W3C home > Mailing lists > Public > public-webapps@w3.org > October to December 2011

Re: [XHR] chunked requests

From: Anne van Kesteren <annevk@opera.com>
Date: Tue, 20 Dec 2011 18:36:24 +0100
To: "Eric Rescorla" <ekr@rtfm.com>
Cc: public-webapps@w3.org
Message-ID: <op.v6stuyev64w2qv@annevk-macbookpro.local>
On Sun, 18 Dec 2011 13:12:57 +0100, Eric Rescorla <ekr@rtfm.com> wrote:
> Sorry, I forgot to mention the 1/n+1 splitting countermeasure in my  
> response.
>
> With that said, this isn't TLS 1.1, but rather a specific, more
> backwards-compatible countermeasure. It's fine for the security  
> considerations section to say here that browsers must do either TLS 1.1  
> or 1/n+1 splitting, but it should say something, since it's not like  
> 1/n+1 splitting is required by TLS (any version).

Who's in charge of updating TLS? Surely this should be patched in the base  
specification rather than in every API that interacts with it. I do not  
want to make the life of the guy implementing XMLHttpRequest more  
difficult if the problem is supposed to be addressed at the TLS layer  
anyway.


-- 
Anne van Kesteren
http://annevankesteren.nl/
Received on Tuesday, 20 December 2011 17:36:54 GMT

This archive was generated by hypermail 2.3.1 : Tuesday, 26 March 2013 18:49:49 GMT