W3C home > Mailing lists > Public > ietf-http-wg@w3.org > April to June 2014

Re: hpack static table question?

From: Greg Wilkins <gregw@intalio.com>
Date: Mon, 2 Jun 2014 21:18:03 +0200
Message-ID: <CAH_y2NG-N8-R_UZg7i2FV2kpZzeNTDBNKJQ7988D-1bTSApgVg@mail.gmail.com>
To: Roberto Peon <grmocg@gmail.com>
Cc: HTTP Working Group <ietf-http-wg@w3.org>

that clause from 3.1.3 is clear enough in what an impl must do, I just
don't see how it achieve a limit on the reference set size.

Consider a setup that has a small header table size that will fit just a
single field into in.  This decoder then receives a header frame that
contains a reference to header 4 (static :path:/).  This is copied into the
header table at index 1 (evicting anything else that was in there) and is
added to the reference set.  Now say that the rest of the header frame is
full of many many duplicates of a reference to index 1.  For each reference
another entry is made into the reference set pointing to the copied static
entry.    This can continue for ever and represents unlimited growth of the
reference set.

If this kind of duplicate attack is not a problem, then I don't think we
need to limit the size of the reference set, because without such
duplicates, then every entry in the reference set is going to be much
smaller than each entry in the header set.   Thus a limit on the header set
size is effectively a limit on the reference set size, without the need to

So either I'm still missing something or this a complex mechanism that does
not achieve what it is intended to do.


Greg Wilkins <gregw@intalio.com>
http://eclipse.org/jetty HTTP, SPDY, Websocket server and client that scales
http://www.webtide.com  advice and support for jetty and cometd.
Received on Monday, 2 June 2014 19:18:32 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:14:31 UTC