- From: Julian Reschke <julian.reschke@gmx.de>
- Date: Mon, 20 Feb 2017 15:33:27 +0100
- To: ietf-http-wg@w3.org
Given the fact that two people did not get how to find the padding delim
on decryption, I'd suggest something like the change below:
OLD:
Each record contains a single padding delimiter octet followed by any
number of zero octets. The last record uses a padding delimiter
octet set to the value 2, all other records have a padding delimiter
octet value of 1. A decrypter MUST fail if the unencrypted content
of a record is all zero-valued. A decrypter MUST fail if the last
record contains a padding delimiter with a value other than 2; a
decrypter MUST fail if any record other than the last contains a
padding delimiter with a value other than 1.
NEW:
Each record contains a single padding delimiter octet followed by any
number of zero octets. The last record uses a padding delimiter
octet set to the value 2, all other records have a padding delimiter
octet value of 1.
On decryption, the padding delimiter is defined to be the last non-
zero valued octet of the record. A decrypter MUST fail if the record
contains no non-zero octet. A decrypter MUST fail if the last record
contains a padding delimiter with a value other than 2 or if any
record other than the last contains a padding delimiter with a value
other than 1.
Best regards, Julian
Received on Monday, 20 February 2017 14:34:00 UTC