Tom.Petch wrote: > The phrase 'monotonic increasing' seems to be a Humpty-Dumpty one, used with a > different sense within RFC to that which I see defined elsewhere; and this > could lead to a reduction in security. > > Elsewhere - dictionaries, encyclopaedia, text books - I see it > defined so that when applied to a sequence of numbers, then each number is not > less than its predecessor, so that > 1 1 1 1 1 1 1 1 1 1 > 1 1 2 3 5 8 13 > 1 2.71828 3.14159 4.18 42 > are all monotonic increasing sequences whereas > 1 2 3 4 5 6 7 9 8 10 > is not. There are two variants: monotonic increasing sequence where (i+1)>=(i) which applies to all of the above in math, monotonic always includes equality strictly monotonic increasing sequence where (i+1)>(i) which applies to all except the first two examples this is also known as "non decreasing", as Ken noted a constant sequence is one which is both monotonic increasing and monotonic decreasing. > Within RFC, mostly those related to security or network management, the context > of its use implies, in addition, one or more of > a) each number in the sequence is different (as in number used once) > b) each number is an integer > c) each number is one greater than its predecessor (as in message sequencing) . RFCs tend to describe integer sequences (vs. real or other kinds of numbers). Most of the uses I'm familiar with for sequence numbers in RFCs don't care if numbers are skipped, so I'm not sure this definition is typical. (can you give an example if not?) The above is an arithmetic integer sequence (constant delta between terms) that is strictly monotonic increasing and maximally compact. Informally, this might be referred to as a "sequential", but mathematically a sequence is just an ordered list of numbers. If (c) is changed to omit "one", this defines is monotonic increasing integer sequence. If (c) is changed to "at least one", this defines a strictly monotonic integer sequence. > Most likely, an implementation that conforms to the rest of the world definition > would interwork with one that conforms to the RFC one, but with some loss of > security, since numbers that are intended to be used only once could be reused. > > Q1) Can anyone point me to an authoritative source that endorses the RFC usage? > > Q2) Even so, since the rest of the world usage seems to be so widely defined, > should we change our terminology, eg specifying seqences to be strictly > increasing when that is what is needed? I would agree with Q2. Joe
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf