RFC 2119 and iSCSI padding should be 0

[Black_David@emc.com]

> However, according to RFC2119 the word MUST indicates that it is a
> requirement of the specification.

Correct.  Also note that MUST is only to be used for things that
are crucial for interoperability or required to prevent harm
(see Section 6 of RFC 2119).

> and therefore implies that the receiver will need to check the value.

Incorrect.  This is at odds with the usual IETF dictum
that one should be conservative in what is sent but liberal
in what is accepted.  It is ok to say "MUST be sent as zero"
and "MUST not be checked by the receiver" (e.g., for reserved
bits that may be used for something in the future).

In this case, because the value of the pad bytes should not have
any future use, "SHOULD be zero" is adequate.  The security risks
of sending non-zero bytes (where did they come from?, do they
disclose sensitive information?) would need to be described
either here or in the Security Considerations section.  Inadvertent
disclosure of information is the "minor security risk" and since
it's a possible cause of harm, it justifies saying "SHOULD be zero".

> If it MUST be zero and is not, then that
> would indicate a protocol error.

Correct, but that may only be of interest to a protocol test suite or
the like.  IMHO, protocol testers should report events that violate
"SHOULD" statements in the standard.

Also, let me warn everyone that upper vs. lower case matters.  RFC-2119
definitions only apply when UPPER case is used, so "MUST" and "must"
do not have the same meaning in an RFC (ditto "SHOULD" and "should", etc.).

Thanks,
--David

---------------------------------------------------
David L. Black, Senior Technologist
EMC Corporation, 42 South St., Hopkinton, MA  01748
+1 (508) 435-1000 x75140     FAX: +1 (508) 497-8500
black_david@emc.com       Mobile: +1 (978) 394-7754
---------------------------------------------------