On Tue, May 22, 2012 at 1:25 PM, Nick Barcet <[email protected]>wrote:
> On 05/22/2012 03:26 PM, Doug Hellmann wrote: > > -> In addition to a signature, I think we would need a sequence > number > > to be embedded by the agent for each message sent, so that loss of > > messages, or forgery of messages, can be detected by the collector > and > > further audit process. > > > > > > OK. We have a message id, but I assumed those would be used to eliminate > > duplicates so this sounds like something different or new. It implies > > that the agent knows its own id (not hard) and keeps up with a sequence > > counter (more difficult, though not impossible). Did you have something > > in mind for how to implement that? > > Actually, this was my intent in the original blueprint when I specified > the "message_id" field then a couple lines bellow: "a process may verify > that messages were not lost". On the implementation side, I was > thinking that each agent would maintain its own sequence count, as a > global instance count would be pricier. In my mind, non repudiation was > built from the message_signature + message_id which should be unique for > each agent. > OK. That brings a couple of more specific questions to mind: Does the agent save its sequence counter through a restart? How and where? What about an upgrade? What would the down-stream consumer of the data do if it discovered there was a missing event? Who should do that detection work? > > Nick > >
_______________________________________________ Mailing list: https://launchpad.net/~openstack Post to : [email protected] Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
