Re: [rtcweb] #13: Transport of DATA_CHANNEL_OPEN

[Michael Tuexen <Michael.Tuexen@lurchi.franken.de>]

On Apr 19, 2013, at 6:39 PM, Randell Jesup wrote:

> Since we send the Open reliably, barring active attempts to game the system with a non-browser, the Open *will* eventually get through unless you have 100% (or virtually so) packet loss (and in that case, nothing useful, including an error response, is getting through anyways).  So I honestly feel it's ok to just buffer all incoming packets while waiting for the Open.
I'm not sure what you want to protect against:
1. Network conditions resulting in loss of the OPEN_REQ
2. The peer attacking you and violating the protocol spec.

If you consider 1., SCTP will get the message through or fail the SCTP association eventually.
In the BSD stack we even limit the number of retransmissions of a particular chunk. If that
number is reached, the association is failed. We used this to protect against buggy peers
or path MTU problems.

Best regards
Michael
> 
> No one is going to get a gigabyte of data in without an Open...  A non-browser could fake up a session and start sending data without ever sending an Open... but flushing the data doesn't actually help you against that sort of active DOS (they can just start again, they can spread it across thousands of channels, etc, etc), and there are FAR better DOS methods - all this would do is burn some CPU and some memory.
> 
> -- 
> Randell Jesup
> randell-ietf@jesup.org
> 
> _______________________________________________
> rtcweb mailing list
> rtcweb@ietf.org
> https://www.ietf.org/mailman/listinfo/rtcweb
>