From: cme@ellisun.sw.stratus.com (Carl Ellison)
To: cypherpunks@toad.com
Message Hash: 17c254804b088540530fd9f5f441636c304825a14050f2dc716b38ae9bcbdd62
Message ID: <9309031826.AA09137@ellisun.sw.stratus.com>
Reply To: N/A
UTC Datetime: 1993-09-03 18:30:34 UTC
Raw Date: Fri, 3 Sep 93 11:30:34 PDT
From: cme@ellisun.sw.stratus.com (Carl Ellison)
Date: Fri, 3 Sep 93 11:30:34 PDT
To: cypherpunks@toad.com
Subject: Re: Remailer Reliability
Message-ID: <9309031826.AA09137@ellisun.sw.stratus.com>
MIME-Version: 1.0
Content-Type: text/plain
If you want reliability, you can take a page from the fault tolerance
business. Replicate the remailers. (There are many papers on this topic.
See, for example, ISIS from Cornell and Manetho from Rice.)
Example:
I send to r1 and r2.
Each of r1 and r2 sends to r3 and r4.
r3 and r4 each take the first message to arrive and drop the second.
at the end of the chain, you have rm and rn.
rm and rn each get the message (drop the second) and then decide between
them who gets to post it. The one who gets to, does and tells the other
that it's all done -- at which time the other drops its copy.
Death detection is by time-out (but only rn and rm need to delay operation
until the time-out -- to prevent multiple postings from a split-brain
network.)
Expensive (4x the message traffic) -- but fault tolerant.
- Carl
Return to September 1993
Return to “Karl Lui Barrus <klbarrus@owlnet.rice.edu>”