Re: Padding for PUSH_PROMISE frames from Roberto Peon on 2014-02-14 (ietf-http-wg@w3.org from January to March 2014)

From: Roberto Peon <grmocg@gmail.com>
Date: Fri, 14 Feb 2014 14:13:37 -0800
To: Ryan Hamilton <rch@google.com>
Cc: Nicholas Hurley <hurley@todesschaf.org>, IETF HTTP WG <ietf-http-wg@w3.org>, Jeff Pinner <jpinner@twitter.com>
Message-ID: <CAP+FsNeoucHfNgTxp9AFvktLwya0P5T6b7NY1u7EVoUyvCrOVw@mail.gmail.com>

Consider? Sure, however the downside is that we lose information because we
have a minimum padding of 8 bytes instead of of minimum padding of 1 byte.
I believe that there would probably be interesting side-channel attacks
against the padding mechanism if it was always a minimum of 8 bytes unless
we added padding to 8-byte-boundaries to all frames..
.. and that would be a waste.

-=R


On Fri, Feb 14, 2014 at 2:11 PM, Ryan Hamilton <rch@google.com> wrote:

> Would it make sense to consider adding an explicit padding frame instead
> of adding padding *to* existing frames?
>
>
> On Fri, Feb 14, 2014 at 2:06 PM, Roberto Peon <grmocg@gmail.com> wrote:
>
>> Yup. Padding should be on any frame including a headers block, plus the
>> data frame.
>> -=R
>>
>>
>> On Fri, Feb 14, 2014 at 2:01 PM, Nicholas Hurley <hurley@todesschaf.org>wrote:
>>
>>> I thought about adding padding to everything, but like Roberto said, it
>>> gets even trickier to do correctly (i.e., without messing up the security
>>> properties), and it seems a little silly to me to add padding to a frame
>>> that has a constant size. Adding it to PUSH_PROMISE, though, allows hiding
>>> the true size of the promised headers, and makea processing of both that
>>> and HEADERS frames almost the same, conceivably simplifying  implementation.
>>>  I can see an argument for it but... meh. Padding is not a security
>>> feature unless it is used right. Adding it everywhere doesn't really help
>>> that, and opens up stuff even wider for abuse in the myriad cases where it
>>> has no real security benefit.
>>>
>>> -=R
>>>
>>>
>>> On Thu, Feb 13, 2014 at 9:39 PM, Jeff Pinner <jpinner@twitter.com>wrote:
>>>
>>>> Should we consider adding padding to all frames?
>>>>
>>>> We have two bits reserved at the beginning of the length field that we
>>>> could use for the two padding flags, independent of frame type.
>>>>
>>>>
>>>> On Thu, Feb 13, 2014 at 9:26 PM, Nicholas Hurley <hurley@todesschaf.org
>>>> > wrote:
>>>>
>>>>> All,
>>>>>
>>>>> Right now (as of draft-10), DATA, HEADERS, and CONTINUATION frames can
>>>>> contain padding to obscure the actual size of the data being sent. I
>>>>> believe it would make sense to also add the option for padding to
>>>>> PUSH_PROMISE frames, as they carry (pretty much) the same type of payload
>>>>> as HEADERS frames, and can benefit from padding in the same way.
>>>>>
>>>>> I can make a pull request if others think this is a good idea.
>>>>>
>>>>> Thoughts?
>>>>> -Nick
>>>>>
>>>>
>>>>
>>>
>>
>

Received on Friday, 14 February 2014 22:14:04 UTC