Thanks Paul, I will upload a new version today.
On Wed, Mar 29, 2023 at 9:33 PM Paul Wouters <paul.wouters= 40aiven...@dmarc.ietf.org> wrote: > > > > On Fri, Mar 10, 2023 at 4:12 AM Mohit Sahni <msa...@paloaltonetworks.com> > wrote: > > [ proposed changes / confirmations in the xml file ] > > I have read the xml diff and I agree with all changes made. > > > >> Just noticed an incomplete response for this comment, responding again to >> it. >> >> >The next bullet I just do not understand: >> > >> > In order to to reduce the risks imposed by DoS attacks, the >> > implementations SHOULD optimally use the available datagram size >> > i.e. avoid small datagrams containing partial CMP PKIMessage >> data. >> > >> >Please explain what is meant here and/or rephrase it. >> >> <M.S.>The intent here is to instruct clients to send CMP messages in as >> few packets as possible. Fragmentation of CMP messages may cause the server >> to buffer packets which will consume resources on the server. With clients >> instructed to send CMP messages in as few packets as possible, servers can >> choose to ignore fragmented CMP messages to mitigate such DOS attacks. >> >> > So maybe: > > Implementations SHOULD use the available datagram size and avoid small > datagrams containing partial CMP PKIMessage data in order to reduce memory > usage for packet buffering. > > Please submit a new version to the datatracker with these changes, so we > can start the IETF Last Call. > > Paul > _______________________________________________ > Ace mailing list > Ace@ietf.org > https://www.ietf.org/mailman/listinfo/ace >
_______________________________________________ Ace mailing list Ace@ietf.org https://www.ietf.org/mailman/listinfo/ace
