Re: Expiration impending: <draft-nottingham-http-patch-status-00.txt> from Poul-Henning Kamp on 2014-09-12 (ietf-http-wg@w3.org from July to September 2014)

From: Poul-Henning Kamp <phk@phk.freebsd.dk>
Date: Fri, 12 Sep 2014 14:41:40 +0000
To: Martin Thomson <martin.thomson@gmail.com>
cc: "Buzonas, Steve" <sbuzonas@carnegielearning.com>, Julian Reschke <julian.reschke@gmx.de>, Mark Nottingham <mnot@mnot.net>, HTTP Working Group <ietf-http-wg@w3.org>
Message-ID: <73828.1410532900@critter.freebsd.dk>

--------
In message <CABkgnnWgA+cTwUcxF_kt1SQsmEz5X4=82G=do+3Vxtg24NaxZw@mail.gmail.com>
, Martin Thomson writes:
>On 11 September 2014 22:51, Buzonas, Steve
><sbuzonas@carnegielearning.com> wrote:
>> Passing an MD5 sum won't really cut it either. Each hop could replace the value with whatever it decides to tack on.
>
>I think that the concern is accident here, not malice.

That's my concern:  How does the client know it got the right post-patch
result ?

-- 
Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk@FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.

Received on Friday, 12 September 2014 14:42:09 UTC