W3C home > Mailing lists > Public > w3c-dist-auth@w3.org > October to December 2005

Re: [Bug 11] Protection against XML Denial Of Service attacks

From: Julian Reschke <julian.reschke@gmx.de>
Date: Sat, 03 Dec 2005 22:18:22 +0100
Message-ID: <43920B9E.4010607@gmx.de>
To: Lisa Dusseault <lisa@osafoundation.org>
CC: w3c-dist-auth@w3.org

Lisa Dusseault wrote:
> 
> How about adding to the DOS section?
> 
> 
>    WebDAV servers need to be aware of the possibility of a denial of
>    service attack at all levels. The proper response to such an attack 
> MAY be to simply
>       drop the connection, or if the server is able to make a response,
>       the server MAY use a 400-level status request such as 400 (Bad
>       Request) and indicate why the request was refused (a 500-level
>       status response would indicate that the problem is with the server,
>       whereas unintentional DOS attacks are something the client is 
> capable of remedying).


Hm. What is an "unintential DOS attack"?
Received on Saturday, 3 December 2005 21:20:10 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 2 June 2009 18:44:11 GMT