Security extensions to SBP-2

PJohansson at PJohansson at
Tue Sep 16 16:52:57 PDT 1997

* From the T10 (formerly SCSI) Reflector (t10 at, posted by:
* PJohansson at
Document 97-245r0.pdf has been posted to the FTP site,

It contains a proposal for a new normative annex to SBP-2 for an (optional)
security model.

There will be discussion at the October 7 SBP-2 ad hoc meeting in Irvine, CA.

If you're familiar with the access and security model that has been in the
Mass Storage 1394 Device Profile, some observations are in order:

* The retry counter is gone. I'll argue that because the current model says
"...[it] is cleared upon power on reset, bus reset, and whenever a valid
logout occurs" that the counter is useless. If we meant to say something
else, let's discuss it in Irvine or on the reflector.

* The state diagram is gone. I discussed this with Mike and we agree that
*perhaps* the state diagram had little useful information or could be better
expressed in a table (e.g., what SBP-2 status to report in cases of error).
When I went to extract information I couldn't find any error conditions other
than "Access denied" and I didn't think it merited a table. If something of
value has been lost, let's discuss the best way to present the information in
a subsequent revision of the proposal.

* I think the model is generic for both read-only devices and those with
read/write medium. However, the working group should thoroughly discuss this
in Irvine.

The proposal is just that: a first draft. The intent is to seek agreement
that this is the right *place* to document it and then to verify the details.


Peter Johansson

* For T10 Reflector information, send a message with
* 'info t10' (no quotes) in the message body to majordomo at

More information about the T10 mailing list