- From: Willy Tarreau <w@1wt.eu>
- Date: Fri, 14 Mar 2014 23:36:05 +0100
- To: "William Chan (?????????)" <willchan@chromium.org>
- Cc: Amos Jeffries <squid3@treenet.co.nz>, HTTP Working Group <ietf-http-wg@w3.org>
On Fri, Mar 14, 2014 at 03:22:01PM -0700, William Chan (?????????) wrote: > Correct. But IIUC, the problem is the client doesn't know if there's a 1.0 > intermediary or backend in the path, or if the 2.0 gateway is willing to > buffer (sounds crazy, but just for completeness I mentioned it). So the > client can't assume gzip support at the peer, even though we suspect most > would support it. Since we can't assume by default, I was thinking maybe we > can assume by having the server/proxy explicitly declare support. Another point is that I'm suspecting that gunzip on 2.0->1.x gateways will be disabled because of seucrity issues. It's so much easy to exploit random decompressors for size amplification that I'm having a hard time imagining that this will remain enabled for a long time :-/ With an amplification ratio of 1000, you only need 1 Mbps upload to saturate the Gig link of a gateway... Willy
Received on Friday, 14 March 2014 22:38:03 UTC