|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RFC 2119 and iSCSI padding should be 0> However, according to RFC2119 the word MUST indicates that it is a > requirement of the specification. Correct. Also note that MUST is only to be used for things that are crucial for interoperability or required to prevent harm (see Section 6 of RFC 2119). > and therefore implies that the receiver will need to check the value. Incorrect. This is at odds with the usual IETF dictum that one should be conservative in what is sent but liberal in what is accepted. It is ok to say "MUST be sent as zero" and "MUST not be checked by the receiver" (e.g., for reserved bits that may be used for something in the future). In this case, because the value of the pad bytes should not have any future use, "SHOULD be zero" is adequate. The security risks of sending non-zero bytes (where did they come from?, do they disclose sensitive information?) would need to be described either here or in the Security Considerations section. Inadvertent disclosure of information is the "minor security risk" and since it's a possible cause of harm, it justifies saying "SHOULD be zero". > If it MUST be zero and is not, then that > would indicate a protocol error. Correct, but that may only be of interest to a protocol test suite or the like. IMHO, protocol testers should report events that violate "SHOULD" statements in the standard. Also, let me warn everyone that upper vs. lower case matters. RFC-2119 definitions only apply when UPPER case is used, so "MUST" and "must" do not have the same meaning in an RFC (ditto "SHOULD" and "should", etc.). Thanks, --David --------------------------------------------------- David L. Black, Senior Technologist EMC Corporation, 42 South St., Hopkinton, MA 01748 +1 (508) 435-1000 x75140 FAX: +1 (508) 497-8500 black_david@emc.com Mobile: +1 (978) 394-7754 ---------------------------------------------------
Home Last updated: Tue Sep 04 01:04:10 2001 6315 messages in chronological order |