W3C home > Mailing lists > Public > public-webapps@w3.org > October to December 2011

Re: [XHR] chunked requests

From: Eric Rescorla <ekr@rtfm.com>
Date: Tue, 20 Dec 2011 12:06:28 -0800
Message-ID: <CABcZeBNXD4apewvcZtpfQ_F=m+=j4ePN-9SaS9P_QsavDnwarQ@mail.gmail.com>
To: Anne van Kesteren <annevk@opera.com>
Cc: public-webapps@w3.org
On Tue, Dec 20, 2011 at 9:36 AM, Anne van Kesteren <annevk@opera.com> wrote:
> On Sun, 18 Dec 2011 13:12:57 +0100, Eric Rescorla <ekr@rtfm.com> wrote:
>> Sorry, I forgot to mention the 1/n+1 splitting countermeasure in my
>> response.
>> With that said, this isn't TLS 1.1, but rather a specific, more
>> backwards-compatible countermeasure. It's fine for the security
>> considerations section to say here that browsers must do either TLS 1.1 or
>> 1/n+1 splitting, but it should say something, since it's not like 1/n+1
>> splitting is required by TLS (any version).
> Who's in charge of updating TLS?


> Surely this should be patched in the base
> specification rather than in every API that interacts with it. I do not want
> to make the life of the guy implementing XMLHttpRequest more difficult if
> the problem is supposed to be addressed at the TLS layer anyway.

The problem was addressed at the TLS layer 5 years ago when we issued
TLS 1.1.

Received on Tuesday, 20 December 2011 20:07:40 UTC

This archive was generated by hypermail 2.3.1 : Friday, 27 October 2017 07:26:37 UTC