[Openid-specs-ab] Issue #1416: Security considerations for Federation API using RateLimit HTTP Headers (openid/connect)
peppelinux
issues-reply at bitbucket.org
Tue Jan 25 09:24:54 UTC 2022
New issue 1416: Security considerations for Federation API using RateLimit HTTP Headers
https://bitbucket.org/openid/connect/issues/1416/security-considerations-for-federation-api
Giuseppe De Marco:
In relation to federation endpoints, we may consider useful to express the indication to adopt HTTP Headers like RateLimit-Limit, RateLimit-Remaining, RateLimit-Reset fields, allowing service limits and request policy, as defined in the following specification:
[https://datatracker.ietf.org/doc/html/draft-ietf-httpapi-ratelimit-headers-02](https://datatracker.ietf.org/doc/html/draft-ietf-httpapi-ratelimit-headers-02)
More information about the Openid-specs-ab
mailing list