Re: 'monotonic increasing'

[Joe Touch <touch@ISI.EDU>]

Tom.Petch wrote:
> The phrase 'monotonic increasing' seems to be a Humpty-Dumpty one, used with a
> different sense within RFC to that which I see defined elsewhere; and this
> could lead to a reduction in security.
> 
> Elsewhere - dictionaries, encyclopaedia, text books -  I see it
> defined so that when applied to a sequence of numbers, then each number is not
> less than its predecessor, so that
> 1 1 1 1 1 1 1 1 1 1
> 1 1 2 3 5 8 13
> 1 2.71828 3.14159 4.18 42
> are all monotonic increasing sequences whereas
> 1 2 3 4 5 6 7 9 8 10
> is not.

There are two variants:

	monotonic increasing
		sequence where (i+1)>=(i)
		which applies to all of the above

		in math, monotonic always includes equality

	strictly monotonic increasing
		sequence where (i+1)>(i)
		which applies to all except the first two examples

		this is also known as "non decreasing", as Ken noted

a constant sequence is one which is both monotonic increasing and
monotonic decreasing.

> Within RFC, mostly those related to security or network management, the context
> of its use implies, in addition, one or more of
> a) each number in the sequence is different (as in number used once)
> b) each number is an integer
> c) each number is one greater than its predecessor (as in message sequencing) .

RFCs tend to describe integer sequences (vs. real or other kinds of
numbers). Most of the uses I'm familiar with for sequence numbers in
RFCs don't care if numbers are skipped, so I'm not sure this definition
is typical. (can you give an example if not?)

The above is an arithmetic integer sequence (constant delta between
terms) that is strictly monotonic increasing and maximally compact.
Informally, this might be referred to as a "sequential", but
mathematically a sequence is just an ordered list of numbers.

If (c) is changed to omit "one", this defines is monotonic increasing
integer sequence.

If (c) is changed to "at least one", this defines a strictly monotonic
integer sequence.

> Most likely, an implementation that conforms to the rest of the world definition
> would interwork with one that conforms to the RFC one, but with some loss of
> security, since numbers that are intended to be used only once could be reused.
> 
> Q1) Can anyone point me to an authoritative source that endorses the RFC usage?
> 
> Q2) Even so, since the  rest of the world usage seems to be so widely defined,
> should we change our terminology, eg specifying seqences to be strictly
> increasing when that is what is needed?

I would agree with Q2.

Joe

_______________________________________________
Ietf mailing list
Ietf@ietf.org
https://www1.ietf.org/mailman/listinfo/ietf