Re: Signatures and Authentication information must go at end of meesage. from hallam@w3.org on 1996-02-08 (ietf-http-wg@w3.org from January to March 1996)

From: <hallam@w3.org>
Date: Thu, 08 Feb 96 13:26:42 -0500
To: Ian Duncan <id@cc.mcgill.ca>, http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com
Cc: hallam@w3.org
Message-Id: <9602081826.AA04449@zorch.w3.org>

>With several well-designed protocols ambient to handle this particular
>application anyone who jams HTTP around the problem, I really might enjoy
>imagining fates worse than simple predictable failure.

I had the application running two years ago using a modified HTTP. I used MIME 
encapsulation with explicit content-lengths. The chunking mechanism is 
preferable in that it is much lighter weight.

I don't see why we shouldn't look to make HTTP as general as possible. The MIME 
encapsulation has nothing to recommend it, not even much of a user base. MIME is 
designed to work through broken gateways. HTTP is intentionaly designed to 
require gateways to be 8 bit clean.


>And I'd thought with all those fine modern physicists working there that
>Oxford would have finally left 19th C. methods of modelling the universe
>behind. As Ned Freed and Jeff Mogul generously explained, unintentionally
>spitting out any very large random number is significantly smaller than
>other more harmful sources of noise in the system. 

As a certain NASDAQ quoted company recently discovered it can be difficult to 
induce random behaviour in a computer system. Computers are very deterministic 
systems and unfortunately few provide any access to the randomess of the  
quantum principles on which they are built. 

Consider the following Gotcha proceedure:

Fred needs to create a MIME boundary, he hashes the URI of the request with MD5. 
Unfortunately the document includes an MD5 of its URI.

Stop pretending that you are generating "random" boundaries. You are not, you 
are simply applying a deterministic proceedure which results in an even 
distribution of outcomes. The same inputs produce the same outputs however.

Any reasonable proceedure for generating a boundary is likely to find itself 
repeated by chance. Given the difficulty people have in generating randomness 
for situations where they know it to be critical I'm none too confident of their 
ability to generate it when they don't understand the importance.


I understand fully the intention of the "proof", it is the axioms which I 
reject. Specifically the belief that a computer system generates events with 
disjoint probabilities. 


	Phill

Received on Thursday, 8 February 1996 10:30:23 UTC