- From: <spreitze@parc.xerox.com>
- Date: Fri, 19 Feb 1999 06:42:59 PST
- To: Harald Tveit Alvestrand <Harald@alvestrand.no>
- Cc: <spreitze@parc.xerox.com>, Chris Newman <chris@innosoft.com>, ietf-http-ng@w3.org
[CC list narrowwed to only the nominal list for this topic.] > ... I'd make the argument that any kind of data transfer without > receiver-given restraint is tantamount to a request for assisted suicide. I tend to agree. However, I've heard non-stupid people ask for the option to not do it. I don't remember their exact applications (if any were actually cited), but I'm willing to accept (on general principle!) that there may be applications where there simply is no need for the mux layer to apply receiver-given restraint. As for your specific worries about what might happen to such applications... > this leaves a wide-open door to denial-of-service attacks ... It would be possible for one direction of one channel to attack the same direction of another channel that's sharing the same underlying byte stream connection; that sameness of direction and underlying byte stream connection may imply some commonality of purpose in some applications, so that such attacks are not within the threat model. > and strange results from changed enviroments (streaming mode, for instance, > where it makes perfect sense to send 500 LIST requests without waiting > for the responses). Sorry, I don't get what you're trying to say here. Cheers, Mike
Received on Friday, 19 February 1999 09:43:27 UTC