- From: James M Snell <jasnell@gmail.com>
- Date: Tue, 22 Jul 2014 08:16:23 -0700
- To: Poul-Henning Kamp <phk@phk.freebsd.dk>
- Cc: Mark Nottingham <mnot@mnot.net>, Martin Thomson <martin.thomson@gmail.com>, HTTP Working Group <ietf-http-wg@w3.org>
Agree with PHK here. Since the decision has been made not to have an end-to-end extensibility model in the framing layer, ignored interspersed HEADERS frames that are not flow-controlled become a DoS vector. At this point, there is absolutely no reason whatsoever to have interspersed HEADERS frames. - James On Tue, Jul 22, 2014 at 7:41 AM, Poul-Henning Kamp <phk@phk.freebsd.dk> wrote: > In message <FA8721C1-6FF2-4061-9F2E-F317E64E5209@mnot.net>, Mark Nottingham wri > tes: > >>The choices seem to be: >> >>- PROTOCOL_ERROR upon a HEADERS where not expected > > +1 > > -- > Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 > phk@FreeBSD.ORG | TCP/IP since RFC 956 > FreeBSD committer | BSD since 4.3-tahoe > Never attribute to malice what can adequately be explained by incompetence. >
Received on Tuesday, 22 July 2014 15:17:10 UTC