Re: [Engine-devel] Open Attestation integration with oVirt engine proposal has submitted patchset5 for your review

Hi Dave, I would like to raise again the question of the full cache flash for each stale cache entry found. This method can cause two unwanted situations: 1. Choosing untrusted host: lets say, for example that you have 1000 host in your pool. you look at the first host in the cache and find that its attestation hat expired. you refresh the entire pool (there are 1000 host, that must take some time). by the the time the last host was refreshed in the pool, the first host may already be expired again. but since you already checked it - you keep on with your flow and select that host, even so it has expired and may as well be untrusted. 2. infinite loop: lets say we'll try to fix what I've described in 1. then, we need to check again if the host has expired before we select it. if it is, the entire refresh process starts again. this could potentially go on forever (unless I'm missing something, and the expiration is much longer then the full re-cache process). Instead of re-caching the full cache we can do as follows: - hold the cache entries sorted by expiration (if the expiration time is the same for all hosts, so a queue is enough). - each time we need a new trusted host - select from the unexpired hosts, refresh all expired hosts (in one query). - if all hosts are expired - we can wait for the first host to be defined trusted by the attestation server and select that host. Ofri ----- Original Message -----