"?> Re: Header compression: buffer management from Poul-Henning Kamp on 2013-03-22 (ietf-http-wg@w3.org from January to March 2013)

W3C home > Mailing lists > Public > ietf-http-wg@w3.org > January to March 2013

Re: Header compression: buffer management

From: Poul-Henning Kamp <phk@phk.freebsd.dk>
Date: Fri, 22 Mar 2013 07:42:08 +0000
To: Roberto Peon <grmocg@gmail.com>
cc: James M Snell <jasnell@gmail.com>, RUELLAN Herve <Herve.Ruellan@crf.canon.fr>, HTTP Working Group <ietf-http-wg@w3.org>
Message-ID: <2962.1363938128@critter.freebsd.dk>
In message <CAP+FsNdVz3xU=ADgUTOkDAB9gGAFSRQan5wyoZ_kGgunoLjLwA@mail.gmail.com>
, Roberto Peon writes:

>I have doubts that one can correctly identify malicious endpoints, and so I
>chose the eviction policy based route.

We certainly cannot trust the encoder to clean up for us, and you
point about identification is true as well.

However, the point of a DoS mitigation by protocol design, is not to
make them impossible, because you can't.

A popular TV-host telling all his viewers to visit the website "RIGHT
NOW!" is an incredible effective DoS.

But what you do, and what we should do, is make them difficult and
expensive to automate:  The major cost of the first request should
be borne by the client.

-- 
Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk@FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.
Received on Friday, 22 March 2013 07:42:30 GMT

This archive was generated by hypermail 2.3.1 : Friday, 22 March 2013 07:42:31 GMT