If so, doesn't this allow for a really easy DoS attack? Wouldn't a malicious node only have to use a small portion of bandwidth to exceed his allocation and halt queries for everyone else?
Yes, but DoS attacks are already easy, so adding a new way to do them does't really make anything worse.
Or would you instead use a negative trust system? If so, continue that part of the discussion in 'Can "negative trust" work?'.
We could, see my response to the whole negative trust argument..
Yet another possibility is to not use a per-node quota system, but instead use a public quota system. A node tells everyone "I'll be able to handle up to x queries FROM EVERYONE IN TOTAL for the next y seconds" and then strictly enforces that statement. (It may be best if the node chose x to be a bit higher than he really expects to be able to handle. That way, he doesn't risk his node being under-utilized if it turns out he has more capacity than expected.)
The public quota system avoids making it so much easier for a malicious node to force us to QR. Also, we retain benefit of having made our QR:s more informative, since querying nodes know that if they receive one QR during the time period, it will be pointless to send any more queries until the y seconds are over.
We may as well forget about quotas and just tell them how long to back-off for in the QR itself, or... ok, see my next email.
Ian.
_______________________________________________ Devl mailing list [EMAIL PROTECTED] http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/devl
