- From: Robert Sayre <rsayre@mozilla.com>
- Date: Thu, 31 Jan 2008 08:25:58 +0000
- To: ietf-http-wg@w3.org
- Message-Id: <E115FFBC-0067-4648-A28A-ED5FA7ADDCD9@mozilla.com>
> Alternate wording: > > "Additionally, implementation experience has shown that in some > cases, especially those involving large requests or responses such > as streams, I don't think that "in some cases" is appropriate. auth-int is basically unimplemented. We can argue about why that is, so perhaps the "because" could be changed to "One reason is...". > the message integrity mode is impractical because it requires servers > to analyze the full request before determining whether message > integrity has been violated and hence whether the request can be > processed." > > Analysis: > > In the case where the server knows nothing about the semantics of > the request or the capabilities of the server application, I believe > that it has no choice but to hold the request until it has > determined that nothing has tampered with it -- for both TLS and > auth-int. Servers need to be able to ignore message bodies from clients that don't know the shared secret. auth-int requires that the server buffer the entire request before determining that the client knows the shared secret. - Rob
Received on Thursday, 31 January 2008 09:35:11 UTC