From e69ef9c98942795ea85a2ad8407f3335159f15c2 Mon Sep 17 00:00:00 2001
From: Jesse Wierzbinski <contact@cpluspatch.com>
Date: Fri, 18 Oct 2024 11:19:02 +0200
Subject: [PATCH] feat: :sparkles: Add rate limiting

---
 app/changelog/page.mdx       |  1 +
 app/federation/http/page.mdx | 10 ++++++++++
 2 files changed, 11 insertions(+)

diff --git a/app/changelog/page.mdx b/app/changelog/page.mdx
index fea79bf..14dea2b 100644
--- a/app/changelog/page.mdx
+++ b/app/changelog/page.mdx
@@ -17,6 +17,7 @@ This page lists changes since Working Draft 3. {{ className: 'lead' }}
   - `X-Signed-By` to `Versia-Signed-By`
 - Removed the nonce from the [signature system](/signatures), replaced with `Versia-Signed-At` (timestamps).
 - Added `html_uri` to [Notes](/entities/note).
+- Standardize rate limits with [IETF draft draft-polli-ratelimit-headers-02](https://www.ietf.org/archive/id/draft-polli-ratelimit-headers-02.html).
 
 ## Since WD 3
 
diff --git a/app/federation/http/page.mdx b/app/federation/http/page.mdx
index 5169ea0..47f4dc0 100644
--- a/app/federation/http/page.mdx
+++ b/app/federation/http/page.mdx
@@ -47,6 +47,16 @@ ALL kinds of HTTP requests/responses between instances **MUST** include a [Signa
     </Col>
 </Row>
 
+## Rate limits
+
+Implementations **MUST** respect the rate limits of remote instances.
+
+IETF draft [draft-polli-ratelimit-headers-02](https://www.ietf.org/archive/id/draft-polli-ratelimit-headers-02.html) **MUST** be used to communicate rate limits. Other rate limit headers/formats are not allowed.
+
+<Note>
+    This IETF draft is, well, a draft. However, there are no standards for rate limiting in HTTP, so this is the best we have.
+</Note>
+
 ## Responses
 
 <Row>