W3C home > Mailing lists > Public > ietf-http-wg@w3.org > January to March 2014

Re: Security Condideration of initial SETTINGS_MAX_CONCURRENT_STREAMS

From: Roberto Peon <grmocg@gmail.com>
Date: Wed, 15 Jan 2014 09:51:35 -0800
Message-ID: <CAP+FsNctJFQN-VQvEBcnZQBJWednindxrrpuuUxVsfkaQCtzxg@mail.gmail.com>
To: Martin Thomson <martin.thomson@gmail.com>
Cc: Shigeki Ohtsu <ohtsu@iij.ad.jp>, HTTP Working Group <ietf-http-wg@w3.org>
We've actually discussed this in the past, IIRC.
Yes, we've seen this limit exceeded in the first roundtrip at least once.

This is precisely one of the cases for ENHANCE_YOUR_CALM.
If the server doesn't like a large number of streams and does want to
serve, it can RST them.
The basic issue here being that we prefer to avoid HOL blocking until it is
explicitly signaled that it is needed.

On Wed, Jan 15, 2014 at 9:47 AM, Martin Thomson <martin.thomson@gmail.com>wrote:

> On 14 January 2014 17:55, Shigeki Ohtsu <ohtsu@iij.ad.jp> wrote:
> > One idea is to define an initial SETTINGS_MAX_CONCURRENT_STREAMS such as
> 100
> > which is recommended as minimum in the current spec.
> > Is there any reason not to define it?
> I've always wondered the same thing.
> Is there anyone out there who thinks it possible to even get 100
> requests into the second round trip TCP congestion window for any
> reasonable use case?
Received on Wednesday, 15 January 2014 17:52:03 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:14:23 UTC