W3C home > Mailing lists > Public > xml-encryption@w3.org > April 2002

Re: possible DoS attack

From: Joseph Reagle <reagle@w3.org>
Date: Tue, 16 Apr 2002 15:59:41 -0400
Message-Id: <200204161959.PAA09611@tux.w3.org>
To: aleksey@aleksey.com, "Ed Simon" <edsimon@xmlsec.com>
Cc: xml-encryption@w3.org
On Friday 12 April 2002 17:24, Aleksey Sanin wrote:
> I suggest to remove phrase "to identify such attacks" :

By that, I meant if you get hit once (a request consumes X cycles before 
timing out), there's no need to honor a request from the same person to 
consume another X, but I agree that simpler is better. So the last sentence 
now reads, "Consequently, implementations should be able to restrict 
arbitrary recursion and the total amount of processing and networking 
resources a request can consume." Everything else (identifying repeat 
offendors, dynamically reseting/adjusting the thresholds, etc.) is an 
implementation detail! <smile/>
Received on Tuesday, 16 April 2002 15:59:54 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:32:03 UTC