Feature #3162
Updated by Junxiao Shi over 6 years ago
Include forwarding hint Link object as part of PIT index. **Necessity** Forwarding with forwarding hint Link leads to concerns about denial-of-service with malicious forwarding hints. Link objects. For example, Mallory Eve may express Interests at a high rate for popular contents with Link [{10,ndn:/mallory}], [{10,ndn:/eve2}], and setup a producer at ndn:/mallory ndn:/eve2 network to return fake Data. After Mallory's Eve's Interest is forwarded, other Interests requesting same contents with no or different forwarding hints Link objects would be aggregated into the PIT entry created by Mallory's Eve's Interest, and they won't be able to receive legit Data. **Solution** The PIT Interest Table should be logically partitioned according to the forwarding hint. Link object. By including the forwarding hint Link object as part of PIT index, Mallory's Eve's Interest would have a different PIT entry than other Interests with same name Name and Selectors. This solution eliminates this type of denial-of-service, because Interests with different forwarding hints Link objects are forwarded separately and not aggregated, so that Mallory's Eve's Interest cannot affect Interests without Mallory's forwarding hint. Eve's Link object. This issue includes: * PIT entry: forwarding hint Link object getter * PIT index: include forwarding hint Link object as part of index * PIT lookup: perform exact match on Name+Selectors+ForwardingHint Name+Selectors+Link * PIT match Data: incoming Data can match a PIT entry only if incoming face has an out-record; special case: if PIT Interest name Name ends with an implicit digest, any Data that satisfies the implicit digest can match it NFD Developer Guide should be updated as part of this issue.