Dexter Castor Döpping <[email protected]> writes: >In another case (http://ca-repository.desc.gov.ae/*) I don't know why I'm >being blocked. Perhaps because of the user-agent header, or maybe because I >exceeded a rate limit.
That's an interesting point, at what stage do you decide you're being DoS'd and rate-limit? I was pleasantly surprised recently when I was debugging a resource-exhaustion issue on an embedded device that I could run a CA-cert fetch in a loop without being rate-limited (thank you to whoever set up cacerts.digicert.com for not rate-limiting :-). However since it could turn into a DoS (I only did around 200 fetches with a wait between each one so barely a blip), presumably there would need to be some text in any guidelines about when it was permissible to rate-limit. Peter. -- You received this message because you are subscribed to the Google Groups "[email protected]" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion visit https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/MEAPR01MB3654F8CF18EAE098F2067496EE89A%40MEAPR01MB3654.ausprd01.prod.outlook.com.
