diff options
author | Rasmus Dahlberg <rasmus@mullvad.net> | 2022-07-20 15:00:10 +0200 |
---|---|---|
committer | Rasmus Dahlberg <rasmus@mullvad.net> | 2022-07-20 15:00:58 +0200 |
commit | 9939d41f37ff2b1b246eb62c7c54393f1be3e18e (patch) | |
tree | acc4d7698ad9eba7a8b2852d2d356d5deba3a1f8 | |
parent | bf2fe5fec86d91d10d8ac1cb93de9c428f7add56 (diff) |
add replace domain hint with rate limit proposal
-rw-r--r-- | doc/proposals/2022-07-replace-domain-hint-with-rate-limit | 33 |
1 files changed, 33 insertions, 0 deletions
diff --git a/doc/proposals/2022-07-replace-domain-hint-with-rate-limit b/doc/proposals/2022-07-replace-domain-hint-with-rate-limit new file mode 100644 index 0000000..c1570c9 --- /dev/null +++ b/doc/proposals/2022-07-replace-domain-hint-with-rate-limit @@ -0,0 +1,33 @@ +# Proposal + +Replace the "domain_hint" key in the input to the add-leaf endpoint with +"rate-limit". The value associated with the "rate-limit" key is on the format: + + method:data + +where the defined methods are: + + - dns: the exact same semantics as today's domain hint + - token: a shared secret that is negotiated between submitter and the log + operator out-of-band + +Example of a rate-limit line using DNS: + + rate_limit=dns:_sigsum_v0.example.org + +Example of a rate-limit line using token: + + rate_limit=token:xxxxxxxxxxxxxxxxxxxxxx + +The "rate_limt" key must not be repeated. + +The "rate_limit" key may be omitted. It is then up to the log server to accept +or reject the user's requests. + +# Motivation + +There are more ways to establish something to rate-limit on than domain hints. +The name "domain_hint" is also not descrptive; it makes understanding harder. + +It is also plausible that a log operator wants to run without a rate limit in +some environments. The above change permits this as well. |