W3C home > Mailing lists > Public > ietf-http-wg@w3.org > July to September 2012

Re: Content-Integrity header

From: Nico Williams <nico@cryptonector.com>
Date: Wed, 11 Jul 2012 16:55:57 -0500
Message-ID: <CAK3OfOgf9CFzdEe6r82dD0r2YByaGzn3d1C08=Q7bvStXovfBg@mail.gmail.com>
To: "Ludin, Stephen" <sludin@akamai.com>
Cc: Yutaka OIWA <y.oiwa@aist.go.jp>, Amos Jeffries <squid3@treenet.co.nz>, "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
On Wed, Jul 11, 2012 at 4:36 PM, Ludin, Stephen <sludin@akamai.com> wrote:
> On 7/10/12 10:04 PM, "Yutaka OIWA" <y.oiwa@aist.go.jp> wrote:
>>To this extent, re-requesting the broken chunk is personally out of
>>my interest.  This may need discussion, because it may affect
>>the design of inter-chunk chaining of integrity signatures.
>
> This was where I started when I began looking into corruption issues in
> downloaded objects.  What we discovered is that in a large enough sample
> size, such as what we see at Akamai, random bit shifting that manages to
> still get by the TCP chucksum happens regularly enough this feature is of
> high interest.  I actually see this as relatively useless for content
> forgery cases because, as mentioned elsewhere in this thread, the forger
> would probably simply change the digest to match the forgery.  The
> digesting feature in general is an act-of-nature (or act of bad hardware /
> software) detection mechanism, and building in an efficient recover
> mechanism seem to be a reasonable step.

We had a bad NIC on a router or fileserver (can't remember which) at
Sun once that produced lots of errors, most of which were caught by
checksums, but occasionally there were two bits flipped at just the
right distance from each other that all checksums in the stack checked
out.  This ended up manifesting itself as a corrupted SCCS file.
Scary!

Nico
--
Received on Wednesday, 11 July 2012 21:56:20 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Wednesday, 11 July 2012 21:56:26 GMT