Re: Server Push Error Codes from Martin Thomson on 2016-08-24 (ietf-http-wg@w3.org from July to September 2016)

From: Martin Thomson <martin.thomson@gmail.com>
Date: Wed, 24 Aug 2016 20:08:38 +1000
To: Emily Shepherd <emily@emilyshepherd.me>
Cc: Mark Nottingham <mnot@mnot.net>, HTTP Working Group <ietf-http-wg@w3.org>
Message-ID: <CABkgnnUnEcWYFKzONdaggBPvLJC+G4JYNWtb1M=y_31+fda6jg@mail.gmail.com>

On 24 August 2016 at 19:04, Emily Shepherd <emily@emilyshepherd.me> wrote:
> I agree. I can't see a reason being specific in error conditions could ever
> be a bad thing.

There were a few times in TLS when overly specific error reporting
created an oracle that could be used to break the protocol.  Though
maybe HTTP is safe from that.

Received on Wednesday, 24 August 2016 10:09:06 UTC