Section 9.1.2 says that an ALTO server MUST provide a full cost map. Full cost maps increase as the square of the number of PIDs, so they can be very large -- 10s, even 100's of megabytes. So if a server has a large number of PIDs, it's trivial to overload the server by flooding it with simple GETs.
Granted a server can defend itself by cutting off a client who issues "too many" full cost map requests "too quickly". But that's a pain to implement. And attacks can come from a swarm of clients, of course. However, we could avoid that class of attack altogether by making full cost maps optional, rather than required. And allow servers to limit the number of source/destination pairs in a filtered request, of course. What do you folks think about that? Incidentally, my experience has been that a full cost-map for (say) 2000 PIDs can overwhelm standard JSON libraries. The client may need a custom parser to handle that large a map. - Wendy Roome _______________________________________________ alto mailing list alto@ietf.org https://www.ietf.org/mailman/listinfo/alto