Re: [quicwg/base-drafts] Security Considerations text for a memory limit (#3004)

ianswett <> Tue, 03 September 2019 21:22 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 9D1C91200B6 for <>; Tue, 3 Sep 2019 14:22:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -6.382
X-Spam-Status: No, score=-6.382 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_24=1.618, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id ywutyeAcv0ST for <>; Tue, 3 Sep 2019 14:22:43 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 2B0AF120099 for <>; Tue, 3 Sep 2019 14:22:43 -0700 (PDT)
Date: Tue, 03 Sep 2019 14:22:42 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=pf2014; t=1567545762; bh=bAThF0TEw5yBRcRPG79FJLfY11kQ5egepphfyqhZuNs=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=Oc/ctEdpoMICe0hBXUgpu4vuys0JItTbSepN8uFDZjA0QmXU7wOPiDdc8pUlRj9/m LkW+803Wl/9pTE+U7lc67uVvl3rII4G8bQuRtvK/qD+3xppW6t8Fn4QjQ86KEGoMY6 3bZZhPoMWEWMFAX3qDe4hc7LW55dRAx7jSLlU5LA=
From: ianswett <>
Reply-To: quicwg/base-drafts <>
To: quicwg/base-drafts <>
Cc: Subscribed <>
Message-ID: <quicwg/base-drafts/pull/3004/review/>
In-Reply-To: <quicwg/base-drafts/pull/>
References: <quicwg/base-drafts/pull/>
Subject: Re: [quicwg/base-drafts] Security Considerations text for a memory limit (#3004)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5d6ed9a266bd3_42823fe8adccd9605291ea"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: ianswett
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
Archived-At: <>
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 03 Sep 2019 21:22:45 -0000

ianswett commented on this pull request.

> @@ -1126,6 +1126,13 @@ HTTP_QPACK_DECODER_STREAM_ERROR (0x202):
+While the negotiated limit on the dynamic table size accounts for much of the
+memory that can be consumed by a QPACK implementation, data which cannot be
+immediately sent due to flow control is not affected by this limit.
+Implementations MUST limit the size of unsent data, especially on the decoder

Does a MUST really make sense here?  I mean, it seems like the implementation's problem if they have an unbounded amount of memory buffered.

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub: