[Ietf-not43] Re: Data mining v. poorly-framed queries [was

[Ted Hardie]

> 
> 
> I'd prefer this -- I always like deterministic behaviour :-) 
> But I think I agree with Andy in that it's not what will get 
> implemented, irrespective of what our requirements state.
> 
> So, two possibilities:
> 
> 	. as proposed below:  will servers in fact implement
> 	  sufficiently random deletions from the result set,
> 	  or will miners simply try to chain, anyway.
> 
> 	. as currently written in the requirements doc:  the service 
> 	  MUST fail silently when it has a query that generates too 
> 	  many hits.  Both legitimate clients and miners will have
> 	  to retry queries to confirm they got everything they
> 	  wanted...
> 
> At this point, it seems like we're trying to do behaviour modification
> on end-users via requirements for a service that will be implemented
> in some as-yet-to-be-decided protocol... that seems like too many
> layers of indirection for sanity.
> 
> Leslie.

Leslie,
	I'm not sure that we are trying to do behavior mod on the end
user; I think we're trying to do protocol design based on the abusive
cases rather than normal use.  Given the strong message we've received
that data mining is a problem, I think we do have to take it into
account, but not to the point where we seriously perturb the behavior
of the protocol.
	I advocate changing the current "silent failure" requirement.
I believe it hinders normal use, and does not stop abusive behavior.
I'd like to change it to something that supports normal use in an
interoperable and deterministic way.  I'm totally open to suggestions
as to what that might be, if the error message with omitted details
is not appropriate.
			regards,
					Ted Hardie