Project

General

Profile

Task #4880

Add randomness to exponential retry on Nack in CertificateFetcherFromNetwork

Added by Ashlesh Gawande over 2 years ago. Updated 8 months ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
Security
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:

Related issues

Related to ndn-cxx - Feature #4718: Use exponential retry on nack in CertificateFetcherFromNetworkClosedAshlesh Gawande

Actions
#1

Updated by Ashlesh Gawande over 2 years ago

  • Related to Feature #4718: Use exponential retry on nack in CertificateFetcherFromNetwork added
#2

Updated by Davide Pesavento over 2 years ago

For unrelated reasons, I was looking at ndns code the other day and I found this: https://github.com/named-data/ndns/blob/002bb42222b6d6ca17864e0965833b1fb4e31361/src/validator/certificate-fetcher-ndns-cert.cpp#L182

I believe we should centralize this mechanism of exponential retry + jitter for certificate fetchers, instead of reimplementing the same logic in every subclass. Ideally we should use SegmentFetcher, if that's not possible then the CertificateFetcher base class or some other utility class should provide this facility. It's pretty clear that it's relatively easy to get this logic wrong and reimplementing it everywhere is just asking for bugs.

#3

Updated by Junxiao Shi over 2 years ago

we should centralize this mechanism of exponential retry + jitter for certificate fetchers, instead of reimplementing the same logic in every subclass. Ideally we should use SegmentFetcher

Exponential retry applies not only to segmented object, but also to all other Interests. Thus, it belongs to DataFetcher type. SegmentFetcher can then use DataFetcher to retrieve individual segments.

#4

Updated by Davide Pesavento 8 months ago

  • Category set to Security

In today's call it was mentioned that the default interest timeout should be lowered as well.

Also available in: Atom PDF