GSoC 2022 project viability - adding rate-limiting to core

[Hrushikesh Vaidya]

As per this discussion on the Django Forum, there is some concern about adding 

rate-limiting to core as a part of this year's GSoC. The project is listed on this wiki page. 

The main concern is, paraphrasing @claudep, that it would be very easy to introduce DoS

vectors to pretty much all Django applications if rate-limiting is not used/configured 

properly. If users currently use a third party application to implement rate-limiting, its 

security is their responsibility. But if we add rate-limiting to core, it would become our 

responsibility to make sure that we don't introduce DoS vectors to unsuspecting users' 

applications.

I would love to work on this project, but I wanted to address this risk and confirm that this 

project is still viable.