sysrqb
commented
1 year ago This could be useful feature if it's designed well, but it certainly requires additional research and development. The OHAI proposal is an interesting example, but I don't believe it's currently being used.
The current draft proposal lists signals that may compensate for some IP attributes (e.g. loss of longitudinal stability). In addition to providing signals from the proxy to internet-facing services, have we thought about patterns and mechanisms through which services could report abusive connections back to the proxy?
Ideally, this would allow the proxy to curtail the access of specific users, as opposed to having multi-tenant IP addresses blocked by the service under attack. The OHAI proposal (https://datatracker.ietf.org/doc/html/draft-rdb-ohai-feedback-to-proxy) is one such attempt to provide a path for feedback, and may be extensible to two-hop proxies and off-line reporting of abuse.
Should such mechanisms be considered in scope, in addition to signals emitted from the proxy?