- From: Robert Sayre <rsayre@mozilla.com>
- Date: Wed, 06 Feb 2008 04:08:38 +0000
- To: Paul Leach <paulle@windows.microsoft.com>
- Cc: "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
Received on Wednesday, 6 February 2008 08:48:46 UTC
On Feb 5, 2008, at 8:23 PM, Paul Leach wrote: > > “Digest includes many modes of operation, but only the simplest > modes enjoy any degree of interoperability. For example, most > implementations do not implement the mode that provides full message > integrity. Perhaps one reason is that implementation experience has > shown that in some cases, > especially those involving large requests or responses such as > streams, the message integrity mode is impractical because it > requires servers to analyze the full request before determining > whether the client knows the shared secret or whether message-body > integrity has been violated and hence whether the request can be > processed." I agree with the substance of this text. I find it a little hard to parse, but I trust the editors can remedy that. - Rob
Received on Wednesday, 6 February 2008 08:48:46 UTC