Re: [marf] Requested Report Interval: stateless cache-driven exponential decrease

Tue, 12 Jul 2011 03:57:27 -0700 

On 11/Jul/11 22:11, John Levine wrote:
>>> On diagnosing a failure, the agent generates a random number R in the
>>> interval [0, 1] (or sets R=0.5).  It then computes a value P using numeric
>>> values from the retrieved RR and a formula to be specified in
>>> authfailure-report.  If P >= R, then the agent generates and sends the
>>> report, otherwise does nothing.
> 
> Standards only work when it is mutually beneficial to both parties to
> implement them.  What is the benefit to the reporting party of
> implementing this complex mess?

Complex mess?!?  It can be done by a 40-line C function that I attach
untested.  The benefit is the simplicity of being stateless while
still not requiring to report each and every failure.

The alternative needs a semaphore to synchronize access to global
store.  Then, what kind of global store?  Plain files like
/tmp/reports-example.com?  MySQL?  BerkeleyDB?  Note that a similarly
structured storage may already exist, e.g. maintained by the local
identity assessor, but sharing it with the verifier would add even
more complexity.

> If there's any rate limiting at all, keep it to something easy to
> implement, like a maximum number of reports per hour.

Yes, such limit makes much sense, either as a global maximum or as a
per-domain one.  Shouldn't it be set by the reporter, though?  In such
case it could be enforced /after/ any self-imposed "complex mess"
limit, e.g. on sending, where access to locally maintained databases
might be easier.

#include <stdlib.h>
#include <math.h>

int self_limit(char *ri, unsigned long ttl)
/*
assume ri points to the value of the ri= parameter, if any, and
that the parameter should be formatted like "86400p2s100d" in any
order (p, s, d stand for for Period, Slope or Sharpness, Divisor)
*/
{
        unsigned long p = 0, s = 0, d = 0;
        double f = 1.0;

        while (ri && *ri)
        {
                char *t;
                unsigned long l = strtoul(ri, &t, 10);
                switch (*t)
                {
                        case 'd': d = l; break;
                        case 'p': p = l; break;
                        case 's': s = l; break;
                        default:
                                return 0; // invalid ri, don't send
                }
                ri = t + 1;
        }

        if (s && p && ttl)  // Gaussian cutoff
        {
                double x = (double)s * (1.0 - (double)ttl/(double)p);
                if (fabs(x) >= 1.0)
                        return 0; // don't send

                f = M_E * exp(-1.0/(1.0 - x*x));
        }

        if (d) // linear cutoff
                f /= (double)d;

        return f * (double)RAND_MAX <= rand();
}

_______________________________________________
marf mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/marf

Reply via email to