draft-ietf-httpbis-digest-headers-11, "6.3. Usage in Signatures"

Hi there,

 > Signatures are likely to be deemed an adversarial setting when
applying Integrity fields; see Section 5. Using signatures to protect
the checksum of an empty representation allows receiving endpoints to
detect if an eventual payload has been stripped or added.

I understand the case where a representation was *added* (where
previously it was empty). But the opposite case?

Best regards, Julian

Received on Sunday, 12 March 2023 13:08:23 UTC