Re: Frame Length Restrictions from Martin Thomson on 2014-04-22 (ietf-http-wg@w3.org from April to June 2014)

From: Martin Thomson <martin.thomson@gmail.com>
Date: Tue, 22 Apr 2014 09:51:03 -0700
To: Amos Jeffries <squid3@treenet.co.nz>
Cc: HTTP Working Group <ietf-http-wg@w3.org>
Message-ID: <CABkgnnVntjR-FFyn6Dwgn-HUio44GXOuiG_17Br=VAvd=R4zQQ@mail.gmail.com>

On 22 April 2014 08:39, Amos Jeffries <squid3@treenet.co.nz> wrote:
>> I can understand if there are END_SEGMENT flags in place that this
>> complicates things.  But completely-full frames with END_SEGMENT
>> should be a pathological case.
>
> My expectation is that we can cut these frames into two and place the
> END_SEGMENT only on the second frame.

Exactly.

But if you have a 16383 byte frame with END_SEGMENT, then your choices
for length on the wire are ==16391 or >=16399. There's no way to put
16392 octets on the wire.  I don't think that this is a major issue,
since you can be consistent and have both a 16376 byte limit and a new
frame for every END_SEGMENT byte.  Then the only leakage occurs when
END_SEGMENT is used selectively, based on whether there is content
that is sensitive/secret/etc...

Received on Tuesday, 22 April 2014 16:51:34 UTC