W3C home > Mailing lists > Public > ietf-http-wg-old@w3.org > January to April 1996

[hallam@w3.org: Footers and Chunked ]

From: Larry Masinter <masinter@parc.xerox.com>
Date: Sat, 9 Mar 1996 00:55:38 PST
To: http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com
Message-Id: <96Mar9.005552pst.2733@golden.parc.xerox.com>

To:	Larry Masinter <masinter@parc.xerox.com>
Cc:	hallam@w3.org
Subject: Footers and Chunked 
Date:	Fri, 8 Mar 1996 11:30:00 -0800
From:	hallam@w3.org
X-Mts: smtp
content-length: 3311


Larry,

	I've been asked about whether footers should be in the HTTP/1.1 chunked 
encoding or not. I have code written which has a vital and essential need for 
footers, specifically to add signatures to the end of documents.

	Since footers have been in the 1.1 spec for some time and since nobody 
has made a case on the list for removing them I would be extreemly and deeply 
unhappy if the footers were removed. I would not be unhappy if chunked was 
removed from 1.1 entirely and defferred to 1.2 however. 

	The need to be able to put footers at the end of the documents is a 
serious one, one which both Jeff Schiller and myself are very firm on - if not 
to say wedged. The biggest mistake made in PGP was a decision to put a length 
encoding at the front of the document which prevents it from being used as a 
filter to encrypt a backup tape to a disk. The parallels with the Web are 
obvious.

	Ideally I would like to have footers plus a requirement that 
implementations be tolerant of additional material following the length code of 
a chunk and the CRLF. This will permit the chunked encoding to be progressed to 
one which supports multiple streams or segment by segment message digests at a 
future date. Ie my existing code (almost) produces:

HTTP/1.1 201 O.K. Here is some data
Server: condom/1.0 Prevent virii! always take net.precautions!
Content-Encoding: chunked
Signature-RSA: key-id=KEY:RSA:server; place=footer; digest=RSA-MD5

20
<BODY><H1>This is a test
63
Message</h1><p>Hello</p><HR><address>PHB</ADDRESS></body>
0
Signature-RSA: key-id=KEY:RSA:server; 
signature=fLQk4ZyOdUbuoldrNTPX3P/Yb6PXXhS9xCnTe9xMihEdvDt66rXDpf34NAzfjayyWWfekM
2qArK+xqcUNbxOZw==



I would like to be able to produce


HTTP/1.1 201 O.K. Here is some data
Server: condom/1.0 Prevent virii! always take net.precautions!
Content-Encoding: chunked
Signature-RSA: key-id=KEY:RSA:server; place=footer; digest=RSA-MD5
Authentication: key-id=KEY:SYMETRIC:fred; algorithm=RSA-KD5; 
	mask=1A237E28F28123B021

20 auth=2qArK+xqcUNbxOZw==
<BODY><H1>This is a test
63 auth=63P/Yb6PXXhS9xCn==
Message</h1><p>Hello</p><HR><address>PHB</ADDRESS></body>
0 auth=o7ldrNTPX3P/Yb6P==
Signature-RSA: key-id=KEY:RSA:server; 
signature=fLQk4ZyOdUbuoldrNTPX3P/Yb6PXXhS9xCnTe9xMihEdvDt66rXDpf34NAzfjayyWWfekM
2qArK+xqcUNbxOZw==


Clearly I would be happier if this would not break proxies which are based on 
the 1.1 spec. I see no possibility whatsoever of providing the same 
functionality if signatures are required to go at the beginning. The content 
produced is likely to be generated by an automaton such as a gateway interface. 

I have recently been expreimenting with a number of highly interactive systems
where there is a clear need for continuous authentication at the segment level. 


Unless someone can come up with a clear reason why footers are bad I think that
we should continue with the status quo rather than make a change at this stage 
which would inevitably lead to delay in reaching consensus. 

I would like us to be able to finish 1.1 as soon as possible in order that we 
can start on some new topics. In addition to the demographics issues I raised 
there is a long standing problem of notification which I beleive can be solved 
with a few minor but significant additions to the spec..


		Phill

	
Received on Saturday, 9 March 1996 00:58:08 EST

This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 06:31:48 EDT