W3C home > Mailing lists > Public > ietf-http-wg-old@w3.org > January to April 1998

Re: FW: Content-MD5 comment (was digest mess)

From: Jeffrey Mogul <mogul@pa.dec.com>
Date: Thu, 08 Jan 98 11:30:39 PST
Message-Id: <9801081930.AA29224@acetes.pa.dec.com>
To: http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com
X-Mailing-List: <http-wg@cuckoo.hpl.hp.com> archive/latest/5132
Paul Leach writes:
    > From: 	Roy T. Fielding[SMTP:fielding@kiwi.ics.uci.edu]
    > [...]  It turns out that Content-MD5 is not useful
    > at all for HTTP/1.1, since the combination of the error-free transport
    > layer and length-delimited content is sufficient.
    "Error free" and "ones-complement checksum" are not 100%
    commensurate. Plus, the existence of proxies menas that the TCP
    "guarantee", such as it is, isn't in fact guaranteed anyway.

For some quantitative results on the problems with the TCP checksum,
	Craig Partridge, Jim Hughes, Jonathan Stone,
	"Performance of Checksums and CRCs over Real Data",
	Proc. SIGCOMM '95


The abstract mentions the "spectacular failure rate" of the TCP
checksum "when trying to detect certain types of packet splices."
Packet splices are a potential problem when using ATM networks
that drop individual cells.  In practice, of course, we haven't
been hit by a blizzard of TCP checksum failures ... yet.

    The MD5 checksum is end-to-end, and much stronger than the
    transport checksum.
Yes, but.  Unfortunately, the MD5 checksum covers just the
message body, and so if one is reassembling a document from
several messages (e.g., using Range retrievals) one can still
have undetected errors.  This is why I speculated that Content-MD5
is "not even particularly useful" ... it's end-to-end as far
as the HTTP messages go, but it's not end-to-end as far as the
actual documents (or whatever) are concerned.

More grist for Digest-NG, perhaps.

Received on Thursday, 8 January 1998 11:34:48 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 7 January 2015 14:40:22 UTC