Re: [quicwg/base-drafts] rate-limiting of CID issuance needs to be allowed (#2436)

MikkelFJ <notifications@github.com> Fri, 08 February 2019 19:39 UTC

Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 14CD1130F58 for <quic-issues@ietfa.amsl.com>; Fri, 8 Feb 2019 11:39:36 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -8.001
X-Spam-Level:
X-Spam-Status: No, score=-8.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jvNCmv1HMUtM for <quic-issues@ietfa.amsl.com>; Fri, 8 Feb 2019 11:39:34 -0800 (PST)
Received: from out-5.smtp.github.com (out-5.smtp.github.com [192.30.252.196]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 27546130F1A for <quic-issues@ietf.org>; Fri, 8 Feb 2019 11:39:34 -0800 (PST)
Date: Fri, 08 Feb 2019 11:39:32 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1549654772; bh=4f0QRHKAdaqAl2NYgz5Sc5AbVH5BZ4wFXUYNjg9cUtM=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=Us+Fcux8Yu0VFkZ7Fa2Dj5KpzqFiz+WbYI8GF2v+yUFYWQDTHEwfFGtAZ+Bn22l3y txR5MBp4zeTATJXMXpztcmSog/ASGL9AqA9HroikEEk2lG/wj3SlaCmIlb4TxS0TFI L3RAdq6da9sdQ1w9XF4E1bAUnvp1deNESgDseGDA=
From: MikkelFJ <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+0166e4ab2807675bbcb8a37b525e75ee8021263084ff140592cf0000000118759cf492a169ce184b1573@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/issues/2436/461921648@github.com>
In-Reply-To: <quicwg/base-drafts/issues/2436@github.com>
References: <quicwg/base-drafts/issues/2436@github.com>
Subject: Re: [quicwg/base-drafts] rate-limiting of CID issuance needs to be allowed (#2436)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5c5ddaf4c81b5_76c73fb38e8d45c45940"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: mikkelfj
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/H7hu1J_M2mklL_QkL05xCvxyzrs>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Feb 2019 19:39:36 -0000

As I mentioned earlier, I am concerned about non-HTTP uses cases, and for that matter also about mixing the layers. Transport should not rely on GOAWAY, and HTTP layer should be not concerned with refreshing CID's.

If you at all risk running out of CID's and you can't do anything about it, then you are not going to rotate CID's at all. That might also not be necessary, but is what will happen.

A limit per day is unproblematic, like at most 2 migrations per day without migration, reset counter on migration. If client is able to migrate enough to still cause a problem, we might need a total daily cap.

>From another perspective: If the concern regarding conflicts only has to do with a low risk of stateless reset, I'd rather have that than a high risk of running out of CID's.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/quicwg/base-drafts/issues/2436#issuecomment-461921648