W3C home > Mailing lists > Public > ietf-http-wg@w3.org > January to March 2014

Re: Support for gzip at the server #424

From: Willy Tarreau <w@1wt.eu>
Date: Fri, 14 Mar 2014 23:36:05 +0100
To: "William Chan (?????????)" <willchan@chromium.org>
Cc: Amos Jeffries <squid3@treenet.co.nz>, HTTP Working Group <ietf-http-wg@w3.org>
Message-ID: <20140314223605.GE18956@1wt.eu>
On Fri, Mar 14, 2014 at 03:22:01PM -0700, William Chan (?????????) wrote:
> Correct. But IIUC, the problem is the client doesn't know if there's a 1.0
> intermediary or backend in the path, or if the 2.0 gateway is willing to
> buffer (sounds crazy, but just for completeness I mentioned it). So the
> client can't assume gzip support at the peer, even though we suspect most
> would support it. Since we can't assume by default, I was thinking maybe we
> can assume by having the server/proxy explicitly declare support.

Another point is that I'm suspecting that gunzip on 2.0->1.x gateways will
be disabled because of seucrity issues. It's so much easy to exploit random
decompressors for size amplification that I'm having a hard time imagining
that this will remain enabled for a long time :-/

With an amplification ratio of 1000, you only need 1 Mbps upload to saturate
the Gig link of a gateway...

Received on Friday, 14 March 2014 22:38:03 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:14:24 UTC