ARGON
Check-in [397f1cf018]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:AURUM fees in MERCURY requests
Timelines: family | ancestors | trunk
Files: files | file ages | folders
SHA1:397f1cf01836959531a3328791379482afb58b1a
User & Date: alaric 2018-03-08 18:06:30
Context
2018-03-08
18:06
AURUM fees in MERCURY requests Leaf check-in: 397f1cf018 user: alaric tags: trunk
2018-01-31
23:15
Interesting paper on partial evaluation of interpreters check-in: cff8b86a04 user: alaric tags: trunk
Changes
Hide Diffs Unified Diffs Ignore Whitespace Patch

Changes to intro/mercury.wiki.

290
291
292
293
294
295
296
297

298
299
300
301





302
303
304
305
306
307
308
<h3>Anti-Spam protection</h3>

Spamming is sending lots of unwanted requests via MERCURY, either to
try and get attention, to hog a public service, or to try and deny
service to others.

As such, alongside the usual access control lists on operations,
endpoints, and the entity as a whole, a HashCash cost may be

attached. Incoming messages that do not have a hashcash stamp showing
sufficient proof of work will be rejected, and the error message will
specify how much hashcash is required, before any other security
checking is performed.






<h2>Transit security</h2>

When a request is being sent to a remote entity on another node,
potentially in another cluster, or a response is being sent back, it
must be protected against eavesdropping and tampering by the untrusted
network. Both cases are considered as "a message" here.







|
>
|
|
|
<
>
>
>
>
>







290
291
292
293
294
295
296
297
298
299
300
301

302
303
304
305
306
307
308
309
310
311
312
313
<h3>Anti-Spam protection</h3>

Spamming is sending lots of unwanted requests via MERCURY, either to
try and get attention, to hog a public service, or to try and deny
service to others.

As such, alongside the usual access control lists on operations,
endpoints, and the entity as a whole, a
[http://hashcash.org/|HashCash] cost may be attached. Incoming
messages that do not have a hashcash stamp showing sufficient proof of
work will be rejected, and the error message will specify how much
hashcash is required, before any other security checking is

performed. Other forms of payment to use a service can also be
attached, but I need to finalise more details of [./aurum.wiki|AURUM]
to decide exactly how that'll work. Suffice to say, the same part of
the protocol header where hashcash stamps can be attached will also be
where other payment stamps can go.

<h2>Transit security</h2>

When a request is being sent to a remote entity on another node,
potentially in another cluster, or a response is being sent back, it
must be protected against eavesdropping and tampering by the untrusted
network. Both cases are considered as "a message" here.