W3C home > Mailing lists > Public > ietf-http-wg@w3.org > April to June 2010

Re: proposal for issue #178

From: Adrien de Croy <adrien@qbik.com>
Date: Tue, 08 Jun 2010 00:17:45 +1200
Message-ID: <4C0CE369.90606@qbik.com>
To: Yves Lafon <ylafon@w3.org>
CC: Henrik Nordström <henrik@henriknordstrom.net>, ietf-http-wg@w3.org

On 4/06/2010 5:08 a.m., Yves Lafon wrote:
> On Mon, 17 May 2010, Henrik Nordström wrote:
>> I ask this because I see an alternative resolution to this problem by
>> defining Content-MD5 as MD5(full entity-body), and instead of ignoring
>> Content-MD5 in partial responses requiring clients to NOT merge 206
>> responses with conflicting Content-MD5, and instead if needed retry the
>> request without the Range specifier.
> I agree that those are the two major options, forbid the use of C-MD5 
> in 206, or explicitely say that it is only about the full content, but 
> will defeat the purpose of acting as a message integrity check...

I don't see any point in having an integrity check for a message 
containing only a partial range.  Surely you want to accumulate the 
entire entity by piecing together all the parts, and then you use the 
MD5 to check the total.

On that note I don't see any point in range extensions either, other 
than to make the job of intermediaries impossible.

Making the MD5 based on the entire entity gives a very simple test for a 
receiver.  If it gets any 206 response with a different C-MD5, it knows 
it's not a part of the same entity.  Similar to an ETag but with the 
benefit of being able to be used to verify integrity of the entire entity.

So I can see a clear value in making it based on entire content, and I 
can't see any value in making it the MD5 of the part.

Therefore it seems unnecessary to forbid it as an alternative to simply 
clarifying it.



Adrien de Croy - WinGate Proxy Server - http://www.wingate.com
Received on Monday, 7 June 2010 12:19:08 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 1 March 2016 11:10:53 UTC