On Tue, Dec 23, 2008 at 10:36:29AM -0500, Michael Casadevall wrote: > This command is to tell the remote server to receive a file. The > client must send a signed changes file as the first file uploaded. As > a security precaution, no file greater then 16 kilobytes shall be > accepted until a signed changes is received and its signature has been > verified to prevent a denial of service attack. Should a larger file > be sent, an automatic REJECT shall be sent, and the server shall > immediately close the connection. Changes files themselves could be greater than 16k. C.f. [0], and that's just the morgue. Kind regards, Philipp Kern [0] find /org/ftp.debian.org/morgue -iname "*changes" | \ xargs stat -c "%s" | \ sort -nr | \ head -n 5 199473 180242 172278 167914 167811 -- .''`. Philipp Kern Debian Developer : :' : http://philkern.de Release Assistant `. `' xmpp:phil@0x539.de Stable Release Manager `- finger pkern/key@db.debian.org
Attachment:
signature.asc
Description: Digital signature