- From: Martin Thomson <mt@lowentropy.net>
- Date: Mon, 11 Feb 2019 10:18:08 +1100
- To: ietf-http-wg@w3.org
On Sat, Feb 9, 2019, at 17:57, Willy Tarreau wrote: > I was surprised by this assertion, until I found that streams in the > reserved state are not counted. Do you have an idea why it's done this > way ? This means that a server can trivially DoS a client or intermediary > by pushing 1 billion streams that must be memorized and are not accounted > for :-/ Yep. There is no practical limit on push in HTTP/2. We fixed that in HTTP/3. Well, it would be impossible not to fix this in some way, but we doubly fixed it anyway. As for the original question, I think that Mike's interpretation is closest to intent. If you have 5 streams open and a limit of 5, then opening another would be a violation of expectations. p.s., I find it amusing when people start to read meaning into words. Remember that RFCs were written by humans in something of a hurry and without the benefit of experience. It is usually best to consider first what might have been intended before wondering about the relative placement of certain words.
Received on Sunday, 10 February 2019 23:18:32 UTC