsZW1lbnRhdGlvbnMgb2YgSUtFdjEgTVVTVCBz dXBwb3J0IE1haW4gTW9kZQ0KICAgICAgIGFuZCBTSE9VTEQgc3VwcG9ydCBBZ2dyZXNzaXZlIE1v ZGUuIE1haW4gTW9kZSB3aXRoIHByZS0NCiAgICAgICBzaGFyZWQga2V5IGF1dGhlbnRpY2F0aW9u IG1ldGhvZCBTSE9VTEQgTk9UIGJlIHVzZWQgd2hlbg0KICAgICAgIGVpdGhlciB0aGUgaW5pdGlh dG9yIG9yIHRoZSB0YXJnZXQgdXNlcyBkeW5hbWljYWxseSBhc3NpZ25lZA0KICAgICAgIElQIGFk ZHJlc3Nlcy4gV2hpbGUgaW4gbWFueSBjYXNlcyBwcmUtc2hhcmVkIGtleXMgb2ZmZXIgZ29vZA0K ICAgICAgIHNlY3VyaXR5LCBzaXR1YXRpb25zIGluIHdoaWNoIGR5bmFtaWNhbGx5IGFzc2lnbmVk IGFkZHJlc3Nlcw0KICAgICAgIGFyZSB1c2VkIGZvcmNlIHRoZSB1c2Ugb2YgYSBncm91cCBwcmUt c2hhcmVkIGtleSwgd2hpY2gNCiAgICAgICBjcmVhdGVzIHZ1bG5lcmFiaWxpdHkgdG8gYSBtYW4t aW4tdGhlLW1pZGRsZSBhdHRhY2suDQoNCiAgICAgLSBJbiB0aGUgSUtFdjEgUGhhc2UgMiBRdWlj ayBNb2RlLCBleGNoYW5nZXMgZm9yIGNyZWF0aW5nIHRoZQ0KICAgICAgIFBoYXNlIDIgU0EsIHRo ZSBJZGVudGlmaWNhdGlvbiBQYXlsb2FkIE1VU1QgYmUgcHJlc2VudC4NCg0KICAgIC0gVGhlIGZv bGxvd2luZyBpZGVudGlmaWNhdGlvbiB0eXBlIHJlcXVpcmVtZW50cyBhcHBseSB0byBJS0V2MS4N CiAgICAgICBJRF9JUFY0X0FERFIsIElEX0lQVjZfQUREUiAoaWYgdGhlIHByb3RvY29sIHN0YWNr IHN1cHBvcnRzDQogICAgICAgSVB2NikgYW5kIElEX0ZRRE4gSWRlbnRpZmljYXRpb24gVHlwZXMg TVVTVCBiZSBzdXBwb3J0ZWQ7DQogICAgICAgSURfVVNFUl9GUUROIFNIT1VMRCBiZSBzdXBwb3J0 ZWQuIFRoZSBJUCBTdWJuZXQsIElQIEFkZHJlc3MNCiAgICAgICBSYW5nZSwgSURfREVSX0FTTjFf RE4sIGFuZCBJRF9ERVJfQVNOMV9HTiBJZGVudGlmaWNhdGlvbiBUeXBlcw0KICAgICAgIFNIT1VM RCBOT1QgYmUgdXNlZC4gVGhlIElEX0tFWV9JRCBJZGVudGlmaWNhdGlvbiBUeXBlIE1VU1QgTk9U DQogICAgICAgYmUgdXNlZC4NCg0KICAgICAtIElmIElLRXYyIGlzIHN1cHBvcnRlZCwgdGhlIGZv bGxvd2luZyBpZGVudGlmaWNhdGlvbiByZXF1aXJlbWVudHMNCiAgICAgICBhcHBseS4gSURfSVBW NF9BRERSLCBJRF9JUFY2X0FERFIgKGlmIHRoZSBwcm90b2NvbCBzdGFjayBzdXBwb3J0cw0KICAg ICAgIElQdjYpIGFuZCBJRF9GUUROIElkZW50aWZpY2F0aW9uIFR5cGVzIE1VU1QgYmUgc3VwcG9y dGVkOw0KICAgICAgIElEX1JGQzgyMl9BRERSIFNIT1VMRCBiZSBzdXBwb3J0ZWQuIFRoZSBJRF9E RVJfQVNOMV9ETiwgYW5kDQogICAgICAgSURfREVSX0FTTjFfR04gSWRlbnRpZmljYXRpb24gVHlw ZXMgU0hPVUxEIE5PVCBiZSB1c2VkLiBUaGUNCiAgICAgICBJRF9LRVlfSUQgSWRlbnRpZmljYXRp b24gVHlwZSBNVVNUIE5PVCBiZSB1c2VkLg0KRU5EDQoNCiAgTWFudWFsIGNyeXB0b2dyYXBoaWMg a2V5aW5nIE1VU1QgTk9UIGJlIHVzZWQgYmVjYXVzZSBpdCBkb2VzIG5vdA0KICBwcm92aWRlIHRo ZSBuZWNlc3NhcnkgcmUta2V5aW5nIHN1cHBvcnQuDQoNCk9MRA0KICBXaGVuIElQc2VjIGlzIHVz ZWQsIHRoZSByZWNlaXB0IG9mIGFuIElLRSBQaGFzZSAyIGRlbGV0ZSBtZXNzYWdlDQogIFNIT1VM RCBOT1QgYmUgaW50ZXJwcmV0ZWQgYXMgYSByZWFzb24gZm9yIHRlYXJpbmcgZG93biB0aGUgaVND U0kNCiAgVENQIGNvbm5lY3Rpb24uIElmIGFkZGl0aW9uYWwgdHJhZmZpYyBpcyBzZW50IG9uIGl0 LCBhIG5ldyBJS0UNCiAgUGhhc2UgMiBTQSB3aWxsIGJlIGNyZWF0ZWQgdG8gcHJvdGVjdCBpdC4N Ck5FVw0KICBXaGVuIElQc2VjIGlzIHVzZWQsIHRoZSByZWNlaXB0IG9mIGFuIElLRXYxIFBoYXNl IDIgZGVsZXRlIG1lc3NhZ2UNCiAgb3IgYW4gSUtFdjIgSU5GT1JNQVRJT05BTCBleGNoYW5nZSB0 aGF0IGRlbGV0ZXMgdGhlIFNBDQogIFNIT1VMRCBOT1QgYmUgaW50ZXJwcmV0ZWQgYXMgYSByZWFz b24gZm9yIHRlYXJpbmcgZG93biB0aGUgaVNDU0kNCiAgVENQIGNvbm5lY3Rpb24uIElmIGFkZGl0 aW9uYWwgdHJhZmZpYyBpcyBzZW50IG9uIGl0LCBhIG5ldyBJS0UNCiAgUGhhc2UgMiBTQSB3aWxs IGJlIGNyZWF0ZWQgdG8gcHJvdGVjdCBpdC4NCkVORA0KDQogIFRoZSBtZXRob2QgdXNlZCBieSB0 aGUgaW5pdGlhdG9yIHRvIGRldGVybWluZSB3aGV0aGVyIHRoZSB0YXJnZXQNCiAgc2hvdWxkIGJl IGNvbm5lY3RlZCB1c2luZyBJUHNlYyBpcyByZWdhcmRlZCBhcyBhbiBpc3N1ZSBvZiBJUHNlYw0K ICBwb2xpY3kgYWRtaW5pc3RyYXRpb24sIGFuZCB0aHVzIG5vdCBkZWZpbmVkIGluIHRoZSBpU0NT SSBzdGFuZGFyZC4NCk5FVw0KICBUaGUgbWV0aG9kIHVzZWQgYnkgYW4gaW5pdGlhdG9yIHRoYXQg c3VwcG9ydHMgYm90aCBJUHNlYyB2MiBhbmQgdjMNCiAgdG8gZGV0ZXJtaW5lIHdoaWNoIHZlcnNp b25zIG9mIElQc2VjIGFyZSBzdXBwb3J0ZWQgYnkgdGhlIHRhcmdldA0KICBpcyBhbHNvIHJlZ2Fy ZGVkIGFzIGFuIGlzc3VlIG9mIElQc2VjIHBvbGljeSBhZG1pbmlzdHJhdGlvbiwgYW5kDQogIHRo dXMgbm90IGRlZmluZWQgaW4gdGhlIGlTQ1NJIHN0YW5kYXJkLiAgSWYgYm90aCBJUHNlYyB2MiBh bmQgdjMNCiAgYXJlIHN1cHBvcnRlZCBieSBib3RoIHRoZSBpbml0aWF0b3IgYW5kIHRhcmdldCwg dXNlIG9mIElQc2VjIHYzDQogIGlzIHJlY29tbWVuZGVkLg0KRU5EDQoNCiAgSWYgYW4gaVNDU0kg dGFyZ2V0IGlzIGRpc2NvdmVyZWQgdmlhIGEgU2VuZFRhcmdldHMgcmVxdWVzdCBpbiBhDQogIGRp c2NvdmVyeSBzZXNzaW9uIG5vdCB1c2luZyBJUHNlYywgdGhlIGluaXRpYXRvciBzaG91bGQgYXNz dW1lDQogIHRoYXQgaXQgZG9lcyBub3QgbmVlZCBJUHNlYyB0byBlc3RhYmxpc2ggYSBzZXNzaW9u IHRvIHRoYXQgdGFyZ2V0Lg0KICBJZiBhbiBpU0NTSSB0YXJnZXQgaXMgZGlzY292ZXJlZCB1c2lu ZyBhIGRpc2NvdmVyeSBzZXNzaW9uIHRoYXQNCiAgZG9lcyB1c2UgSVBzZWMsIHRoZSBpbml0aWF0 b3IgU0hPVUxEIHVzZSBJUHNlYyB3aGVuIGVzdGFibGlzaGluZyBhDQogIHNlc3Npb24gdG8gdGhh dCB0YXJnZXQuDQo= --_002_7C4DFCE962635144B8FAE8CA11D0BF1E058D073AB1MX14Acorpemcc_-- From internet-drafts@ietf.org Wed Oct 19 15:29:06 2011 Return-Path: X-Original-To: storm@ietfa.amsl.com Delivered-To: storm@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7794211E80B6; Wed, 19 Oct 2011 15:29:06 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.582 X-Spam-Level: X-Spam-Status: No, score=-102.582 tagged_above=-999 required=5 tests=[AWL=0.017, BAYES_00=-2.599, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id r9k5S3o54PnB; Wed, 19 Oct 2011 15:29:06 -0700 (PDT) Received: from ietfa.amsl.com (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 19B8A11E808A; Wed, 19 Oct 2011 15:29:06 -0700 (PDT) MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable From: internet-drafts@ietf.org To: i-d-announce@ietf.org X-Test-IDTracker: no X-IETF-IDTracker: 3.61 Message-ID: <20111019222906.6542.92286.idtracker@ietfa.amsl.com> Date: Wed, 19 Oct 2011 15:29:06 -0700 Cc: storm@ietf.org Subject: [storm] I-D Action: draft-ietf-storm-rddp-registries-00.txt X-BeenThere: storm@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Storage Maintenance WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 Oct 2011 22:29:06 -0000 A New Internet-Draft is available from the on-line Internet-Drafts director= ies. This draft is a work item of the STORage Maintenance Working Group of = the IETF. Title : IANA Registries for the RDDP (Remote Direct Data Placeme= nt) Protocols Author(s) : Michael Ko David L. Black Filename : draft-ietf-storm-rddp-registries-00.txt Pages : 11 Date : 2011-10-19 The original RFCs that specified the RDDP protocol suite did not create IANA registries for RDDP error codes, operation codes and function codes. Extensions to the RDDP protocols now require these registries to be created. This memo creates the RDDP registries, populates them with values defined in the original RDDP RFCs, and provides guidance to IANA for future assignment of code points within these registries. A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-storm-rddp-registries-00.txt Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ This Internet-Draft can be retrieved at: ftp://ftp.ietf.org/internet-drafts/draft-ietf-storm-rddp-registries-00.txt From cbm@chadalapaka.com Wed Oct 19 18:46:28 2011 Return-Path: X-Original-To: storm@ietfa.amsl.com Delivered-To: storm@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 02F701F0C4D for ; Wed, 19 Oct 2011 18:46:28 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.949 X-Spam-Level: X-Spam-Status: No, score=-1.949 tagged_above=-999 required=5 tests=[AWL=0.650, BAYES_00=-2.599] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6mYRuFIYhI+V for ; Wed, 19 Oct 2011 18:46:27 -0700 (PDT) Received: from snt0-omc3-s24.snt0.hotmail.com (snt0-omc3-s24.snt0.hotmail.com [65.55.90.163]) by ietfa.amsl.com (Postfix) with ESMTP id 66EDD1F0C4B for ; Wed, 19 Oct 2011 18:46:27 -0700 (PDT) Received: from SNT131-DS18 ([65.55.90.137]) by snt0-omc3-s24.snt0.hotmail.com with Microsoft SMTPSVC(6.0.3790.4675); Wed, 19 Oct 2011 18:46:26 -0700 X-Originating-IP: [131.107.0.94] X-Originating-Email: [cbm@chadalapaka.com] Message-ID: From: Mallikarjun Chadalapaka To: , References: <7C4DFCE962635144B8FAE8CA11D0BF1E058D073AB1@MX14A.corp.emc.com> In-Reply-To: <7C4DFCE962635144B8FAE8CA11D0BF1E058D073AB1@MX14A.corp.emc.com> Date: Wed, 19 Oct 2011 18:46:25 -0700 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable