Skip to content

Explain potential for abuse #28

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
LPardue wants to merge 2 commits into
base: main
Choose a base branch
from
Open

Explain potential for abuse #28

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
b6c3d50
Explain potential for abuse
LPardue Jul 26, 2024
cc69e50
Update draft-edm-protocol-greasing.md
LPardue Jul 26, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 11 additions & 0 deletions draft-edm-protocol-greasing.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -198,6 +198,17 @@ not limited to those discussed in this document, can affect fingerprinting. A
deeper analysis of this topic has been deemed out of scope.


While protocol features, extensions, and versions all have legitimate uses, they
can become a burden when used to excess. For example, the ability to send
protocol grease that a peer is required to ignore can be abused to cause it to
Copy link
Member

@tfpauly tfpauly Jul 26, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe explain some examples of the abuse — not just the fact of ignoring one greased object, but having a flood of them that are all ignored, etc.

Copy link

@gorryfair gorryfair Jul 26, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thought: There is a "cost" when the greasing creates state, even if only to ignore the greased value. (I can think of cases where seeing a new value needs the receiver to do work to ignore. )

expend additional processing time. Insufficient monitoring or logging exposes
endpoints to a risk of denial-of-service attacks. Therefore, it is recommended
Comment on lines +204 to +205
Copy link
Collaborator

@dthaler dthaler Oct 20, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

So does excess logging. If greasing causes log entries, then a possible DOS attack would be to fill up the log (consuming storage space or BW).

But to me the sentence "Insufficient monitoring or logging exposes endpoints to a risk of denial-of-service attacks."
is hard to understand. How does it expose endpoints to a risk of DOS attacks? I think it just means DOS attacks go unnoticed, not that it exposes them in the first place, no?

that implementations track use of protocol features, extensions, and versions
and set limits on their use. When such limits are encountered, implementations
may choose to stop interactions, e.g., by closing a connection. Limits that are
tuned too low risk false positive detections, which can disrupt otherwise valid
exchanges.

# IANA Considerations

This document has no IANA actions.
Expand Down