W3C home > Mailing lists > Public > ietf-http-wg@w3.org > April to June 2014

PONG (was Re: Why do DATA frames have padding?)

From: Martin Thomson <martin.thomson@gmail.com>
Date: Wed, 7 May 2014 13:09:11 -0700
Message-ID: <CABkgnnWAQWo4gbw=3fnwvfiBd6HW=rzRCYSo53mU+vr3C6kx7A@mail.gmail.com>
To: Mike Bishop <Michael.Bishop@microsoft.com>
Cc: Greg Wilkins <gregw@intalio.com>, HTTP Working Group <ietf-http-wg@w3.org>
On 7 May 2014 12:51, Mike Bishop <Michael.Bishop@microsoft.com> wrote:
> Heh -- sending a PING response without having gotten a PING in the first place (or yet, if it's in flight) has the potential to mess with many state machines....  That's an interesting attack.

Well, it is if you maintain state for PING like that.

More seriously, if you had not considered this option, it's
conceivable that others won't.  Is this something we need to patch in
the spec?
Received on Wednesday, 7 May 2014 20:09:38 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:14:30 UTC