3.1.5.4 Receiving a FLOOD Message

Upon receiving a FLOOD message, a DRT node MUST perform the following steps:

1. Check whether the FLOOD message conforms to the syntax as specified in section 2.2.2.4 and drop the message if not. Otherwise, continue processing as follows. If the protocol is executing in confidential security mode, pass the message to the SecurityModule for decryption. If decryption fails, silently drop the message.

2. If the D flag is clear, reply with an ACK message to the sending node.

3. If a ROUTE_ENTRY is supplied in the FLOOD message, begin validating the ROUTE_ENTRY as specified in Receiving a New ROUTE_ENTRY.

4. If a Revoke CPA is supplied in the FLOOD message, validate the CPA as a Revoke CPA and, if not valid, discard.

5. Extract the CPA and pass it to the SecurityModule for verification and for calculation of the key. Remove the ROUTE_ENTRY (if any) for the key of the Revoke CPA from the cache.