Re: iSCSI: Text request/response spanning - security issue?

[Bill Studenmund <wrstuden@wasabisystems.com>]

On Fri, 29 Mar 2002, Paul Koning wrote:

> I would argue that an implementation can, and should, have its own
> protective limits no matter what the standard may have to say about
> it.  If a well-crafted sequence of messages crashes an implementation,
> the blame goes to the implementation, not to the standard.
>
> But I do agree that the standard needs to say more.  Given that
> resources and needs may vary, it seems overly restrictive to place a
> hard upper bound on the overall size.  What I would propose instead is
> that the standard specify an overall size that all implementations
> MUST support.  Larger sizes may be accepted if the implementation has
> the needed memory -- which allows implementations that have special
> requirements to deal with that within the standard -- but a conforming
> implementation would be entitled to reject such large negotiations.
>
> One question: are we concerned here with an individual "key=value" or
> with all of the key=value pairs in the text messages taken together?
> I can see reasons to worry about the entire set of key=value pairs, so
> having a size bound (as in "everyone MUST support at least this much")
> on that would take care of the entire question in one step.

Why don't we negotiate a size? We have a default max size for individual
key=value items, and a max for the entire set. Either the target or the
initiator can try to negotiate it up, but has to deal with the other side
saying no. You can't negotiate it below the default max that we decide on.

The main thing about making it a negotiated value is both sides can know
what the other can do. We won't get surprise errors as we tripped over an
undisclosed limit one side had.

Take care,

Bill