X-Mailer: Microsoft Outlook 14.0 Thread-Index: AQFuBqClpMPcT3PPU9Tf+R4RqFZPZAFpfFlKljYtaMA= Content-Language: en-us X-OriginalArrivalTime: 20 Oct 2011 01:46:26.0905 (UTC) FILETIME=[14B81C90:01CC8ECA] Subject: Re: [storm] New IPsec security text for iSCSI X-BeenThere: storm@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Storage Maintenance WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Oct 2011 01:46:28 -0000 Hi David, Many thanks for proposing the new text. I have read through the = proposed changes, and they all look consistent with the top-level summary you = have provided below. With respect to #2 below (implementations at 1Gbps or higher), I am = reading your new text to mean different from your summary, I may just be = misreading however. =20 Previous text required "MUST implement" of sequence number extension = even with IKEv1. The new text seems to limit the MUST requirement just to = those that use IKEv2 - "... iSCSI implementation that is capable of operating = at speeds of 1 Gbps and that implements both IKEv2..." IMHO, the older = text already seems to have the requisite force you summarized below under #2. Please correct if I'm off in the weeds here.... Thanks. Mallikarjun -----Original Message----- From: david.black@emc.com [mailto:david.black@emc.com]=20 Sent: Wednesday, October 19, 2011 3:04 PM To: cbm@chadalapaka.com; storm@ietf.org Subject: New IPsec security text for iSCSI The attached text file contains the new security text for the iSCSI consolidated draft, with differences marked against the -03 version of = that draft. The primary changes are to rewrite the IPsec requirements as previously announced: - MUST implement IPsec, 2400-series RFCs (IPsec v2, IKEv1). - SHOULD implement IPsec, 4300-series RFCs (IPsec v3, IKEv2). In addition, I have made the following three IPsec requirements changes = that seemed appropriate - an important purpose of this message is to solicit comments on them (including any objections): 1) If IKEv2 is supported, then AES GCM SHOULD be implemented. AES GCM is (IMHO) a better choice than the combination of AES CBC MAC with XCBC and AES CTR, but I did not remove the SHOULD recommendations for the latter two (FWIW, both of these SHOULD be implemented for IKEv2, see RFC 4307). 2) For implementations expected to operate at 1Gbps or greater: If ESPv3 (part of IPsec v3) is implemented, extended (64-bit) sequence numbers MUST be implemented and SHOULD be used (RFC 3720 indicated that this requirement was coming, so here it is ...). 3) DES MUST NOT be used (RFC 3720 specified that DES SHOULD NOT be used). The reason for this change should be obvious ;-). I also added a paragraph to indicate that determination of which = versions of IPsec are supported by a target is out of scope, but if both initiator = and target support both IPsec v2 and v3, then use of v3 is recommended = [lower case, this is deliberate]. Note that RFC 3723 needs to be added to the list of RFCs that are = updated by the iSCSI consolidated draft. There will be a number of references that will need to be added - I didn't put those into the attached text file. Thanks, --David ---------------------------------------------------- David L. Black, Distinguished Engineer EMC Corporation, 176 South St., Hopkinton, MA=A0 01748 +1 (508) 293-7953=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 FAX: +1 (508) = 293-7786 david.black@emc.com=A0=A0=A0=A0=A0=A0=A0 Mobile: +1 (978) 394-7754 ---------------------------------------------------- From david.black@emc.com Thu Oct 20 05:30:32 2011 Return-Path: X-Original-To: storm@ietfa.amsl.com Delivered-To: storm@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D921721F8B32 for ; Thu, 20 Oct 2011 05:30:32 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -106.599 X-Spam-Level: X-Spam-Status: No, score=-106.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LngEBZOCahXv for ; Thu, 20 Oct 2011 05:30:32 -0700 (PDT) Received: from mexforward.lss.emc.com (mexforward.lss.emc.com [128.222.32.20]) by ietfa.amsl.com (Postfix) with ESMTP id 28C1121F8ADE for ; Thu, 20 Oct 2011 05:30:31 -0700 (PDT) Received: from hop04-l1d11-si03.isus.emc.com (HOP04-L1D11-SI03.isus.emc.com [10.254.111.23]) by mexforward.lss.emc.com (Switch-3.4.3/Switch-3.4.3) with ESMTP id p9KCUPsQ020388 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 20 Oct 2011 08:30:26 -0400 Received: from mailhub.lss.emc.com (mailhub.lss.emc.com [10.254.222.129]) by hop04-l1d11-si03.isus.emc.com (RSA Interceptor); Thu, 20 Oct 2011 08:30:10 -0400 Received: from mxhub15.corp.emc.com (mxhub15.corp.emc.com [128.221.56.104]) by mailhub.lss.emc.com (Switch-3.4.3/Switch-3.4.3) with ESMTP id p9KCUAt8028075; Thu, 20 Oct 2011 08:30:10 -0400 Received: from mxhub39.corp.emc.com (128.222.70.106) by mxhub15.corp.emc.com (128.221.56.104) with Microsoft SMTP Server (TLS) id 8.2.254.0; Thu, 20 Oct 2011 08:30:10 -0400 Received: from mx14a.corp.emc.com ([169.254.1.78]) by mxhub39.corp.emc.com ([128.222.70.106]) with mapi; Thu, 20 Oct 2011 08:30:09 -0400 From: To: , Date: Thu, 20 Oct 2011 08:30:06 -0400 Thread-Topic: New IPsec security text for iSCSI Thread-Index: AQFuBqClpMPcT3PPU9Tf+R4RqFZPZAFpfFlKljYtaMCAAL4asA== Message-ID: <7C4DFCE962635144B8FAE8CA11D0BF1E058D073B40@MX14A.corp.emc.com> References: <7C4DFCE962635144B8FAE8CA11D0BF1E058D073AB1@MX14A.corp.emc.com> In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: acceptlanguage: en-US Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-EMM-MHVC: 1 Subject: Re: [storm] New IPsec security text for iSCSI X-BeenThere: storm@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Storage Maintenance WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Oct 2011 12:30:33 -0000 Hi Mallikarjun, The previous text in -03 of the consolidated draft was incorrect (sorry). The problem is that 64-bit sequence numbers only exist in ESPv3 (part of IPsec v3), and can only be turned on by IKEv2 (part of IPsec v3) - use of IKEv1 or ESPv2 (part of IPsec v2) always results in use of 32 bit sequence numbers. So, the result is: - ESPv2 sequence numbers are always 32 bits (for both IKEv1 and IKEv2). - IKEv1 + ESPv3 is limited to 32 bit sequence numbers. - IKEv2 + ESPv3 is required in order to use 64 bit sequence numbers. Thanks, --David > -----Original Message----- > From: Mallikarjun Chadalapaka [mailto:cbm@chadalapaka.com] > Sent: Wednesday, October 19, 2011 9:46 PM > To: Black, David; storm@ietf.org > Subject: RE: New IPsec security text for iSCSI >=20 > Hi David, >=20 > Many thanks for proposing the new text. I have read through the proposed > changes, and they all look consistent with the top-level summary you have > provided below. >=20 > With respect to #2 below (implementations at 1Gbps or higher), I am readi= ng > your new text to mean different from your summary, I may just be misreadi= ng > however. >=20 > Previous text required "MUST implement" of sequence number extension even > with IKEv1. The new text seems to limit the MUST requirement just to tho= se > that use IKEv2 - "... iSCSI implementation that is capable of operating = at > speeds of 1 Gbps and that implements both IKEv2..." IMHO, the older te= xt > already seems to have the requisite force you summarized below under #2. > Please correct if I'm off in the weeds here.... >=20 > Thanks. >=20 > Mallikarjun >=20 >=20 >=20 >=20 >=20 >=20 > -----Original Message----- > From: david.black@emc.com [mailto:david.black@emc.com] > Sent: Wednesday, October 19, 2011 3:04 PM > To: cbm@chadalapaka.com; storm@ietf.org > Subject: New IPsec security text for iSCSI >=20 > The attached text file contains the new security text for the iSCSI > consolidated draft, with differences marked against the -03 version of th= at > draft. The primary changes are to rewrite the IPsec requirements as > previously announced: >=20 > - MUST implement IPsec, 2400-series RFCs (IPsec v2, IKEv1). > - SHOULD implement IPsec, 4300-series RFCs (IPsec v3, IKEv2). >=20 > In addition, I have made the following three IPsec requirements changes t= hat > seemed appropriate - an important purpose of this message is to solicit > comments on them (including any objections): >=20 > 1) If IKEv2 is supported, then AES GCM SHOULD be implemented. AES GCM i= s > (IMHO) a better choice than the combination of AES CBC MAC with XCBC > and AES CTR, but I did not remove the SHOULD recommendations for > the latter two (FWIW, both of these SHOULD be implemented for IKEv2, > see RFC 4307). > 2) For implementations expected to operate at 1Gbps or greater: If ESPv3 > (part of IPsec v3) is implemented, extended (64-bit) sequence numbers > MUST be implemented and SHOULD be used (RFC 3720 indicated that this > requirement was coming, so here it is ...). > 3) DES MUST NOT be used (RFC 3720 specified that DES SHOULD NOT be used)= . > The reason for this change should be obvious ;-). >=20 > I also added a paragraph to indicate that determination of which versions= of > IPsec are supported by a target is out of scope, but if both initiator an= d > target support both IPsec v2 and v3, then use of v3 is recommended [lower > case, this is deliberate]. >=20 > Note that RFC 3723 needs to be added to the list of RFCs that are updated= by > the iSCSI consolidated draft. There will be a number of references that > will need to be added - I didn't put those into the attached text file. >=20 > Thanks, > --David > ---------------------------------------------------- > David L. Black, Distinguished Engineer > EMC Corporation, 176 South St., Hopkinton, MA=A0 01748 > +1 (508) 293-7953=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 FAX: +1 (508) 293-7= 786 > david.black@emc.com=A0=A0=A0=A0=A0=A0=A0 Mobile: +1 (978) 394-7754 > ---------------------------------------------------- >=20 >=20 From cbm@chadalapaka.com Thu Oct 20 10:43:00 2011 Return-Path: X-Original-To: storm@ietfa.amsl.com Delivered-To: storm@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F06C321F8C07 for ; Thu, 20 Oct 2011 10:42:59 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.166 X-Spam-Level: X-Spam-Status: No, score=-2.166 tagged_above=-999 required=5 tests=[AWL=0.434, BAYES_00=-2.599] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eaFy-voE7Z4H for ; Thu, 20 Oct 2011 10:42:59 -0700 (PDT) Received: from snt0-omc3-s41.snt0.hotmail.com (snt0-omc3-s41.snt0.hotmail.com [65.54.51.78]) by ietfa.amsl.com (Postfix) with ESMTP id 257E921F8B84 for ; Thu, 20 Oct 2011 10:42:58 -0700 (PDT) Received: from SNT131-DS17 ([65.55.90.136]) by snt0-omc3-s41.snt0.hotmail.com with Microsoft SMTPSVC(6.0.3790.4675); Thu, 20 Oct 2011 10:42:59 -0700 X-Originating-IP: [131.107.0.94] X-Originating-Email: [cbm@chadalapaka.com] Message-ID: From: Mallikarjun Chadalapaka To: , References: <7C4DFCE962635144B8FAE8CA11D0BF1E058D073AB1@MX14A.corp.emc.com> <7C4DFCE962635144B8FAE8CA11D0BF1E058D073B40@MX14A.corp.emc.com> In-Reply-To: <7C4DFCE962635144B8FAE8CA11D0BF1E058D073B40@MX14A.corp.emc.com> Date: Thu, 20 Oct 2011 10:42:57 -0700 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable X-Mailer: Microsoft Outlook 14.0 Thread-Index: AQFuBqClpMPcT3PPU9Tf+R4RqFZPZAFpfFlKALIsbwsBX2xlFZYmsrPQ Content-Language: en-us X-OriginalArrivalTime: 20 Oct 2011 17:42:59.0233 (UTC) FILETIME=[B5366110:01CC8F4F] Subject: Re: [storm] New IPsec security text for iSCSI X-BeenThere: storm@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Storage Maintenance WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Oct 2011 17:43:00 -0000 OK, thanks David. That explains it, :) I have traced this issue back to an email conversation with Julian from 11/07 where we've agreed to bump this up to a MUST for the same reasons you've articulated below. In clear hindsight however, l should have confirmed that IKEv1 cannot support 64-bit sequence numbers and should = have added the cross-reference to IKEv2, my bad. In any case, it's good to clean this up now. I will wait for list = feedback for a few more days, before adding this text to the draft. Draft = submission cut-off date for Taipei IETF is only a few days away. Thanks. Mallikarjun -----Original Message----- From: david.black@emc.com [mailto:david.black@emc.com]=20 Sent: Thursday, October 20, 2011 5:30 AM To: cbm@chadalapaka.com; storm@ietf.org Subject: RE: New IPsec security text for iSCSI Hi Mallikarjun, The previous text in -03 of the consolidated draft was incorrect = (sorry). The problem is that 64-bit sequence numbers only exist in ESPv3 (part of IPsec v3), and can only be turned on by IKEv2 (part of IPsec v3) - use = of IKEv1 or ESPv2 (part of IPsec v2) always results in use of 32 bit = sequence numbers. So, the result is: - ESPv2 sequence numbers are always 32 bits (for both IKEv1 and IKEv2). - IKEv1 + ESPv3 is limited to 32 bit sequence numbers. - IKEv2 + ESPv3 is required in order to use 64 bit sequence numbers. Thanks, --David > -----Original Message----- > From: Mallikarjun Chadalapaka [mailto:cbm@chadalapaka.com] > Sent: Wednesday, October 19, 2011 9:46 PM > To: Black, David; storm@ietf.org > Subject: RE: New IPsec security text for iSCSI >=20 > Hi David, >=20 > Many thanks for proposing the new text. I have read through the=20 > proposed changes, and they all look consistent with the top-level=20 > summary you have provided below. >=20 > With respect to #2 below (implementations at 1Gbps or higher), I am=20 > reading your new text to mean different from your summary, I may just=20 > be misreading however. >=20 > Previous text required "MUST implement" of sequence number extension=20 > even with IKEv1. The new text seems to limit the MUST requirement=20 > just to those that use IKEv2 - "... iSCSI implementation that is = capable of operating at > speeds of 1 Gbps and that implements both IKEv2..." IMHO, the older text > already seems to have the requisite force you summarized below under = #2. > Please correct if I'm off in the weeds here.... >=20 > Thanks. >=20 > Mallikarjun >=20 >=20 >=20 >=20 >=20 >=20 > -----Original Message----- > From: david.black@emc.com [mailto:david.black@emc.com] > Sent: Wednesday, October 19, 2011 3:04 PM > To: cbm@chadalapaka.com; storm@ietf.org > Subject: New IPsec security text for iSCSI >=20 > The attached text file contains the new security text for the iSCSI=20 > consolidated draft, with differences marked against the -03 version of = > that draft. The primary changes are to rewrite the IPsec requirements = > as previously announced: >=20 > - MUST implement IPsec, 2400-series RFCs (IPsec v2, IKEv1). > - SHOULD implement IPsec, 4300-series RFCs (IPsec v3, IKEv2). >=20 > In addition, I have made the following three IPsec requirements=20 > changes that seemed appropriate - an important purpose of this message = > is to solicit comments on them (including any objections): >=20 > 1) If IKEv2 is supported, then AES GCM SHOULD be implemented. AES GCM is > (IMHO) a better choice than the combination of AES CBC MAC with XCBC > and AES CTR, but I did not remove the SHOULD recommendations for > the latter two (FWIW, both of these SHOULD be implemented for IKEv2, > see RFC 4307). > 2) For implementations expected to operate at 1Gbps or greater: If ESPv3 > (part of IPsec v3) is implemented, extended (64-bit) sequence numbers > MUST be implemented and SHOULD be used (RFC 3720 indicated that this > requirement was coming, so