NFD

Include forwarding hint as part of PIT index.

Necessity
Forwarding with forwarding hint leads to concerns about denial-of-service with malicious forwarding hints.
For example, Mallory may express Interests at a high rate for popular contents with Link [{10,ndn:/mallory}], and setup a producer at ndn:/mallory network to return fake Data. After Mallory's Interest is forwarded, other Interests requesting same contents with no or different forwarding hints would be aggregated into the PIT entry created by Mallory's Interest, and they won't be able to receive legit Data.

Solution
The PIT should be logically partitioned according to the forwarding hint.
By including the forwarding hint as part of PIT index, Mallory's Interest would have a different PIT entry than other Interests with same name and Selectors. This solution eliminates this type of denial-of-service, because Interests with different forwarding hints are forwarded separately and not aggregated, so that Mallory's Interest cannot affect Interests without Mallory's forwarding hint.

This issue includes:

• PIT entry: forwarding hint getter
• PIT index: include forwarding hint as part of index
• PIT lookup: perform exact match on Name+Selectors+ForwardingHint
• PIT match Data: incoming Data can match a PIT entry only if incoming face has an out-record;
  special case: if PIT Interest name ends with an implicit digest, any Data that satisfies the implicit digest can match it

NFD Developer Guide should be updated as part of this issue.