Re: Change to padding in encryption -- enabling random access

Martin Thomson <martin.thomson@gmail.com> Mon, 30 January 2017 06:31 UTC

Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 316AA129437 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Sun, 29 Jan 2017 22:31:14 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.719
X-Spam-Level:
X-Spam-Status: No, score=-9.719 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RCVD_IN_SORBS_SPAM=0.5, RP_MATCHES_RCVD=-3.199, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FKRuTZUm2Slm for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Sun, 29 Jan 2017 22:31:12 -0800 (PST)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C4D9C1289B0 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Sun, 29 Jan 2017 22:31:12 -0800 (PST)
Received: from lists by frink.w3.org with local (Exim 4.80) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1cY5Rd-0007uO-PP for ietf-http-wg-dist@listhub.w3.org; Mon, 30 Jan 2017 06:28:05 +0000
Resent-Date: Mon, 30 Jan 2017 06:28:05 +0000
Resent-Message-Id: <E1cY5Rd-0007uO-PP@frink.w3.org>
Received: from mimas.w3.org ([128.30.52.79]) by frink.w3.org with esmtps (TLS1.2:RSA_AES_128_CBC_SHA1:128) (Exim 4.80) (envelope-from <martin.thomson@gmail.com>) id 1cY5RZ-0007tY-Nx for ietf-http-wg@listhub.w3.org; Mon, 30 Jan 2017 06:28:01 +0000
Received: from mail-qk0-f182.google.com ([209.85.220.182]) by mimas.w3.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_2) (envelope-from <martin.thomson@gmail.com>) id 1cY5RC-0004de-RL for ietf-http-wg@w3.org; Mon, 30 Jan 2017 06:27:50 +0000
Received: by mail-qk0-f182.google.com with SMTP id s140so119829204qke.0 for <ietf-http-wg@w3.org>; Sun, 29 Jan 2017 22:27:18 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=L0sSI6/w9DN9hDJ2qM8Z2TmNla93aaSzIqHQkUfgoYU=; b=pJVk8n8QZfW8oVT37VQ30O2RLHhMc1OvGv/LM+93TJ70+BVBtzjnOx8mAwzJdRff4T 5HWJdEd5WPOMKb0Xst2vvOC6ZSRcbIWmB8JcRE1FYPJuDNk8k3zcvhFlHOl9q6WybuPS HGsOqPReLUv/k2LsqKI/4T8VUSMmovPIZEBNWACxhoWohss4cFU9KHrBUmIgDp+bue1k /1eL5iAHnfvLdEzfvua24FXP6sqY03S6eWKv76i3ffmnyxsu4/ClUg/1XvQnsDV092FU qlaLkQ35nlqHDUtzSfhCKLYZ9hIjN+xONz+qEfHyL1AG2rRVsoXxBlW9PQ79FjvrjReX HbXA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=L0sSI6/w9DN9hDJ2qM8Z2TmNla93aaSzIqHQkUfgoYU=; b=REYi48o6aGZQCeqCmzvHLqfSnyrMCP+f5yjYJ7/f7w6I7UGt/rbqWQSnRFiG04UgVE NkqMXCO82JwxoYeV4K+A2Vrhbnj+YZ5yExspZXubJTZXHHl/CxZkG9oOxwvfTIbyNRaj sZLZtu9IMuMJXg/iKk/m4QWyVHgkp92WfN9PyxjNyhRCDycaip8rGEXu0zxsBfG9cMlS nTYKw+cdbHXbfw8q/+7Yl6O2PeuW/fE8RUyhUjrw7ZfFhwL+cd2jBL+XqIthBWabWO3b nV6JyFvdWTYbY61DnsvDZXHhgZnNYF5hSg6AFxQTl4olDBf7rnU38AODuAHV/IbedWO/ MHqg==
X-Gm-Message-State: AIkVDXI6W11HH3/jFIIS5LDd1b5BSuOrWkq1UMYmaXFQBm9i/bKHEFYs/n+0dU2uuKf8G4C9yIO8xKLwJ4sHvQ==
X-Received: by 10.55.185.131 with SMTP id j125mr13049478qkf.115.1485757632872; Sun, 29 Jan 2017 22:27:12 -0800 (PST)
MIME-Version: 1.0
Received: by 10.140.19.112 with HTTP; Sun, 29 Jan 2017 22:27:12 -0800 (PST)
In-Reply-To: <SYXPR01MB1615E583D39EB73552D16287E54B0@SYXPR01MB1615.ausprd01.prod.outlook.com>
References: <SYXPR01MB1615E160116B0FABB6703DC6E54B0@SYXPR01MB1615.ausprd01.prod.outlook.com> <CABkgnnXvmkMmncE8UdsouOW-NH4x=hu6gcPvY3H43ZRWST58CA@mail.gmail.com> <SYXPR01MB1615E583D39EB73552D16287E54B0@SYXPR01MB1615.ausprd01.prod.outlook.com>
From: Martin Thomson <martin.thomson@gmail.com>
Date: Mon, 30 Jan 2017 17:27:12 +1100
Message-ID: <CABkgnnU2vrvpBv_nDGRDEP5VUsAhqVamSZufnFsgU67FA2rODw@mail.gmail.com>
To: "Manger, James" <James.H.Manger@team.telstra.com>
Cc: HTTP Working Group <ietf-http-wg@w3.org>
Content-Type: text/plain; charset=UTF-8
Received-SPF: pass client-ip=209.85.220.182; envelope-from=martin.thomson@gmail.com; helo=mail-qk0-f182.google.com
X-W3C-Hub-Spam-Status: No, score=-5.7
X-W3C-Hub-Spam-Report: AWL=-0.225, BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RCVD_IN_SORBS_SPAM=0.5, SPF_PASS=-0.001, W3C_AA=-1, W3C_DB=-1, W3C_IRA=-1, W3C_WL=-1
X-W3C-Scan-Sig: mimas.w3.org 1cY5RC-0004de-RL 9a348a0ddc9b7194d5ca2befc65aa234
X-Original-To: ietf-http-wg@w3.org
Subject: Re: Change to padding in encryption -- enabling random access
Archived-At: <http://www.w3.org/mid/CABkgnnU2vrvpBv_nDGRDEP5VUsAhqVamSZufnFsgU67FA2rODw@mail.gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/33395
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

On 30 January 2017 at 17:04, Manger, James
<James.H.Manger@team.telstra.com> wrote:
> Padding is in-band even when the encryptor doesn't want to use any, so an in-band signal that there is no earlier padding doesn't feel like complexity that is out-of-place.

That would be true if you consider the random access use case to be
common enough to justify any complexity at all.