here it is ...). > 3) DES MUST NOT be used (RFC 3720 specified that DES SHOULD NOT be used). > The reason for this change should be obvious ;-). >=20 > I also added a paragraph to indicate that determination of which=20 > versions of IPsec are supported by a target is out of scope, but if=20 > both initiator and target support both IPsec v2 and v3, then use of v3 = > is recommended [lower case, this is deliberate]. >=20 > Note that RFC 3723 needs to be added to the list of RFCs that are=20 > updated by the iSCSI consolidated draft. There will be a number of=20 > references that will need to be added - I didn't put those into the attached text file. >=20 > Thanks, > --David > ---------------------------------------------------- > David L. Black, Distinguished Engineer EMC Corporation, 176 South St., = > Hopkinton, MA=A0 01748 > +1 (508) 293-7953=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 FAX: +1 (508) = 293-7786 > david.black@emc.com=A0=A0=A0=A0=A0=A0=A0 Mobile: +1 (978) 394-7754 > ---------------------------------------------------- >=20 >=20 From david.black@emc.com Thu Oct 20 12:01:33 2011 Return-Path: X-Original-To: storm@ietfa.amsl.com Delivered-To: storm@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9D0551F0C4C for ; Thu, 20 Oct 2011 12:01:32 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -106.599 X-Spam-Level: X-Spam-Status: No, score=-106.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kVRNC0KZAVJR for ; Thu, 20 Oct 2011 12:01:32 -0700 (PDT) Received: from mexforward.lss.emc.com (mexforward.lss.emc.com [128.222.32.20]) by ietfa.amsl.com (Postfix) with ESMTP id 9AEF11F0C35 for ; Thu, 20 Oct 2011 12:01:22 -0700 (PDT) Received: from hop04-l1d11-si03.isus.emc.com (HOP04-L1D11-SI03.isus.emc.com [10.254.111.23]) by mexforward.lss.emc.com (Switch-3.4.3/Switch-3.4.3) with ESMTP id p9KJ1JQ5005621 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 20 Oct 2011 15:01:19 -0400 Received: from mailhub.lss.emc.com (mailhub.lss.emc.com [10.254.222.130]) by hop04-l1d11-si03.isus.emc.com (RSA Interceptor); Thu, 20 Oct 2011 15:01:16 -0400 Received: from mxhub32.corp.emc.com (mxhub32.corp.emc.com [128.222.70.172]) by mailhub.lss.emc.com (Switch-3.4.3/Switch-3.4.3) with ESMTP id p9KJ1FIF031165; Thu, 20 Oct 2011 15:01:16 -0400 Received: from mx14a.corp.emc.com ([169.254.1.78]) by mxhub32.corp.emc.com ([128.222.70.172]) with mapi; Thu, 20 Oct 2011 15:01:15 -0400 From: To: , Date: Thu, 20 Oct 2011 15:01:15 -0400 Thread-Topic: New IPsec security text for iSCSI Thread-Index: AQFuBqClpMPcT3PPU9Tf+R4RqFZPZAFpfFlKALIsbwsBX2xlFZYmsrPQgAAcYAA= Message-ID: <7C4DFCE962635144B8FAE8CA11D0BF1E058D073D45@MX14A.corp.emc.com> References: <7C4DFCE962635144B8FAE8CA11D0BF1E058D073AB1@MX14A.corp.emc.com> <7C4DFCE962635144B8FAE8CA11D0BF1E058D073B40@MX14A.corp.emc.com> In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: acceptlanguage: en-US Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-EMM-MHVC: 1 Subject: Re: [storm] New IPsec security text for iSCSI X-BeenThere: storm@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Storage Maintenance WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Oct 2011 19:01:33 -0000 Great - please make sure that these security requirements changes are added to the section that summarizes changes from previous RFCs. Thanks, --David > -----Original Message----- > From: Mallikarjun Chadalapaka [mailto:cbm@chadalapaka.com] > Sent: Thursday, October 20, 2011 1:43 PM > To: Black, David; storm@ietf.org > Subject: RE: New IPsec security text for iSCSI >=20 > OK, thanks David. That explains it, :) >=20 > I have traced this issue back to an email conversation with Julian from > 11/07 where we've agreed to bump this up to a MUST for the same reasons > you've articulated below. In clear hindsight however, l should have > confirmed that IKEv1 cannot support 64-bit sequence numbers and should ha= ve > added the cross-reference to IKEv2, my bad. >=20 > In any case, it's good to clean this up now. I will wait for list feedba= ck > for a few more days, before adding this text to the draft. Draft submiss= ion > cut-off date for Taipei IETF is only a few days away. >=20 > Thanks. >=20 > Mallikarjun >=20 >=20 >=20 > -----Original Message----- > From: david.black@emc.com [mailto:david.black@emc.com] > Sent: Thursday, October 20, 2011 5:30 AM > To: cbm@chadalapaka.com; storm@ietf.org > Subject: RE: New IPsec security text for iSCSI >=20 > Hi Mallikarjun, >=20 > The previous text in -03 of the consolidated draft was incorrect (sorry). >=20 > The problem is that 64-bit sequence numbers only exist in ESPv3 (part of > IPsec v3), and can only be turned on by IKEv2 (part of IPsec v3) - use of > IKEv1 or ESPv2 (part of IPsec v2) always results in use of 32 bit sequenc= e > numbers. So, the result is: >=20 > - ESPv2 sequence numbers are always 32 bits (for both IKEv1 and IKEv2). > - IKEv1 + ESPv3 is limited to 32 bit sequence numbers. > - IKEv2 + ESPv3 is required in order to use 64 bit sequence numbers. >=20 > Thanks, > --David >=20 > > -----Original Message----- > > From: Mallikarjun Chadalapaka [mailto:cbm@chadalapaka.com] > > Sent: Wednesday, October 19, 2011 9:46 PM > > To: Black, David; storm@ietf.org > > Subject: RE: New IPsec security text for iSCSI > > > > Hi David, > > > > Many thanks for proposing the new text. I have read through the > > proposed changes, and they all look consistent with the top-level > > summary you have provided below. > > > > With respect to #2 below (implementations at 1Gbps or higher), I am > > reading your new text to mean different from your summary, I may just > > be misreading however. > > > > Previous text required "MUST implement" of sequence number extension > > even with IKEv1. The new text seems to limit the MUST requirement > > just to those that use IKEv2 - "... iSCSI implementation that is capabl= e of operating at > > speeds of 1 Gbps and that implements both IKEv2..." IMHO, the older te= xt > > already seems to have the requisite force you summarized below under #2= . > > Please correct if I'm off in the weeds here.... > > > > Thanks. > > > > Mallikarjun > > > > > > > > > > > > > > -----Original Message----- > > From: david.black@emc.com [mailto:david.black@emc.com] > > Sent: Wednesday, October 19, 2011 3:04 PM > > To: cbm@chadalapaka.com; storm@ietf.org > > Subject: New IPsec security text for iSCSI > > > > The attached text file contains the new security text for the iSCSI > > consolidated draft, with differences marked against the -03 version of > > that draft. The primary changes are to rewrite the IPsec requirements > > as previously announced: > > > > - MUST implement IPsec, 2400-series RFCs (IPsec v2, IKEv1). > > - SHOULD implement IPsec, 4300-series RFCs (IPsec v3, IKEv2). > > > > In addition, I have made the following three IPsec requirements > > changes that seemed appropriate - an important purpose of this message > > is to solicit comments on them (including any objections): > > > > 1) If IKEv2 is supported, then AES GCM SHOULD be implemented. AES GCM= is > > (IMHO) a better choice than the combination of AES CBC MAC with XCBC > > and AES CTR, but I did not remove the SHOULD recommendations for > > the latter two (FWIW, both of these SHOULD be implemented for IKEv2, > > see RFC 4307). > > 2) For implementations expected to operate at 1Gbps or greater: If ESP= v3 > > (part of IPsec v3) is implemented, extended (64-bit) sequence numbers > > MUST be implemented and SHOULD be used (RFC 3720 indicated that this > > requirement was coming, so here it is ...). > > 3) DES MUST NOT be used (RFC 3720 specified that DES SHOULD NOT be use= d). > > The reason