From b6c3d50fa4ca2573cfd5497285f03044b63f53b9 Mon Sep 17 00:00:00 2001 From: Lucas Pardue Date: Fri, 26 Jul 2024 15:27:49 +0100 Subject: [PATCH 1/2] Explain potential for abuse Fixes #22 --- draft-edm-protocol-greasing.md | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/draft-edm-protocol-greasing.md b/draft-edm-protocol-greasing.md index 953ccc2..f0a9aed 100644 --- a/draft-edm-protocol-greasing.md +++ b/draft-edm-protocol-greasing.md @@ -198,6 +198,17 @@ not limited to those discussed in this document, can affect fingerprinting. A deeper analysis of this topic has been deemed out of scope. +While protocol features, extensions, and versions all have legitimate uses, they +can become a burden when used to excess. For example, the ability to send +protocol grease that a peer is required to ignore can be abused to cause it to +expend additional processing time. Insufficient monitoring or logging exposes +endpoints to a risk of denial-of-service attacks. Therefore, it is recommended +that implementations track use of protocol features, extensions, and versions +and set limits on their use. When such limits are encountered, implementations +may choose to stop interactions e.g., by closing a connection. Limits that are +tuned too low risk false positive detections, which can disrupt otherwise valid +exchanges. + # IANA Considerations This document has no IANA actions. From cc69e5031b14be21ac962a9da8994116ef440e33 Mon Sep 17 00:00:00 2001 From: Lucas Pardue Date: Fri, 26 Jul 2024 16:13:19 +0100 Subject: [PATCH 2/2] Update draft-edm-protocol-greasing.md Co-authored-by: Dave Thaler --- draft-edm-protocol-greasing.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/draft-edm-protocol-greasing.md b/draft-edm-protocol-greasing.md index f0a9aed..45be253 100644 --- a/draft-edm-protocol-greasing.md +++ b/draft-edm-protocol-greasing.md @@ -205,7 +205,7 @@ expend additional processing time. Insufficient monitoring or logging exposes endpoints to a risk of denial-of-service attacks. Therefore, it is recommended that implementations track use of protocol features, extensions, and versions and set limits on their use. When such limits are encountered, implementations -may choose to stop interactions e.g., by closing a connection. Limits that are +may choose to stop interactions, e.g., by closing a connection. Limits that are tuned too low risk false positive detections, which can disrupt otherwise valid exchanges.