- From: Martin Thomson <martin.thomson@gmail.com>
- Date: Wed, 3 Sep 2014 15:45:59 -0700
- To: Brian Smith <brian@briansmith.org>
- Cc: "Roy T. Fielding" <fielding@gbiv.com>, HTTP Working Group <ietf-http-wg@w3.org>
On 3 September 2014 15:31, Brian Smith <brian@briansmith.org> wrote: > But, draft 14 doesn't say that. Woah nelly, we don't mandate that for a number of reasons. Firstly, because of what Roberto said. Sometimes padding is added for the purposes of enhancement. For instance, we might have two backends that might perform their own padding, but there might be resources from each of those that we want to ensure are indistinguishable. A reverse proxy can add padding to ensure that. That sort of additive padding only increases the size of the anonymity set, which can't be worse (though it may not be better, certainly.) Similarly, a proxy serving many clients might want to prevent length-based correlation between client-side and origin-server-side exchanges by adding padding. We don't want to prohibit those cases. Generally speaking, the people making the changes know better than we do. Therefore, we use a SHOULD and recommend that intermediaries not remove padding. > So, we have to assume some implementations will choose to split > the data stream at the frame boundary. Let us be very careful to distinguish between potentially more secure because we are providing the necessary tools and more secure even when people do the wrong thing. We're not aiming for the latter here.
Received on Wednesday, 3 September 2014 22:46:27 UTC