W3C home > Mailing lists > Public > public-webapps@w3.org > October to December 2011

Re: [XHR] chunked requests

From: Eric Rescorla <ekr@rtfm.com>
Date: Tue, 20 Dec 2011 12:06:28 -0800
Message-ID: <CABcZeBNXD4apewvcZtpfQ_F=m+=j4ePN-9SaS9P_QsavDnwarQ@mail.gmail.com>
To: Anne van Kesteren <annevk@opera.com>
Cc: public-webapps@w3.org
On Tue, Dec 20, 2011 at 9:36 AM, Anne van Kesteren <annevk@opera.com> wrote:
> On Sun, 18 Dec 2011 13:12:57 +0100, Eric Rescorla <ekr@rtfm.com> wrote:
>>
>> Sorry, I forgot to mention the 1/n+1 splitting countermeasure in my
>> response.
>>
>> With that said, this isn't TLS 1.1, but rather a specific, more
>> backwards-compatible countermeasure. It's fine for the security
>> considerations section to say here that browsers must do either TLS 1.1 or
>> 1/n+1 splitting, but it should say something, since it's not like 1/n+1
>> splitting is required by TLS (any version).
>
>
> Who's in charge of updating TLS?

Me.


> Surely this should be patched in the base
> specification rather than in every API that interacts with it. I do not want
> to make the life of the guy implementing XMLHttpRequest more difficult if
> the problem is supposed to be addressed at the TLS layer anyway.

The problem was addressed at the TLS layer 5 years ago when we issued
TLS 1.1.

-Ekr
Received on Tuesday, 20 December 2011 20:07:40 GMT

This archive was generated by hypermail 2.3.1 : Tuesday, 26 March 2013 18:49:49 GMT