Finding Fibre Channel over TCP/IP (FCIP) Entities Using Service Location Protocol version 2 (SLPv2)
Draft of message to be sent after approval:
From: The IESG <firstname.lastname@example.org> To: IETF-Announce <email@example.com> Cc: Internet Architecture Board <firstname.lastname@example.org>, RFC Editor <email@example.com>, ips mailing list <firstname.lastname@example.org>, ips chair <email@example.com> Subject: Protocol Action: 'Finding FCIP Entities Using SLPv2' to Proposed Standard The IESG has approved the following document: - 'Finding FCIP Entities Using SLPv2 ' <draft-ietf-ips-fcip-slp-10.txt> as a Proposed Standard This document is the product of the IP Storage Working Group. The IESG contact persons are Allison Mankin and Magnus Westerlund. A URL of this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-ips-fcip-slp-10.txt
Technical Summary draft-ietf-ips-fcip-slp-09.txt describes the use of the Service Location Protocol Version 2 (SLPv2) to perform dynamic discovery of participating FCIP Entities. Implementation guidelines, service type templates, and security considerations are specified. FCIP is a pure FC encapsulation protocol that transports FC frames. As defined by the IPS WG, it interconnects Fibre Channel switches over TCP/IP networks. Working Group Summary The Working Group had consensus to advance this documents to Proposed Standard. The SLPv2 and discovery aspects were given review and discussion on the mailing list by Erik Guttman and James Kempf, and this was an active discussion. This document had a revision following IESG review which was concerned about the Security Considerations and some text originally present on NAT, which was viewed as needing to be in a more general document and as not providing significant guidance. Protocol Quality The documents were reviewed for the IESG by Erik Guttman, James Kempf, Thomas Narten and Allison Mankin. David Black addressed the issues of the security review. RFC Editor Notes ----- Section 4.2 NAT and NAPT Considerations - delete this entire section ----- Section 5.2 - remove the line: # snmp://192.0.2.0 ----- Section 6.1. Security Implementation - section is replaced by new text: OLD: 6.1. Security Implementation Security for SLPv2 in an IP storage environment is specified in [IPS- SEC]. IPsec SHOULD be implemented for SLPv2 as specified in [IPS-SEC]. This includes ESP with a non-null transform to provide both authentication and confidentiality. SLPv2 authentication is OPTIONAL to implement and use, and SLPv2 authentication SHOULD be implemented when IPsec is not supported. NEW: 6.1. Security Implementation Security for SLPv2 in an IP storage environment is specified in [RFC3723]. IPsec is mandatory-to-implement for IPS clients and servers. Thus, all IP storage clients, including those invoking SLP, can be assumed to support IPsec. SLP servers, however, cannot be assumed to implement IPsec, since there is no such requirement in standard SLP. In particular, SLP Directory Agents (DA) may be running on machines other than those running the IPS protocols. IPsec SHOULD be implemented for SLPv2 as specified in [RFC3723]; this includes ESP with a non-null transform to provide both authentication and confidentiality. Because the IP storage services have their own authentication capabilities when located, SLPv2 authentication is OPTIONAL to implement and use (as discussed in more detail in [RFC 3723]). Change the draft's normative reference [IPS-SEC] to [RFC 3723].