for this change should be obvious ;-). > > > > I also added a paragraph to indicate that determination of which > > versions of IPsec are supported by a target is out of scope, but if > > both initiator and target support both IPsec v2 and v3, then use of v3 > > is recommended [lower case, this is deliberate]. > > > > Note that RFC 3723 needs to be added to the list of RFCs that are > > updated by the iSCSI consolidated draft. There will be a number of > > references that will need to be added - I didn't put those into the > > attached text file. > > > > Thanks, > > --David > > ---------------------------------------------------- > > David L. Black, Distinguished Engineer EMC Corporation, 176 South St., > > Hopkinton, MA=A0 01748 > > +1 (508) 293-7953=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 FAX: +1 (508) 293= -7786 > > david.black@emc.com=A0=A0=A0=A0=A0=A0=A0 Mobile: +1 (978) 394-7754 > > ---------------------------------------------------- > > > > >=20 >=20 From ttalpey@microsoft.com Fri Oct 21 12:05:03 2011 Return-Path: X-Original-To: storm@ietfa.amsl.com Delivered-To: storm@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1600721F8BA8 for ; Fri, 21 Oct 2011 12:05:03 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -110.599 X-Spam-Level: X-Spam-Status: No, score=-110.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id S6oahioSP1H6 for ; Fri, 21 Oct 2011 12:05:02 -0700 (PDT) Received: from smtp.microsoft.com (mail3.microsoft.com [131.107.115.214]) by ietfa.amsl.com (Postfix) with ESMTP id 7F93721F8B92 for ; Fri, 21 Oct 2011 12:05:02 -0700 (PDT) Received: from TK5EX14MLTC104.redmond.corp.microsoft.com (157.54.79.159) by TK5-EXGWY-E803.partners.extranet.microsoft.com (10.251.56.169) with Microsoft SMTP Server (TLS) id 8.2.176.0; Fri, 21 Oct 2011 12:05:02 -0700 Received: from TK5EX14MBXC118.redmond.corp.microsoft.com ([169.254.9.73]) by TK5EX14MLTC104.redmond.corp.microsoft.com ([157.54.79.159]) with mapi id 14.01.0339.002; Fri, 21 Oct 2011 12:05:01 -0700 From: Tom Talpey To: "storm@ietf.org" Thread-Topic: WG Last Call - RDDP registries Thread-Index: AcyQIZ9GrcM5E+JESbe7RIuFF0Mv9A== Importance: high X-Priority: 1 Date: Fri, 21 Oct 2011 19:05:01 +0000 Message-ID: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [157.54.51.35] Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Subject: [storm] WG Last Call - RDDP registries X-BeenThere: storm@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Storage Maintenance WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Oct 2011 19:05:03 -0000 This message is to announce the STORM working group Last Call on the follow= ing document: IANA Registries for the RDDP (Remote Direct Data Placement) Protocols draft-ietf-storm-rddp-registries-00.txt http://tools.ietf.org/wg/storm/draft-ietf-storm-rddp-registries/ This draft is very recently published, and is required to create an IANA re= gistry for the RDDP protocols, to support the publication of the MPA draft = (http://tools.ietf.org/wg/storm/draft-ietf-storm-mpa-peer-connect/) and oth= ers which may arise in the future. The following messages have more detail:= =20 http://www.ietf.org/mail-archive/web/storm/current/msg00414.html http://www.ietf.org/mail-archive/web/storm/current/msg00420.html This Last Call, accordingly, will be conducted promptly in order that the d= ocument may be in place by the Taipei IETF meeting and if so, to allow adva= ncement of the MPA draft. Last Call comments are due by Friday, November 4 at midnight Eastern time (= two weeks from today). Please send all technical comments to the storm mailing list: storm@ietf.or= g Editorial comments may be sent directly to the draft authors: draft-ietf-st= orm-rddp-registries@tools.ietf.org Thanks in advance for the WG's prompt review. :-) Tom Talpey STORM WG co-chair From internet-drafts@ietf.org Fri Oct 21 20:12:53 2011 Return-Path: X-Original-To: storm@ietfa.amsl.com Delivered-To: storm@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 59D9621F85C7; Fri, 21 Oct 2011 20:12:53 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.579 X-Spam-Level: X-Spam-Status: No, score=-102.579 tagged_above=-999 required=5 tests=[AWL=0.020, BAYES_00=-2.599, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RuaaWw2Ob19E; Fri, 21 Oct 2011 20:12:52 -0700 (PDT) Received: from ietfa.amsl.com (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D94A821F85AA; Fri, 21 Oct 2011 20:12:52 -0700 (PDT) MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable From: internet-drafts@ietf.org To: i-d-announce@ietf.org X-Test-IDTracker: no X-IETF-IDTracker: 3.61 Message-ID: <20111022031252.4837.88204.idtracker@ietfa.amsl.com> Date: Fri, 21 Oct 2011 20:12:52 -0700 Cc: storm@ietf.org Subject: [storm] I-D Action: draft-ietf-storm-mpa-peer-connect-08.txt X-BeenThere: storm@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Storage Maintenance WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 22 Oct 2011 03:12:53 -0000 A New Internet-Draft is available from the on-line Internet-Drafts director= ies. This draft is a work item of the STORage Maintenance Working Group of = the IETF. Title : Enhanced RDMA Connection Establishment Author(s) : Arkady Kanevsky Caitlin Bestler Robert Sharp Steve Wise Filename : draft-ietf-storm-mpa-peer-connect-08.txt Pages : 24 Date : 2011-10-21 This document updates RFC 5043 and RFC 5044 by extending Marker Protocol Data Unit (PDU) Aligned Framing (MPA) negotiation for Remote Direct Memory Access (RDMA) connection establishment. The first enhancement extends RFC 5044, enabling peer-to-peer connection establishment over MPA/ Transmission Control Protocol (TCP). The second enhancement extends both RFC 5043 and RFC 5044, by providing an option for standardized exchange of RDMA-layer connection configuration. A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-storm-mpa-peer-connect-08.txt Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ This Internet-Draft can be retrieved at: ftp://ftp.ietf.org/internet-drafts/draft-ietf-storm-mpa-peer-connect-08.txt From internet-drafts@ietf.org Tue Oct 25 00:40:20 2011 Return-Path: X-Original-To: storm@ietfa.amsl.com Delivered-To: storm@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 47E1621F8B65; Tue, 25 Oct 2011 00:40:20 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.568 X-Spam-Level: X-Spam-Status: No, score=-102.568 tagged_above=-999 required=5 tests=[AWL=0.031, BAYES_00=-2.599, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id M8pb0cHlXDxi; Tue, 25 Oct 2011 00:40:19 -0700 (PDT) Received: from ietfa.amsl.com (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 34A1521F8B2F; Tue, 25 Oct 2011 00:40:19 -0700 (PDT) MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable From: internet-drafts@ietf.org To: i-d-announce@ietf.org X-Test-IDTracker: no X-IETF-IDTracker: 3.61 Message-ID: <20111025074019.15097.46974.idtracker@ietfa.amsl.com> Date: Tue, 25 Oct 2011 00:40:19 -0700 Cc: storm@ietf.org Subject: [storm] I-D Action: draft-ietf-storm-iscsimib-01.txt X-BeenThere: storm@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Storage Maintenance WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 25 Oct 2011 07:40:20 -0000 A New Internet-Draft is available from the on-line Internet-Drafts director= ies. This draft is a work item of the STORage Maintenance Working Group of = the IETF. Title : Definitions of Managed Objects for Internet Small Comput= er System Interface (iSCSI) Author(s) : Mark Bakke Prakash Venkatesen Filename : draft-ietf-storm-iscsimib-01.txt Pages : 86 Date : 2011-10-25 This document defines a portion of the Management Information Base (MIB) for use with network management protocols. In particular, it defines objects for managing a client using the Internet Small Computer System Interface (iSCSI) protocol (SCSI over TCP). This document obsoletes RFC4544. A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-storm-iscsimib-01.txt Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ This Internet-Draft can be retrieved at: ftp://ftp.ietf.org/internet-drafts/draft-ietf-storm-iscsimib-01.txt From david.black@emc.com Tue Oct 25 07:18:35 2011 Return-Path: X-Original-To: storm@ietfa.amsl.com Delivered-To: storm@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D67B721F8A69 for ; Tue, 25 Oct 2011 07:18:35 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -106.599 X-Spam-Level: X-Spam-Status: No, score=-106.