- From: Matthew Kerwin <matthew@kerwin.net.au>
- Date: Sat, 19 Apr 2014 07:44:36 +1000
- To: HTTP Working Group <ietf-http-wg@w3.org>
Received on Friday, 18 April 2014 21:45:03 UTC
On 19 April 2014 07:33, David Morris <dwm@xpasc.com> wrote: > > > On Sat, 19 Apr 2014, Matthew Kerwin wrote: > > > > > The obvious simplification, then, would be to change the setting to > "accept gzip (yes/no)" (or replace the setting with a MUST support), and > remove the encoding field > > from the Data frame. > > > > This tends back towards the single gzip bit, which is alright, as long > as it is clear that the compression context applies only to that data frame. > > I've missed some of the discussion, but I can't imagine why you would > limit the compression context to a single data frame. Almost all of the discussion, apparently. If compression contexts can span DATA frames, then we open the protocol up to CRIME/BREACH attacks again, or else add extra complexity to limit it. It was also about limiting device's state commitment for connections (not maintaining compression contexts). -- Matthew Kerwin http://matthew.kerwin.net.au/
Received on Friday, 18 April 2014 21:45:03 UTC