Return-Path: X-Original-To: quic-issues@ietfa.amsl.com Delivered-To: quic-issues@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 01E67130E78 for ; Sun, 23 Dec 2018 20:06:30 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -6.661 X-Spam-Level: X-Spam-Status: No, score=-6.661 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.065, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_28=1.404, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id L-KAM_cYWgtI for ; Sun, 23 Dec 2018 20:06:28 -0800 (PST) Received: from out-1.smtp.github.com (out-1.smtp.github.com [192.30.252.192]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5B55D130E79 for ; Sun, 23 Dec 2018 20:06:28 -0800 (PST) Date: Sun, 23 Dec 2018 20:06:27 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1545624387; bh=2f1+flbVXyUzR7x7WWCCT9XqT8qlhJHLMl45DJUbNL8=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=IHekHyNHyx7mPRdYTJz97gPU1m2mYBNzdPsHRFx6H1VF7RIZVZy0ApbiS2RgaiLRJ dkc/9UQC5VPow07Bz6wLC5fIABmJZfu8w+z9YOSA4FwP73kWpzdSTQT7Y9aTgnXybx +XxgjS5b4gMZMlAePAWSxdJdhCAz3Vt9tYKL0fzQ= From: Martin Thomson Reply-To: quicwg/base-drafts To: quicwg/base-drafts Cc: Subscribed Message-ID: In-Reply-To: References: Subject: Re: [quicwg/base-drafts] Remove PATH_RESPONSE limits (#2241) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_5c205b437e47a_52433f9b81ad45c4116151b"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list X-GitHub-Sender: martinthomson X-GitHub-Recipient: quic-issues X-GitHub-Reason: subscribed X-Auto-Response-Suppress: All X-GitHub-Recipient-Address: quic-issues@ietf.org Archived-At: X-BeenThere: quic-issues@ietf.org X-Mailman-Version: 2.1.29 List-Id: Notification list for GitHub issues related to the QUIC WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 24 Dec 2018 04:06:30 -0000 ----==_mimepart_5c205b437e47a_52433f9b81ad45c4116151b Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit The counter measure we have against amplification is the initial congestion window. We won't send more than that. That's higher than the x3 we have during the handshake, but I think that's a reasonable balance, considering that the attacker in this context has to spend a considerable amount of effort. Yes, this is a policy question, but I'm happy with it. (Though we should probably highlight this when asking for review.) -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/quicwg/base-drafts/pull/2241#issuecomment-449683536 ----==_mimepart_5c205b437e47a_52433f9b81ad45c4116151b Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable

The counter measure we have against amplification is the initial conge= stion window. We won't send more than that. That's higher than the x3 w= e have during the handshake, but I think that's a reasonable balance, con= sidering that the attacker in this context has to spend a considerable am= ount of effort.

Yes, this is a policy question, but I'm happy with it. (Though we sho= uld probably highlight this when asking for review.)

&m= dash;
You are receiving this because you are subscribed to this thre= ad.
Reply to this email directly, view it on GitHub, o= r mute the thread.3D""

= ----==_mimepart_5c205b437e47a_52433f9b81ad45c4116151b--