- From: Greg Wilkins <gregw@intalio.com>
- Date: Fri, 5 Sep 2014 11:43:38 +1000
- To: HTTP Working Group <ietf-http-wg@w3.org>
- Message-ID: <CAH_y2NF3N+OQPZwd5-7jzME-RnQE3Vn2XZKm5xNj5Np=zDhEiw@mail.gmail.com>
On 5 September 2014 11:36, Martin Thomson <martin.thomson@gmail.com> wrote: > On 4 September 2014 17:22, Greg Wilkins <gregw@intalio.com> wrote: > > Are there any examples of security padding that can be applied by the > > framing layer? > > Oh, that, and the word "automatic" suggest that you are asking for > something that is simply not possible. You need information to pass > from the application to the framing layer in order to enact any > sensible changes. > So the supplementary question is, what applications care enough about security padding but cannot pad by any other means than tunnelling that care down to the framing layer of a specific protocol? Do we have any security use-cases that are enabled by the availability of padding in the framing layer? Automatic padding had been suggested by others, but I agree with you: that is an impossible use-case? cheers -- Greg Wilkins <gregw@intalio.com> http://eclipse.org/jetty HTTP, SPDY, Websocket server and client that scales http://www.webtide.com advice and support for jetty and cometd.
Received on Friday, 5 September 2014 01:44:07 UTC