openstack team mailing list archive

[Doug Hellmann <doug.hellmann@xxxxxxxxxxxxx>]

On Tue, May 22, 2012 at 1:25 PM, Nick Barcet <nick.barcet@xxxxxxxxxxxxx>wrote:

> On 05/22/2012 03:26 PM, Doug Hellmann wrote:
> >     -> In addition to a signature, I think we would need a sequence
> number
> >     to be embedded by the agent for each message sent, so that loss of
> >     messages, or forgery of messages, can be detected by the collector
> and
> >     further audit process.
> >
> >
> > OK. We have a message id, but I assumed those would be used to eliminate
> > duplicates so this sounds like something different or new. It implies
> > that the agent knows its own id (not hard) and keeps up with a sequence
> > counter (more difficult, though not impossible). Did you have something
> > in mind for how to implement that?
>
> Actually, this was my intent in the original blueprint when I specified
> the "message_id" field then a couple lines bellow: "a process may verify
> that messages were not lost".  On the implementation side, I was
> thinking that each agent would maintain its own sequence count, as a
> global instance count would be pricier.  In my mind, non repudiation was
> built from the message_signature + message_id which should be unique for
> each agent.
>

OK. That brings a couple of more specific questions to mind:

Does the agent save its sequence counter through a restart? How and where?
What about an upgrade?

What would the down-stream consumer of the data do if it discovered there
was a missing event? Who should do that detection work?


>
> Nick
>
>