RE: Problem with use of NotUnderstood in negotiations

[Martins Krikis <mkrikis@yahoo.com>]

--- Julian Satran <Julian_Satran@il.ibm.com> wrote:

> I am afraid you have to remember any key received
> just to avoid a rough 
> initiator/target knowingly send noise.
> You may also want to terminate a session with too
> many "NotUnderstood".

Alright, so I understood everything so far and do
realize that checking values for keys I don't
understand may let me notice a protocol error
quicker than by just returning NotUnderstood. 

I also think that the likelihood of this
problem occuring is so low that letting both sides
bounce back and forth the OGMarker=NotUnderstood
until they time out or reach negotiation round 
limits would be acceptable.

What I don't understand, however, is why I should
try to remember the keys that I don't understand.
What can possibly be gained from this? If the
other party is dumb enough to send me a key that
I don't understand twice, I don't mind noticing
the problem only after a timeout or a negotiation
round limit reached. And if the other side is 
simply just DoS-ing me, it can do it whether I am
remembering unknown keys or not. That possibility
was always in the protocol and there are no
good ways to guard against it. That's why a good
overall timeout or a limit on negotiation rounds
is needed.

Martins Krikis, Intel Corp.

Disclaimer: these opinions are mine and may not
            be those of my employer


__________________________________________________
Do You Yahoo!?
HotJobs - Search Thousands of New Jobs
http://www.hotjobs.com