[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[freehaven-dev] I decided to sign document request broadcasts

Additionally, the broadcast document request can optionally be signed
by the servnet node performing the broadcast. This has a number of
ramifications. First of all, it introduces more complexity in the
problem described above, namely in trying to ensure that queries cannot
be selectively answered by a server attempting to gain trust without
serving documents to readers. On the other hand, it allows slightly more
accountability on the part of servers: this might be useful in the case
of denial of service flooding attacks, wherein an attacker might flood
a given node with document requests with the intent either of spamming
some helpless victim, or of saturating the bandwidth resources of the
server. In this circumstance a server might gain some defense by dropping
incoming requests that are not signed by a trusted peer server.