- From: Amos Jeffries <squid3@treenet.co.nz>
- Date: Fri, 11 Jul 2014 23:40:54 +1200
- To: Mark Nottingham <mnot@mnot.net>
- CC: ietf-http-wg@w3.org
On 11/07/2014 10:56 p.m., Mark Nottingham wrote: > > On 11 Jul 2014, at 8:05 pm, Amos Jeffries wrote: >>> >>> Roberto appears to be arguing that just because the routing >>> information might be in the last fragment, it isn't always; that's >>> pessimistic. If the necessary information is in the first, it can be >>> acted upon and then forwarded, reducing the buffers necessary to >>> serve this more optimistic case. >> >> I believe its optimistic to expect malicious coders will write the >> routing information in the last fragment if they find you have coded to >> assume it is in the first one(s). Even if the spec says only to send in >> the first fragment. > > Not following you here... > You said it was pessimistic to expect attack. I think coding mistakes and then attacks based on them are guaranteed to happen if the fragmentation decision is retained. Amos
Received on Friday, 11 July 2014 11:41:27 UTC