On Mon, Apr 21, 2014 at 3:22 PM, Martin Thomson <martin.thomson@gmail.com>wrote: > On 21 April 2014 14:56, Jeff Pinner <jpinner@twitter.com> wrote: > > Alternatively, and equally acceptable to me, would be to leave the 14-bit > > length field and further restrict the HTTP layer to only use 2^14 - 9 > bytes > > (to allow for 8 bytes of padding). > > I think perhaps you need to speak a little more about why reframing > doesn't work for you. > The goals here are: 1) achieve a desired (to-be-provided) frame length distribution 2) achieve this with the minimum amount of padding 3) achieve the desired distribution regardless of the input data stream The intend is not to avoid reframing, it's to avoid a discontinuity in the output distribution. With the current draft, I have to pad assuming that at some point I will receive a frame with the maximum application data size. This frame cannot be padded arbitrarily, it must have a minimum 8 bytes of padding since any padding requires splitting and so I must add a frame header. Now, if I operate under the assumption that an adversary can force my server to produce full size frames, then at any point the adversary can force my implementation to add at least 8 bytes of padding, revealing information about the targeted distribution. To prevent this, any padding distribution must pad by at least 8 bytes. Now, if this is acceptable, then it must be acceptable to always pad by at least 8 bytes. In which case the current padding implementation is overly complicated and we should just be padding via a PADDING frame (or perhaps two, one subject to flow control and one not). If this is not acceptable, then either the frame size has to increase or the allowable application size decrease.
Received on Monday, 21 April 2014 22:58:27 UTC