W3C home > Mailing lists > Public > ietf-http-wg-old@w3.org > May to August 1998

Re: Drawbacks of persistent connections

From: Jim Gettys <jg@pa.dec.com>
Date: Mon, 15 Jun 1998 09:48:50 -0700
Message-Id: <9806151648.AA04939@pachyderm.pa.dec.com>
To: "J.P. Martin-Flatin" <martin-flatin@epfl.ch>
Cc: http-wg@cuckoo.hpl.hp.com
X-Mailing-List: <http-wg@cuckoo.hpl.hp.com> archive/latest/205

> Sender: jpmf@tcomhp20.epfl.ch
> From: "J.P. Martin-Flatin" <martin-flatin@epfl.ch>
> Resent-From: http-wg@hplb.hpl.hp.com
> Date: Mon, 15 Jun 1998 01:44:25 +0200
> To: http-wg@cuckoo.hpl.hp.com
> Cc: martin-flatin@epfl.ch
> Subject: Drawbacks of persistent connections
> -----
> Section 8.1.1 may come across as slightly biaised, because it lists only
> advantages of persistent connections. In practice, these are balanced by
> drawbacks. For instance, if the timeout value of persistent connections is
> larger than the TCP connection timeout, denial-of-service attacks are more
> effective: by using up all possible connections, a malicious user can
> prevent access to a targeted server for a longer period of time. Perhaps a
> quick mention of this issue would make sense in section 8.1.4 (Practical
> Considerations)?

The denial of service attack is the same between persistent connections and
non-persistent connections.  I can see no difference between the two situations;
the attacker does exactly the same thing in either case, with the same result.

In general, denial of service attacks are very difficult to deal with.
			- Jim
Received on Tuesday, 16 June 1998 09:23:03 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 7 January 2015 14:40:22 UTC