RE: Problem with use of NotUnderstood in negotiations

[Paul Koning <ni1d@arrl.net>]

>>>>> "Martins" == Martins Krikis <mkrikis@yahoo.com> writes:

 Martins> --- Julian Satran <Julian_Satran@il.ibm.com> wrote:
 >> I am afraid you have to remember any key received just to avoid a
 >> rough initiator/target knowingly send noise.  You may also want to
 >> terminate a session with too many "NotUnderstood".

 Martins> What I don't understand, however, is why I should try to
 Martins> remember the keys that I don't understand.  What can
 Martins> possibly be gained from this? If the other party is dumb
 Martins> enough to send me a key that I don't understand twice, I
 Martins> don't mind noticing the problem only after a timeout or a
 Martins> negotiation round limit reached. And if the other side is
 Martins> simply just DoS-ing me, it can do it whether I am
 Martins> remembering unknown keys or not. 

Agreed.

It is quite unreasonable to require a pile of extra overhead that ONLY
does anything if the other side is actively malicious.  Robustness in
the presence of Byzantine failure was never in the iSCSI requirements,
nor as far as I know is it in the requirements of ANY IETF protocol.

    paul