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fsUDtgZC8UGh for ; Tue, 25 Oct 2011 07:18:35 -0700 (PDT) Received: from mexforward.lss.emc.com (mexforward.lss.emc.com [128.222.32.20]) by ietfa.amsl.com (Postfix) with ESMTP id CD55821F8922 for ; Tue, 25 Oct 2011 07:18:31 -0700 (PDT) Received: from hop04-l1d11-si01.isus.emc.com (HOP04-L1D11-SI01.isus.emc.com [10.254.111.54]) by mexforward.lss.emc.com (Switch-3.4.3/Switch-3.4.3) with ESMTP id p9PEISOB016817 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 25 Oct 2011 10:18:28 -0400 Received: from mailhub.lss.emc.com (mailhub.lss.emc.com [10.254.222.129]) by hop04-l1d11-si01.isus.emc.com (RSA Interceptor) for ; Tue, 25 Oct 2011 10:18:19 -0400 Received: from mxhub23.corp.emc.com (mxhub23.corp.emc.com [128.222.70.135]) by mailhub.lss.emc.com (Switch-3.4.3/Switch-3.4.3) with ESMTP id p9PEIJHg020710 for ; Tue, 25 Oct 2011 10:18:19 -0400 Received: from mxhub40.corp.emc.com (128.222.70.107) by mxhub23.corp.emc.com (128.222.70.135) with Microsoft SMTP Server (TLS) id 8.2.254.0; Tue, 25 Oct 2011 10:18:19 -0400 Received: from mx14a.corp.emc.com ([169.254.1.78]) by mxhub40.corp.emc.com ([128.222.70.107]) with mapi; Tue, 25 Oct 2011 10:18:18 -0400 From: To: Date: Tue, 25 Oct 2011 10:18:17 -0400 Thread-Topic: New IPsec security text for iSCSI Thread-Index: AQFuBqClpMPcT3PPU9Tf+R4RqFZPZAFpfFlKALIsbwsBX2xlFZYmsrPQgAAcYACAB4jsYA== Message-ID: <7C4DFCE962635144B8FAE8CA11D0BF1E058D0EF642@MX14A.corp.emc.com> References: <7C4DFCE962635144B8FAE8CA11D0BF1E058D073AB1@MX14A.corp.emc.com> <7C4DFCE962635144B8FAE8CA11D0BF1E058D073B40@MX14A.corp.emc.com> <7C4DFCE962635144B8FAE8CA11D0BF1E058D073D45@MX14A.corp.emc.com> In-Reply-To: <7C4DFCE962635144B8FAE8CA11D0BF1E058D073D45@MX14A.corp.emc.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: acceptlanguage: en-US Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-EMM-MHVC: 1 Subject: Re: [storm] New IPsec security text for iSCSI X-BeenThere: storm@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Storage Maintenance WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 25 Oct 2011 14:18:36 -0000 Mallikarjun, I think we've had enough "soak time" with no visible objections to go ahead= and use the new security text. Please post the revised draft sometime thi= s week. I do want to make one more minor change to the new security requirements. = I originally wrote: > 1) If IKEv2 is supported, then AES GCM SHOULD be implemented. I want to change that to: 1) If IKEv2 is supported, then both AES GCM and AES GMAC SHOULD be impleme= nted. The reason for doing this is that GCM is a combined (encryption + integrity= ) mode, and GMAC is the integrity portion of GCM (i.e., the implementation impact of adding GMAC to the GCM r= ecommendation is minor). For completeness, here are the complete crypto requirements for the algorit= hms and modes with this change: Integrity: The IPsec implementation MUST fulfill the following iSCSI specific requirements: - HMAC-SHA1 MUST be implemented [RFC2404]. - AES CBC MAC with XCBC extensions SHOULD be implemented [RFC3566]. NEW - Implementations that support IKEv2 [RFC5996] SHOULD also implement AES GMAC [RFC4543]. END --> The change to add GMAC is in the block of NEW text immediately above. <= -- Encryption: with the following iSCSI specific requirements that apply to IPsec v2 and IPsec v3: END - 3DES in CBC mode MUST be implemented [RFC2451]. - AES in Counter mode SHOULD be implemented [RFC3686]. NEW - Implementations that support IKEv2 [RFC5996] SHOULD also implement AES GCM [RFC4106]. END Thanks, --David (storm WG co-chair) ---------------------------------------------------- David L. Black, Distinguished Engineer EMC Corporation, 176 South St., Hopkinton, MA=A0 01748 +1 (508) 293-7953=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 FAX: +1 (508) 293-778= 6 david.black@emc.com=A0=A0=A0=A0=A0=A0=A0 Mobile: +1 (978) 394-7754 ---------------------------------------------------- > -----Original Message----- > From: storm-bounces@ietf.org [mailto:storm-bounces@ietf.org] On Behalf Of= david.black@emc.com > Sent: Thursday, October 20, 2011 3:01 PM > To: cbm@chadalapaka.com; storm@ietf.org > Subject: Re: [storm] New IPsec security text for iSCSI >=20 > Great - please make sure that these security requirements changes are > added to the section that summarizes changes from previous RFCs. >=20 > Thanks, > --David >=20 > > -----Original Message----- > > From: Mallikarjun Chadalapaka [mailto:cbm@chadalapaka.com] > > Sent: Thursday, October 20, 2011 1:43 PM > > To: Black, David; storm@ietf.org > > Subject: RE: New IPsec security text for iSCSI > > > > OK, thanks David. That explains it, :) > > > > I have traced this issue back to an email conversation with Julian from > > 11/07 where we've agreed to bump this up to a MUST for the same reasons > > you've articulated below. In clear hindsight however, l should have > > confirmed that IKEv1 cannot support 64-bit sequence numbers and should = have > > added the cross-reference to IKEv2, my bad. > > > > In any case, it's good to clean this up now. I will wait for list feed= back > > for a few more days, before adding this text to the draft. Draft submi= ssion > > cut-off date for Taipei IETF is only a few days away. > > > > Thanks. > > > > Mallikarjun > > > > > > > > -----Original Message----- > > From: david.black@emc.com [mailto:david.black@emc.com] > > Sent: Thursday, October 20, 2011 5:30 AM > > To: cbm@chadalapaka.com; storm@ietf.org > > Subject: RE: New IPsec security text for iSCSI > > > > Hi Mallikarjun, > > > > The previous text in -03 of the consolidated draft was incorrect (sorry= ). > > > > The problem is that 64-bit sequence numbers only exist in ESPv3 (part o= f > > IPsec v3), and can only be turned on by IKEv2 (part of IPsec v3) - use = of > > IKEv1 or ESPv2 (part of IPsec v2) always results in use of 32 bit seque= nce > > numbers. So, the result is: > > > > - ESPv2 sequence numbers are always 32 bits (for both IKEv1 and IKEv2)= . > > - IKEv1 + ESPv3 is limited to 32 bit sequence numbers. > > - IKEv2 + ESPv3 is required in order to use 64 bit sequence numbers. > > > > Thanks, > > --David > > > > > -----Original Message----- > > > From: Mallikarjun Chadalapaka [mailto:cbm@chadalapaka.com] > > > Sent: Wednesday, October 19, 2011 9:46 PM > > > To: Black, David; storm@ietf.org > > > Subject: RE: New IPsec security text for iSCSI > > > > > > Hi David, > > > > > > Many thanks for proposing the new text. I have read through the > > > proposed changes, and they all look consistent with the top-level > > > summary you have provided below. > > > > > > With respect to #2 below (implementations at 1Gbps or higher), I am > > > reading your new text to mean different from your summary, I may just > > > be misreading however. > > > > > > Previous text required "MUST implement" of sequence number extension > > > even with