Recently the author team we discussed how to handle remove
"permanence" (i.e., preventing subsequent stores), the general sense
was that Removes should have a similar lifetime to a Store, i.e., that
the object should be protected for as long as the store would have
been.
When I went to make this mod, it occurred to me that there was a far
simpler way to do it: a store of a "nonexistent" value. We already
have a way to represent that a data value doesn't exist:
struct {
Boolean exists;
opaque value<0..2^32-1>;
} DataValue;
So, all that has to happen to effectively remove a value is that
the owning node does a Store of a value with exists = false.
This will get automatically propagated, replicated, etc. and
there is no need for a separate Remove method at all. Note that
Remove already acts like this in some ways anyway, since deletes
in Arrays and Dictionaries insert (unsigned) nonexists.
One point that Cullen raised was whether you might want
to have separate permissions for Remove and this method,
but I think you can still do that, since Store of Empty
is clearly a distinct operation. That said, if you allow
overwrites of existing stores with any value, then it's not
clear how truncation and "remove" have different access control
permissions.
This approach seems a lot cleaner and I wanted to get WG opinion
on it.
Thanks,
-Ekr
_______________________________________________
P2PSIP mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/p2psip
