W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2012

Re: Getting (Officially) Started on HTTP/2.0

From: Eliot Lear <lear@cisco.com>
Date: Wed, 03 Oct 2012 08:29:46 +0200
Message-ID: <506BDB5A.3050406@cisco.com>
To: Amos Jeffries <squid3@treenet.co.nz>
CC: ietf-http-wg@w3.org
Amos,

On 10/3/12 3:54 AM, Amos Jeffries wrote:
>
> 4) I'll stick my neck out and voice it. Cross-request LZ compression
> needs to go.
>
> The other drafts proposed a few alternative options there, per-header
> differential add/replace/remove flags.
> IIRC Robert was working on something there as well?

I don't think you're sticking your neck out very far ;-)  Mike had sent
a message to this list about this issue on the 14th of September.  While
I could see some small potential for abuse within the same security
context, I would be more concerned if a dictionary were shared across
contexts, where one might have different properties or the risk of MITM
is elevated for one reason or another.  I didn't think either of these
scenarios was seriously considered in SPDY.  Am I not being paranoid enough?

Eliot
Received on Wednesday, 3 October 2012 06:30:23 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Wednesday, 3 October 2012 06:30:27 GMT