IKEv1. The new text seems to limit the MUST requirement > > > just to those that use IKEv2 - "... iSCSI implementation that is capa= ble of operating at > > > speeds of 1 Gbps and that implements both IKEv2..." IMHO, the older = text > > > already seems to have the requisite force you summarized below under = #2. > > > Please correct if I'm off in the weeds here.... > > > > > > Thanks. > > > > > > Mallikarjun > > > > > > > > > > > > > > > > > > > > > -----Original Message----- > > > From: david.black@emc.com [mailto:david.black@emc.com] > > > Sent: Wednesday, October 19, 2011 3:04 PM > > > To: cbm@chadalapaka.com; storm@ietf.org > > > Subject: New IPsec security text for iSCSI > > > > > > The attached text file contains the new security text for the iSCSI > > > consolidated draft, with differences marked against the -03 version o= f > > > that draft. The primary changes are to rewrite the IPsec requirement= s > > > as previously announced: > > > > > > - MUST implement IPsec, 2400-series RFCs (IPsec v2, IKEv1). > > > - SHOULD implement IPsec, 4300-series RFCs (IPsec v3, IKEv2). > > > > > > In addition, I have made the following three IPsec requirements > > > changes that seemed appropriate - an important purpose of this messag= e > > > is to solicit comments on them (including any objections): > > > > > > 1) If IKEv2 is supported, then AES GCM SHOULD be implemented. AES G= CM is > > > (IMHO) a better choice than the combination of AES CBC MAC with XCB= C > > > and AES CTR, but I did not remove the SHOULD recommendations for > > > the latter two (FWIW, both of these SHOULD be implemented for IKEv2= , > > > see RFC 4307). > > > 2) For implementations expected to operate at 1Gbps or greater: If E= SPv3 > > > (part of IPsec v3) is implemented, extended (64-bit) sequence numbe= rs > > > MUST be implemented and SHOULD be used (RFC 3720 indicated that thi= s > > > requirement was coming, so here it is ...). > > > 3) DES MUST NOT be used (RFC 3720 specified that DES SHOULD NOT be u= sed). > > > The reason for this change should be obvious ;-). > > > > > > I also added a paragraph to indicate that determination of which > > > versions of IPsec are supported by a target is out of scope, but if > > > both initiator and target support both IPsec v2 and v3, then use of v= 3 > > > is recommended [lower case, this is deliberate]. > > > > > > Note that RFC 3723 needs to be added to the list of RFCs that are > > > updated by the iSCSI consolidated draft. There will be a number of > > > references that will need to be added - I didn't put those into the > > > attached text file. > > > > > > Thanks, > > > --David > > > ---------------------------------------------------- > > > David L. Black, Distinguished Engineer EMC Corporation, 176 South St.= , > > > Hopkinton, MA=A0 01748 > > > +1 (508) 293-7953=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 FAX: +1 (508) 2= 93-7786 > > > david.black@emc.com=A0=A0=A0=A0=A0=A0=A0 Mobile: +1 (978) 394-7754 > > > ---------------------------------------------------- > > > > > > > > > > >=20 > _______________________________________________ > storm mailing list > storm@ietf.org > https://www.ietf.org/mailman/listinfo/storm From david.black@emc.com Tue Oct 25 07:52:58 2011 Return-Path: X-Original-To: storm@ietfa.amsl.com Delivered-To: storm@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D97B221F8BB3 for ; Tue, 25 Oct 2011 07:52:58 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -106.599 X-Spam-Level: X-Spam-Status: No, score=-106.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7idtMDcN-a7d for ; Tue, 25 Oct 2011 07:52:58 -0700 (PDT) Received: from mexforward.lss.emc.com (mexforward.lss.emc.com [128.222.32.20]) by ietfa.amsl.com (Postfix) with ESMTP id 40C0521F8BB1 for ; Tue, 25 Oct 2011 07:52:58 -0700 (PDT) Received: from hop04-l1d11-si04.isus.emc.com (HOP04-L1D11-SI04.isus.emc.com [10.254.111.24]) by mexforward.lss.emc.com (Switch-3.4.3/Switch-3.4.3) with ESMTP id p9PEquwF026060 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 25 Oct 2011 10:52:56 -0400 Received: from mailhub.lss.emc.com (mailhubhoprd03.lss.emc.com [10.254.221.145]) by hop04-l1d11-si04.isus.emc.com (RSA Interceptor) for ; Tue, 25 Oct 2011 10:52:47 -0400 Received: from mxhub28.corp.emc.com (mxhub28.corp.emc.com [10.254.110.184]) by mailhub.lss.emc.com (Switch-3.4.3/Switch-3.4.3) with ESMTP id p9PEqkCK016877 for ; Tue, 25 Oct 2011 10:52:47 -0400 Received: from mx14a.corp.emc.com ([169.254.1.78]) by mxhub28.corp.emc.com ([10.254.110.184]) with mapi; Tue, 25 Oct 2011 10:52:46 -0400 From: To: Date: Tue, 25 Oct 2011 10:52:45 -0400 Thread-Topic: Another security change: DH group size Thread-Index: AcyTJcFMCy22USI0TWSAE1VEK6+9BA== Message-ID: <7C4DFCE962635144B8FAE8CA11D0BF1E058D0EF665@MX14A.corp.emc.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: acceptlanguage: en-US Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-EMM-MHVC: 1 Subject: [storm] Another security change: DH group size X-BeenThere: storm@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Storage Maintenance WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 25 Oct 2011 14:52:59 -0000 RFC 3723 recommends a DH group size of 1024 bits in some cases. This needs to change to the following (new text for the iSCSI consolidated draft): When DH groups are used, a DH group of at least 2048 bits SHOULD be offered as a part of all proposals to create IPsec Security Associations to protect iSCSI traffic. One of the more important reasons for this is NIST Publication 800-131A that mandates 2048 bit DH size after 2013. I don't think we need to cite that NIST publication, though. I think this is the last one ... Thanks, --David ---------------------------------------------------- David L. Black, Distinguished Engineer EMC Corporation, 176 South St., Hopkinton, MA=A0 01748 +1 (508) 293-7953=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 FAX: +1 (508) 293-778= 6 david.black@emc.com=A0=A0=A0=A0=A0=A0=A0 Mobile: +1 (978) 394-7754 ---------------------------------------------------- From cbm@chadalapaka.com Wed Oct 26 15:46:58 2011 Return-Path: X-Original-To: storm@ietfa.amsl.com Delivered-To: storm@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CB3EF11E80B0 for ; Wed, 26 Oct 2011 15:46:58 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.274 X-Spam-Level: X-Spam-Status: No, score=-2.274 tagged_above=-999 required=5 tests=[AWL=0.325, BAYES_00=-2.599] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XvUFSxZJYImj for ; Wed, 26 Oct 2011 15:46:58 -0700 (PDT) Received: from snt0-omc3-s49.snt0.hotmail.com (snt0-omc3-s49.snt0.hotmail.com [65.54.51.86]) by ietfa.amsl.com (Postfix) with ESMTP id 5532611E8083 for ; Wed, 26 Oct 2011 15:46:58 -0700 (PDT) Received: from SNT131-DS3 ([65.55.90.136]) by snt0-omc3-s49.snt0.hotmail.com with Microsoft SMTPSVC(6.0.3790.4675); Wed, 26 Oct 2011 15:46:58 -0700 X-Originating-IP: [131.107.0.113] X-Originating-Email: [cbm@chadalapaka.com] Message-ID: From: Mallikarjun Chadalapaka To: , References: <7C4DFCE962635144B8FAE8CA11D0BF1E058D0EF665@MX14A.corp.emc.com> In-Reply-To: <7C4DFCE962635144B8FAE8CA11D0BF1E058D0EF665@MX14A.corp.emc.com> Date: Wed, 26 Oct 2011 15:46:56 -0700 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable X-Mailer: Microsoft Outlook 14.0 Thread-Index: AQKk/H1he7j1y5ZS5RYSFoBwMtus05PeaSPQ Content-Language: en-us X-OriginalArrivalTime: 26 Oct 2011 22:46:58.0584 (UTC) FILETIME=[2B30F980:01CC9431] Subject: Re: [storm] Another security change: DH group size X-BeenThere: storm@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Storage Maintenance WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 