W3C home > Mailing lists > Public > ietf-http-wg@w3.org > April to June 2014

Re: Stuck in a train -- reading HTTP/2 draft.

From: Martin Thomson <martin.thomson@gmail.com>
Date: Mon, 16 Jun 2014 19:52:15 -0700
Message-ID: <CABkgnnVQASb30igrKY3TcF6Xp750ZENd6LDh7mHd5VZmrd_+-Q@mail.gmail.com>
To: Matthew Kerwin <matthew@kerwin.net.au>
Cc: Mark Nottingham <mnot@mnot.net>, HTTP Working Group <ietf-http-wg@w3.org>
On Jun 16, 2014 6:49 PM, "Matthew Kerwin" <matthew@kerwin.net.au> wrote:
> I am not a security person, and this is purely spit-balling, but how
about a hybrid? First n bytes must be <sentinel value, maybe zeroes>,
remainder is random/ignored.‚Äč That way you get to detect bad packing, but
also hopefully get to mess with known-plaintext stuff. However it's more
words and more code, and I have no idea if it's worth it.

The other thing to note I'd that if you actually have IND-CCA (look it up,
you need it, it's foundational), then you are dealing with the possibility
that plaintext is all x for any value of x. And I try not to be inventive
when it comes to security mechanisms.

Yes, it is the case that padding has been attacked, but I'm inclined to
trust that TLS can handle this one.
Received on Tuesday, 17 June 2014 02:52:42 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:14:31 UTC