aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRasmus Dahlberg <rasmus@mullvad.net>2022-07-20 15:00:10 +0200
committerRasmus Dahlberg <rasmus@mullvad.net>2022-07-20 15:00:58 +0200
commit9939d41f37ff2b1b246eb62c7c54393f1be3e18e (patch)
treeacc4d7698ad9eba7a8b2852d2d356d5deba3a1f8
parentbf2fe5fec86d91d10d8ac1cb93de9c428f7add56 (diff)
add replace domain hint with rate limit proposal
-rw-r--r--doc/proposals/2022-07-replace-domain-hint-with-rate-limit33
1 files changed, 33 insertions, 0 deletions
diff --git a/doc/proposals/2022-07-replace-domain-hint-with-rate-limit b/doc/proposals/2022-07-replace-domain-hint-with-rate-limit
new file mode 100644
index 0000000..c1570c9
--- /dev/null
+++ b/doc/proposals/2022-07-replace-domain-hint-with-rate-limit
@@ -0,0 +1,33 @@
+# Proposal
+
+Replace the "domain_hint" key in the input to the add-leaf endpoint with
+"rate-limit". The value associated with the "rate-limit" key is on the format:
+
+ method:data
+
+where the defined methods are:
+
+ - dns: the exact same semantics as today's domain hint
+ - token: a shared secret that is negotiated between submitter and the log
+ operator out-of-band
+
+Example of a rate-limit line using DNS:
+
+ rate_limit=dns:_sigsum_v0.example.org
+
+Example of a rate-limit line using token:
+
+ rate_limit=token:xxxxxxxxxxxxxxxxxxxxxx
+
+The "rate_limt" key must not be repeated.
+
+The "rate_limit" key may be omitted. It is then up to the log server to accept
+or reject the user's requests.
+
+# Motivation
+
+There are more ways to establish something to rate-limit on than domain hints.
+The name "domain_hint" is also not descrptive; it makes understanding harder.
+
+It is also plausible that a log operator wants to run without a rate limit in
+some environments. The above change permits this as well.