proposal for issue #175 range flooding

The proposal is to add the following text in section 7.
(Security Considerations) of Part 5 [1]
7.1 Range Flooding

  Range requests containing overlapping ranges may lead to the situation
  where a server is sending far more data than the size of the complete
  resource representation. This can generate Denial of Service attacks.
There are multiple ways a server can reject (or ignore the Range: header) 
such requests, so no advice is given on how to process it.


Baroula que barouleras, au tiéu toujou t'entourneras.


Received on Thursday, 25 March 2010 23:34:39 UTC