- From: Julian Reschke <julian.reschke@gmx.de>
- Date: Sun, 12 Mar 2023 14:08:07 +0100
- To: ietf-http-wg@w3.org
Hi there, > Signatures are likely to be deemed an adversarial setting when applying Integrity fields; see Section 5. Using signatures to protect the checksum of an empty representation allows receiving endpoints to detect if an eventual payload has been stripped or added. I understand the case where a representation was *added* (where previously it was empty). But the opposite case? Best regards, Julian
Received on Sunday, 12 March 2023 13:08:23 UTC