Isn't the real challenge around protecting the hub from spoofing? The way it is now it doesn't matter if someone fakes a ping to the hub as the hub will fetch the feed for itself and verify it. If you switch to fat pings you open yourself up to spoofing. You could add another form of authentication to deal with this, but it starts to get more complicated. Not to mention the challenge of getting data normalization right on the publishers end when one of our core guidelines is "keep the complexity at the hub"
On Jan 26, 10:22 pm, todd hoff <[email protected]> wrote: > My understanding is that there's a light ping from the publisher to > the hub. It would be convenient to use a fat ping here for the same > reason as a fat ping makes sense from the hub to the consumer. > Especially for low power devices the extra operations are a bit of a > drain.
