+alm & g-k On Thu, Sep 20, 2018, 00:52 Ryan Kelly <rfke...@mozilla.com> wrote:
> On Thu, 20 Sep 2018 at 14:35, Ryan Kelly <rfke...@mozilla.com> wrote: > >> >> Hi All, >> >> Over in github we've been discussing our options of rate-limiting pairing >> channel creation attempts: >> >> https://github.com/mozilla-services/channelserver/issues/21 >> >> One obvious approach would be to use the existing fxa-customs-server, and >> just add some new action types like "createPairingChannel" and >> "connetToPairingChannel" that the channelserver can send over for >> checking. However, the fxa-customs-server is currently run as a private >> "sidecar" service for fxa-auth-server, exposed only over a localhost >> interface. >> >> Does it make sense for us to try to extract fxa-customs-server into its >> own standalone service that can be accessed by multiple consumers? Or is >> that likely to be more work than just adding rate-limiting code directly >> into the channelserver? >> > > Another option would be to try running a third-party ratelimiting daemon > that can be shared among different services, such as: > > https://github.com/lyft/ratelimit > https://github.com/limitd/limitd > > Which may be less work than adding custom rate-limiting code in > channelserver. > > +ulfr for possible opinions from opsec team. > > Cheers, > > Ryan >
_______________________________________________ Dev-fxacct mailing list Dev-fxacct@mozilla.org https://mail.mozilla.org/listinfo/dev-fxacct