Allow customer configuration of duplicate token filter in default provider

aws / s2n-quic

An implementation of the IETF QUIC protocol

https://crates.io/crates/s2n-quic

Apache License 2.0

1.16k stars 119 forks source link

Allow customer configuration of duplicate token filter in default provider #173

Closed rday closed 1 year ago

rday commented 4 years ago

Problem: The cuckoo filter used to detect duplicate tokens has a default capacity of (1 << 20) - 1. This is certainly too large for tracking tokens between key rotations. We should allow customers to configure their own filter size similar to how they configure the key_rotation_period.

Possible Solutions:

Add a field to the Provider struct
Provide some data on expected connections/sec and key_rotation_period to pick a reasonable value.

camshaft commented 1 year ago

Closing for now. We can reopen if requested.