On Tue, May 27, 2014 at 01:46:30PM +0200, Janos Zsako wrote: Dear Janos, Denis and All
In short, yes, I support the proposal.
My slightly modified suggestion is:
When a given IP address, due to the large number of personal data queries reaches the limit where the NCC would now deny access to any objects, I think it would make sense to fully limit the access to personal data (i.e deny access to it), however, limit the access to other data as if they had been using the --no-personal flag so far.
As long as there is no other kind of limitations than the one based on the number of personal data retrieved[*], this boils down to the suggestion below. If at some point other limitations are put in place, like number of queries within a time frame (to mitigate DoS attacks), then this would mean that they are still eligible for limitation if their query rate is too high (this time not due to the personal data involved).
I strongly support this idea. Piotr -- gucio -> Piotr Strzyżewski E-mail: Piotr.Strzyzewski@polsl.pl