separate general requirement from specific NVMe/TCP requirement

From David Black

diff --git a/scsi_nvme_middle.xml b/scsi_nvme_middle.xml
index 82b9fc78d72072522f624c2ca7ab1dcb58576a7a..f140bcf431f44ed1e28ef29f206b9c77b30d3dc0 100644 (file)
--- a/scsi_nvme_middle.xml
+++ b/scsi_nvme_middle.xml
@@ -249,10 +249,14 @@
   <t>
     It is the responsibility of those administering and deploying
     pNFS with an NVMe layout to ensure that appropriate protection is
-    deployed to that protocol. When using IP-based storage protocols
-    such as NVMe on TCP, TLS <xref target="RFC8446" /> SHOULD be used
-    as outlined in <xref target="NVME-TCP" /> to protect traffic between
-    pNFS clients and NVMe storage devices.
+    deployed to that protocol.
+    When using IP-based storage protocols such as NVMe over TCP, data
+    confidentiality and integrity SHOULD be provided for traffic between
+    pNFS clients and NVMe storage devices by using a secure communication
+    protocol such as TLS  <xref target="RFC8446" />.  For NVMe over TCP,
+    TLS SHOULD be used as described in <xref target="NVME-TCP" /> to
+    protect traffic between pNFS clients and NVMe namespaces used as
+    storage devices.
   </t>
   <t>
     Physical security is a common means for protocols not based on IP.