[cap-talk] controversial article

[Ben Laurie]

On Sat, Jul 4, 2009 at 12:05 AM, Mark Miller<erights at gmail.com> wrote:
> On Fri, Jul 3, 2009 at 11:01 AM, Ben Laurie <benl at google.com> wrote:
>>
>> On Thu, Jul 2, 2009 at 6:59 PM, Mark Miller<erights at gmail.com> wrote:
>> > Distributed defensive correctness over unreliable networks is, almost by
>> > definition of "unreliable", impossible.
>>
>> I'm curious about this.
>>
>> The only thing we have is unreliable networks.
>>
>> Are you suggesting, therefore, that distributed defensive correctness
>> is impossible?
>
> Practically, yes. Unreliable means that there's no hard guarantee of
> service. Crypto turns unreliable into fail-stop. Redundant paths can reduce
> the frequency of failures. Reputation feedback, SLAs, and bounties can
> incent various parties to reduce this frequency as well. How would you go
> beyond this?

By the definition I saw somewhere in this thread, the fact that there
is no hard guarantee of service seems orthogonal - what you are after
is that an attacker can't deny service, which seems quite different to
me (i.e. if the attacker cannot alter the reliability of the network
then, indeed, there is a chance service will not be delivered, but it
was not caused by the attacker).

Even if an attacker can alter reliability, they still can't _deny_
service, just slow it down.

That is, intuitively, the expected time a service takes to deliver has
a component that is governed by the reliability of the network.
Decreasing reliability increases expected time, but not to infinity.

So, to make this real-world, should we instead talk about expected
delivery times? Denial of service would be increasing the expected
delivery time to infinity. Anything else would not be denial of
service.


>
>
> --
> Text by me above is hereby placed in the public domain
>
>    Cheers,
>    --MarkM
>
>
> _______________________________________________
> cap-talk mailing list
> cap-talk at mail.eros-os.org
> http://www.eros-os.org/mailman/listinfo/cap-talk
>
>