Re: Delete and DDoS

On Sat, 18 May 2024 15:22:56 -0700
Johannes Ernst <johannes.ernst@gmail.com> wrote:

> It’s not obvious to me how to solve this. But it appears it's a better time to think about it now'ish than once an actual attack is in progress.

It was a solved problem in the pre-json era.

If you wanted to keep subscribing, e.g. give hub.lease_seconds = 7884000 and so renew quarterly https://www.w3.org/TR/websub/#subscriber-sends-subscription-request. This can be done by your client automatically (think a textfield 'automatic subscription renewal, days'). It's just a matter who is responsible for renewal - the subscriber or the publisher. I am much for agency + responsibility on the subscriber side.

Let things expire and so clean themself automatically.

Marcus

Received on Sunday, 19 May 2024 07:22:25 UTC