- From: Lisa Dusseault <lisa@osafoundation.org>
- Date: Sat, 3 Dec 2005 21:48:32 -0800
- To: Julian Reschke <julian.reschke@gmx.de>
- Cc: w3c-dist-auth@w3.org
Perhaps there's a better phrase for that -- I meant a client request that the server decided to consider a DOS attack but the client didn't. E.g. a PROPFIND depth infinity on root. Lisa On Dec 3, 2005, at 1:18 PM, Julian Reschke wrote: > > Lisa Dusseault wrote: >> How about adding to the DOS section? >> WebDAV servers need to be aware of the possibility of a denial of >> service attack at all levels. The proper response to such an >> attack MAY be to simply >> drop the connection, or if the server is able to make a >> response, >> the server MAY use a 400-level status request such as 400 (Bad >> Request) and indicate why the request was refused (a 500-level >> status response would indicate that the problem is with the >> server, >> whereas unintentional DOS attacks are something the client is >> capable of remedying). > > > Hm. What is an "unintential DOS attack"? > >
Received on Sunday, 4 December 2005 05:49:10 UTC