<html><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; "><br><div><div>On Feb 1, 2008, at 11:57 AM, Matthew Toseland wrote:</div><br class="Apple-interchange-newline"><blockquote type="cite"><span class="Apple-style-span" style="border-collapse: separate; color: rgb(0, 0, 0); font-family: Courier; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: 2; text-align: auto; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; -webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0; "><blockquote type="cite">I'm not familiar enough with the details of the proposed ULPRs and how<br></blockquote><blockquote type="cite">USKs and Frost and the like check for new updates / messages, but it<br></blockquote><blockquote type="cite">seems possible that simple legitimate checks for new content would<br></blockquote><blockquote type="cite">have a similar effect. Of course, failure tables would help a lot<br></blockquote><blockquote type="cite">with that case, but they wouldn't help against a malicious attacker.<br></blockquote><br>Could ULPRs help to resolve it? Would it be possible to estimate the demand<span class="Apple-converted-space"> </span><br>for a key (in a way which doesn't favour single nodes that constantly<span class="Apple-converted-space"> </span><br>rerequest, and is biased by links so that an attacker could only attack<span class="Apple-converted-space"> </span><br>proportionately to the number of connections he has), in order to decide<span class="Apple-converted-space"> </span><br>which requests to let through?</span></blockquote></div><br><div>I guess you could add to the failure table which distinct links have requested a given key, and be more likely to let those through with more links (once the failure is timed out). It doesn't seem very granular, as I would suppose (in a small world network) that a re-request from a non-peer node would be very likely to show up on a different connection.</div><div><br class="webkit-block-placeholder"></div><div>--</div><div>Robert Hailey</div><div><br class="webkit-block-placeholder"></div></body></html>