- From: Stefan Eissing <stefan@eissing.org>
- Date: Fri, 13 Oct 2023 13:21:46 +0200
- To: Poul-Henning Kamp <phk@phk.freebsd.dk>
- Cc: Kazuho Oku <kazuhooku@gmail.com>, Willy Tarreau <w@1wt.eu>, Mike Bishop <mbishop@evequefou.be>, Martin Thomson <mt@lowentropy.net>, Glenn Strauss <gs-lists-ietf-http-wg@gluelogic.com>, Mark Nottingham <mnot@mnot.net>, HTTP Working Group <ietf-http-wg@w3.org>
> Am 13.10.2023 um 13:09 schrieb Poul-Henning Kamp <phk@phk.freebsd.dk>: > > -------- > Kazuho Oku writes: > >> If we take this approach, there will be a guarantee that the client will >> open no more than 100 streams initially, > > Does any published data exist on how "100" relates to how many streams > real-life legit clients /actually/ open on a new H2 connection ? See https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ They tried to lower it and found a page where browsers do open 100 requests right away. > > -- > Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 > phk@FreeBSD.ORG | TCP/IP since RFC 956 > FreeBSD committer | BSD since 4.3-tahoe > Never attribute to malice what can adequately be explained by incompetence. >
Received on Friday, 13 October 2023 11:22:18 UTC