Mitigate Observe amplification attacks.
Closed this issue · 4 comments
emanjon commented
The current text only talks about large responses, not many responses.
"A server that sends large responses to unauthenticated peers SHOULD mitigate amplification attacks"
chrysn commented
Any document that allows multiple responses in the first place (Observe, Q-Block, groupcomm-proxy) emphasizes the dangers of unchecked operation -- but it doesn't hurt to do that here too. (We do already say that a single response needs to be piggy-backed or NON, for the same reason).
gselander commented
What should the consideration be - that the freshness of an Observe request MUST be verified with Echo, updating RFC7641?
Why is Observe allowed without client authentication? And if so, should not the amplification factor be more precisely limited?