-
Notifications
You must be signed in to change notification settings - Fork 203
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Reduced flow control limits #447
Comments
An old WINDOW_UPDATE (with a lower offset) might end up in a packet with a higher packet number if it is a retransmission, and the sender doesn't regenerate the frame. |
Is there are more general control frame flooding attack concern? For example starving stream 0. |
@marten-seemann, you aren't supposed to retransmit WINDOW_UPDATE verbatim like that. A consequence of making a change like this would be a stronger prohibition on dumb retransmission strategies. |
I don't see much point in policing this, or even typing words for it, at this point. |
For MAX_DATA, MAX_STREAM_DATA, and MAX_STREAM_ID equally, having a MUST NOT on reneging isn't aligned with practice. Some implementations retransmit frame contents without updating the contents of these frames and that isn't strictly a problem. Some would have like to police this, but we seem to have consensus to disallow that. It creates a coupling between frame processing and packet numbers that we don't currently have, and it seems that we don't really want to have either. More to the point, it prevents the sorts of optimizations that some people really want. So, rather than use a MUST NOT renege, observe that it is really just a an axiom that arises as a consequence of how processing these frames works: if the value is reduced, then ignore the value. Whether that is as a result of out of order arrival, or an optimization, that's OK. Closes #1612, #447 (the latter for real this time).
We currently say that a sender MUST NOT reduce these limits, but don't really require or permit a receiver to enforce this. Now, it's true that reordering might cause limits to be received out of order, and it's probably best that we not require a receiver to check that the limit never reduces. However, we might want to allow a receiver to look at packet numbers, determine that the number has been reduced, and kill the connection with a flow control error.
The text was updated successfully, but these errors were encountered: