On Thu, Jul 30, 2015 at 1:45 PM, John Kristoff <j...@cymru.com> wrote:
> On Mon, 27 Jul 2015 19:42:46 +0530 > Glen Kent <glen.k...@gmail.com> wrote: > > > > Is there a reason why this is often done so? Is this because UDP > > is stateless and any script kiddie could launch a DOS attack with a > > UDP stream? > > State, some form of sender verification and that it and most other > commonly used protocols besides TCP do not generally react to implicit > congestion signals (drops usually). > > Hmmm. The WebRTC stack has a pretty explicit form of getting and then maintaining consent; it also rides on top of UDP (SRTP/UDP for media and SCTP/DTLS/UDP for data channels). Because both media and data channels go from peer to peer, it has no preset group of server addresses to white list (the only way I can see to do that would be to force the use of TURN and white list the TURN server, but that would be problematic for performance). How will you support it if the default is to throttle UDP? Clue welcome, Ted