Oct 2011 22:46:58 -0000 Sounds good. I will try to publish the updated draft in the next couple = of days. Thanks. Mallikarjun -----Original Message----- From: storm-bounces@ietf.org [mailto:storm-bounces@ietf.org] On Behalf = Of david.black@emc.com Sent: Tuesday, October 25, 2011 7:53 AM To: storm@ietf.org Subject: [storm] Another security change: DH group size RFC 3723 recommends a DH group size of 1024 bits in some cases. This needs to change to the following (new text for the iSCSI = consolidated draft): When DH groups are used, a DH group of at least 2048 bits SHOULD be offered as a part of all proposals to create IPsec Security Associations to protect iSCSI traffic. One of the more important reasons for this is NIST Publication 800-131A = that mandates 2048 bit DH size after 2013. I don't think we need to cite = that NIST publication, though. I think this is the last one ... Thanks, --David ---------------------------------------------------- David L. Black, Distinguished Engineer EMC Corporation, 176 South St., Hopkinton, MA=A0 01748 +1 (508) 293-7953=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 FAX: +1 (508) = 293-7786 david.black@emc.com=A0=A0=A0=A0=A0=A0=A0 Mobile: +1 (978) 394-7754 ---------------------------------------------------- _______________________________________________ storm mailing list storm@ietf.org https://www.ietf.org/mailman/listinfo/storm From cbm@chadalapaka.com Thu Oct 27 09:53:59 2011 Return-Path: X-Original-To: storm@ietfa.amsl.com Delivered-To: storm@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E5C6F21F8B57 for ; Thu, 27 Oct 2011 09:53:59 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.339 X-Spam-Level: X-Spam-Status: No, score=-2.339 tagged_above=-999 required=5 tests=[AWL=0.260, BAYES_00=-2.599] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BBOOHw24XCxA for ; Thu, 27 Oct 2011 09:53:59 -0700 (PDT) Received: from snt0-omc3-s23.snt0.hotmail.com (snt0-omc3-s23.snt0.hotmail.com [65.55.90.162]) by ietfa.amsl.com (Postfix) with ESMTP id 5F1F121F8AD8 for ; Thu, 27 Oct 2011 09:53:59 -0700 (PDT) Received: from SNT131-DS14 ([65.55.90.135]) by snt0-omc3-s23.snt0.hotmail.com with Microsoft SMTPSVC(6.0.3790.4675); Thu, 27 Oct 2011 09:53:59 -0700 X-Originating-IP: [131.107.0.94] X-Originating-Email: [cbm@chadalapaka.com] Message-ID: From: Mallikarjun Chadalapaka To: , References: <7C4DFCE962635144B8FAE8CA11D0BF1E058D0EF665@MX14A.corp.emc.com> In-Reply-To: Date: Thu, 27 Oct 2011 09:53:57 -0700 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable X-Mailer: Microsoft Outlook 14.0 Thread-Index: AQKk/H1he7j1y5ZS5RYSFoBwMtus0wF0pdwWk9PzQEA= Content-Language: en-us X-OriginalArrivalTime: 27 Oct 2011 16:53:59.0287 (UTC) FILETIME=[05C27870:01CC94C9] Subject: Re: [storm] Another security change: DH group size X-BeenThere: storm@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Storage Maintenance WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 Oct 2011 16:54:00 -0000 The candidate draft with the security text is now published: http://www.chadalapaka.com/Documents/candidate-draft-ietf-storm-iscsi-con= s-0 4.pdf=20 Please let me know of any feedback at the earliest. Thanks. Mallikarjun -----Original Message----- From: storm-bounces@ietf.org [mailto:storm-bounces@ietf.org] On Behalf = Of Mallikarjun Chadalapaka Sent: Wednesday, October 26, 2011 3:47 PM To: david.black@emc.com; storm@ietf.org Subject: Re: [storm] Another security change: DH group size Sounds good. I will try to publish the updated draft in the next couple = of days. Thanks. Mallikarjun -----Original Message----- From: storm-bounces@ietf.org [mailto:storm-bounces@ietf.org] On Behalf = Of david.black@emc.com Sent: Tuesday, October 25, 2011 7:53 AM To: storm@ietf.org Subject: [storm] Another security change: DH group size RFC 3723 recommends a DH group size of 1024 bits in some cases. This needs to change to the following (new text for the iSCSI = consolidated draft): When DH groups are used, a DH group of at least 2048 bits SHOULD be offered as a part of all proposals to create IPsec Security Associations to protect iSCSI traffic. One of the more important reasons for this is NIST Publication 800-131A = that mandates 2048 bit DH size after 2013. I don't think we need to cite = that NIST publication, though. I think this is the last one ... Thanks, --David ---------------------------------------------------- David L. Black, Distinguished Engineer EMC Corporation, 176 South St., Hopkinton, MA=A0 01748 +1 (508) 293-7953=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 FAX: +1 (508) = 293-7786 david.black@emc.com=A0=A0=A0=A0=A0=A0=A0 Mobile: +1 (978) 394-7754 ---------------------------------------------------- _______________________________________________ storm mailing list storm@ietf.org https://www.ietf.org/mailman/listinfo/storm _______________________________________________ storm mailing list storm@ietf.org https://www.ietf.org/mailman/listinfo/storm From Internet-Drafts@ietf.org Mon Oct 31 09:00:09 2011 Return-Path: X-Original-To: storm@ietfa.amsl.com Delivered-To: storm@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CEF6721F8E2B; Mon, 31 Oct 2011 09:00:07 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.569 X-Spam-Level: X-Spam-Status: No, score=-102.569 tagged_above=-999 required=5 tests=[AWL=0.030, BAYES_00=-2.599, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id icQ9AM5prJIh; Mon, 31 Oct 2011 09:00:06 -0700 (PDT) Received: from ietfa.amsl.com (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 68F7511E80CE; Mon, 31 Oct 2011 09:00:05 -0700 (PDT) MIME-Version: 1.0 Content-Type: Multipart/Mixed; Boundary="NextPart" From: Internet-Drafts@ietf.org To: i-d-announce@ietf.org X-Test-IDTracker: no X-IETF-IDTracker: 3.62 Message-ID: <20111031160005.9589.99075.idtracker@ietfa.amsl.com> Date: Mon, 31 Oct 2011 09:00:05 -0700 Cc: storm@ietf.org Subject: [storm] I-D ACTION:draft-ietf-storm-iscsi-cons-04.txt X-BeenThere: storm@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Storage Maintenance WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 31 Oct 2011 16:00:09 -0000 --NextPart A new Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the STORage Maintenance Working Group of the IETF. Title : iSCSI Protocol (Consolidated) Author(s) : M. Chadalapaka, et al Filename : draft-ietf-storm-iscsi-cons-04.txt Pages : 342 Date : 2011-10-31 This document describes a transport protocol for SCSI that works on top of TCP. The iSCSI protocol aims to be fully compliant with the standardized SCSI Architecture Model (SAM-2). RFC 3720 defined the original iSCSI protocol. RFC 3721 discusses iSCSI Naming examples and discovery techniques. Subsequently, RFC 3980 added an additional naming format to iSCSI protocol. RFC 4850 followed up by adding a new public extension key to iSCSI. RFC 5048 offered a number of clarifications and a few improvements and corrections to the original iSCSI protocol. This document obsoletes RFCs 3720, 3980, 4850 and 5048 by consolidating them into a single document and making additional updates to the consolidated specification. This document also updates RFC 3721 and RFC 3723. The text in this document thus supersedes the text in all the noted RFCs wherever there is a difference in semantics. A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-storm-iscsi-cons-04.txt Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. --NextPart Content-Type: Message/External-body; name="draft-ietf-storm-iscsi-cons-04.txt"; site="ftp.ietf.org"; access-type="anon-ftp"; directory="internet-drafts" Content-Type: text/plain Content-ID: <2011-10-31085821.I-D@ietf.org> --NextPart--