commit 5fb7da06ae51f21afe087d569c7d2a0c16d2ab88
parent 259bc266374fdab30431f3284edae85b9be23384
Author: Martin Schanzenbach <schanzen@gnunet.org>
Date: Sun, 14 Jul 2024 09:00:34 +0200
remove bcp from security model discussion
Diffstat:
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/draft-schanzen-r5n.xml b/draft-schanzen-r5n.xml
@@ -189,7 +189,7 @@
sufficient number of direct connections with other honest
peers to achieve acceptable performance. As the number of
malicious peers and their connections increases, performance
- of the system <bcp14>SHOULD</bcp14> gracefully degrade, and
+ of the system should gracefully degrade, and
only collapse for peers that an adversary has fully isolated
from the benign network.
</t>
@@ -200,19 +200,19 @@
well as invalid routing path data if such routing meta-data
is present. While malicious nodes may make up arbitrary
key-value pairs and paths within the adversary's domain,
- invalid key-value pairs <bcp14>SHOULD</bcp14> ideally be
+ invalid key-value pairs are ideally
discarded at the first honest node, and path data
- <bcp14>MUST</bcp14> honestly state entry- and exit-points
+ honestly state entry- and exit-points
from the honest network into the subset of malicious nodes.
</t>
<t>
- Malicious nodes <bcp14>MAY</bcp14> attempt to exhaust the
+ Malicious nodes may attempt to exhaust the
storage capacity of honest nodes by distributing well-formed
(but possibly otherwise useless) application data. We assume
that storage space is relatively cheap compared to bandwidth
and that honest nodes also frequently re-publish the useful
data that they publish. As a result, an adversary
- <bcp14>MAY</bcp14> reduce the effectiveness and longevity of
+ may reduce the effectiveness and longevity of
data cached in the DHT, but is assumed to not be able to
effectively prevent publication and retrieval of application
data by honest nodes.
