- From: Martin Thomson <martin.thomson@gmail.com>
- Date: Sun, 13 Jul 2014 13:17:39 -0700
- To: Willy Tarreau <w@1wt.eu>
- Cc: Greg Wilkins <gregw@intalio.com>, Jeff Pinner <jpinner@twitter.com>, HTTP Working Group <ietf-http-wg@w3.org>
I try to avoid caffeine for that exact reason :) On 12 July 2014 22:35, Willy Tarreau <w@1wt.eu> wrote: > Option 5 allows agents with smaller buffers to reject CONTINUATION frames, > which removes state commitment and DoS concern. It seems to be the closest > to the situation we have in 1.1 where a message that does not fit in the > recipient's buffers is simply rejected (eg: 400 or 502). It makes it easier to detect a bad actor, sure. I don't think that it changes the equation any though. If you have a settings mismatch between hops, then you trade HOL safety for buffering and stalling. I think that this is just one of those cases where there are bad options no matter what combination you choose. > Option 2 becomes better when you enable max_frame_size since it removes > the "May have HOL". I think that we've converged on saying that max_frame_size (and max_header_block_size) have some useful properties in that regard.
Received on Sunday, 13 July 2014 20:18:06 UTC