- From: Amos Jeffries <squid3@treenet.co.nz>
- Date: Wed, 03 Sep 2014 23:33:26 +1200
- To: ietf-http-wg@w3.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 3/09/2014 6:15 p.m., Brian Smith wrote: > On Tue, Sep 2, 2014 at 11:07 PM, Brian Smith wrote: >> I actually think it is worth evaluating whether the padding >> mechanism is practically useful as a security mechanism as >> specified and with the above issues addressed. Has anybody >> actually used frame padding to solve a real-world problem yet? >> Has anybody tried to write a terrible-but-conforming >> implementation that effectively undoes all the protection that >> padding is supposed to offer? It seems likely that the answer to >> both questions is "no." > > Also, what is a HTTP1.1 <-> HTTP/2 proxy supposed to do with > padding? Gateway itself and 1.1 representation is a non-issue. Chunked encoding trailers are available to relay padding after each DATA chunk. What happens *inside* the 1.1-only hops is the big issue. The gateway may need to use a CONNECT tunnel to communicate directly to the server over 1.1 hop(s). Amos -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (MingW32) iQEcBAEBAgAGBQJUBvyGAAoJELJo5wb/XPRjZGYH/iVs84CI7Ogv5IB9gjwqjCIF c5WdvTCqUyE9hE8rreGPS7JfBRCU5kbmJF3W8tZwA56NpLlplB7JprO0rpR2Vpm7 /OcXaYf1HpNRF/D5CV4iSYOMBMDto/R6zt0bzJ1t5zQvSvgjcDENqA/1qex+BIBX ueQRPr8fgpdJSUxUb0TqyuBr+91L77R+9UvdME0SC7Ws9xSsqcZKaYkGJVHs/MA7 9PcveysDM9OKdznD4Yp2X7Ugsdm7CMQoInHwhDLEa6nUPMlAM4eDtVC+CT3NpDhz Xsldc4OY4ZKNmkbUnL4o84PqK1xLpg2OXBkVWSW3UhegdTZngtwncRET2BC4/J8= =Ogmf -----END PGP SIGNATURE-----
Received on Wednesday, 3 September 2014 11:34:01 UTC