On Thu, 11 May 2000, Lee Daniel Crocker wrote: > > Under your proposal what would stop a malicious node from sending > > updates as quickly as possible to flood the network? > > That's not an issue with SVKs: remember that they are, by their > very nature, cryptographically signed. That means it's not possible > to "flood update" someone else's document since servers will just > discard invalid signatures, and if someone wants to flood his own > documents, nodes may choose to just ignore the nym. That won't > prevent a one-time DoS, but then nothing will anyway.
But it is still a problem, IMO, because it allows you to use a node as an agent to send a large number of messages based on very little work by you. Ian has not said exactly how many messages he expects each node to produce, but it has to be large. So by sending one message one can make a node send 100. That makes the life of DoS flooder a lot nicer. Now Ian will probably note that allowing follow-throughts completely would allow a DoS flooder to attack the "epi-center" node of a certain piece of data - which is true, and one of the reasons I why I decided to move away from a user choice follow-through to a slip-through based on something like an LM factor. > I do have a suggestion, though: to truly prevent any possible > "explosion" effect, the "fireworks" sent from each node on the > update path where the document was found should have an HTL of 1, > or just possibly 2, and nodes must not further distribute any > received update message with an HTL of 2 or below. In other > words, only flare from the main branch, so it's not so much a > broadcast, or even a deep probe, so much as a "thick" probe. I still think the difference of such an action would be very small. > -- > Lee Daniel Crocker <lee at piclab.com> <http://www.piclab.com/lee/> > "All inventions or works of authorship original to me, herein and past, > are placed irrevocably in the public domain, and may be used or modified > for any purpose, without permission, attribution, or notification."--LDC > > > _______________________________________________ > Freenet-dev mailing list > Freenet-dev at lists.sourceforge.net > http://lists.sourceforge.net/mailman/listinfo/freenet-dev -- Oskar Sandberg md98-osa at nada.kth.se #!/bin/perl -sp0777i<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<j]dsj $/=unpack('H*',$_);$_=`echo 16dio\U$k"SK$/SM$n\EsN0p[lN*1 lK[d2%Sa2/d0$^Ixp"|dc`;s/\W//g;$_=pack('H*',/((..)*)$/) _______________________________________________ Freenet-dev mailing list Freenet-dev at lists.sourceforge.net http://lists.sourceforge.net/mailman/listinfo/freenet-dev
