Re: h2 padding

On 4 September 2014 09:51, Roy T. Fielding <fielding@gbiv.com> wrote:

> We already have a paragraph somewhere that says padding should
> not be removed by an intermediary.  I have no problem with it also
> saying that secure intermediaries shouldn't reveal patterns within
> the content by writing them as distinct units when there is no need
> to do so, though I'd think such a thing would be defined by TLS itself.
>

I do have a problem with any text like this.  Writing scalable asynchronous
robust code is really difficult.  Adding in requirements that writing
patterns
must not reveal anything about the content is an escalation in complexity
that I do not think is justified or even achievable.  Next we'll be
requiring
constant time comparisons and other aspects.

It is just not reasonable to expect every HTTP2 implementation to be
hardened against these kind of issues.     They have enough difficult
concerns
to create scalable robust http infrastructure without needing to meta
analyse
every algorithm to ensure that it does not reveal sizes or frame boundaries
in some fashion.

I cannot see how we are going to test that applications actually implement
such requirements anyway.  Do you fail a test if a TCP frame boundary
happens
to fall on a h2 boundary?  Or is it a statistical test?       Without wide
testing,
there is no certainty that such recommendations will be well implemented,
so
applications that care about this will have to implement their own solution
at
another layer.

regards








-- 
Greg Wilkins <gregw@intalio.com>
http://eclipse.org/jetty HTTP, SPDY, Websocket server and client that scales
http://www.webtide.com  advice and support for jetty and cometd.