- From: Martin Thomson <martin.thomson@gmail.com>
- Date: Tue, 21 Feb 2017 10:23:56 +1100
- To: Julian Reschke <julian.reschke@gmx.de>
- Cc: HTTP Working Group <ietf-http-wg@w3.org>
That's a good clarification. I have made the change to the editor's copy in 8e4976a8ebc. On 21 February 2017 at 01:33, Julian Reschke <julian.reschke@gmx.de> wrote: > Given the fact that two people did not get how to find the padding delim on > decryption, I'd suggest something like the change below: > > OLD: > > Each record contains a single padding delimiter octet followed by any > number of zero octets. The last record uses a padding delimiter > octet set to the value 2, all other records have a padding delimiter > octet value of 1. A decrypter MUST fail if the unencrypted content > of a record is all zero-valued. A decrypter MUST fail if the last > record contains a padding delimiter with a value other than 2; a > decrypter MUST fail if any record other than the last contains a > padding delimiter with a value other than 1. > > NEW: > > Each record contains a single padding delimiter octet followed by any > number of zero octets. The last record uses a padding delimiter > octet set to the value 2, all other records have a padding delimiter > octet value of 1. > > On decryption, the padding delimiter is defined to be the last non- > zero valued octet of the record. A decrypter MUST fail if the record > contains no non-zero octet. A decrypter MUST fail if the last record > contains a padding delimiter with a value other than 2 or if any > record other than the last contains a padding delimiter with a value > other than 1. > > Best regards, Julian >
Received on Monday, 20 February 2017 23:24:28 UTC