Re: Header compression integrity

Martin Thomson <martin.thomson@gmail.com> Sun, 28 July 2013 07:53 UTC

Return-Path: <ietf-http-wg-request@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F033421F9B60 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Sun, 28 Jul 2013 00:53:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.121
X-Spam-Level:
X-Spam-Status: No, score=-10.121 tagged_above=-999 required=5 tests=[AWL=0.478, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Soac1wFpxBNw for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Sun, 28 Jul 2013 00:52:55 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) by ietfa.amsl.com (Postfix) with ESMTP id C30C921F9D93 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Sun, 28 Jul 2013 00:52:49 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.72) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1V3Llv-0008VS-58 for ietf-http-wg-dist@listhub.w3.org; Sun, 28 Jul 2013 07:52:07 +0000
Resent-Date: Sun, 28 Jul 2013 07:52:07 +0000
Resent-Message-Id: <E1V3Llv-0008VS-58@frink.w3.org>
Received: from lisa.w3.org ([128.30.52.41]) by frink.w3.org with esmtp (Exim 4.72) (envelope-from <martin.thomson@gmail.com>) id 1V3Lll-0008Uh-IR for ietf-http-wg@listhub.w3.org; Sun, 28 Jul 2013 07:51:57 +0000
Received: from mail-wg0-f49.google.com ([74.125.82.49]) by lisa.w3.org with esmtps (TLS1.0:RSA_ARCFOUR_SHA1:16) (Exim 4.72) (envelope-from <martin.thomson@gmail.com>) id 1V3Lli-0005Rk-LO for ietf-http-wg@w3.org; Sun, 28 Jul 2013 07:51:57 +0000
Received: by mail-wg0-f49.google.com with SMTP id y10so3410224wgg.16 for <ietf-http-wg@w3.org>; Sun, 28 Jul 2013 00:51:25 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=8ErP2jWb5DLdbd06TmuO0nJenlpe2PStBrVSqPqhQjw=; b=QoatPTe7KSakg3r3mKeM3mEgwmEx5MaUSKUjfboZ0pAGDaUyFwOuv4gpWfZGgRsEUr yWZ3x0dAJlxbrjJCWXAgk7mP1N50MZFotJFnANCK8DfTzPdG1ks0dswdi+35nK9oJEgc a0Ikbwm7ZDGCLW6ULfYyvZSAksd4J+I1fhSMq5aZF1XgDSEj2WmutYYTpv4xna+0mbq/ FNwnDft5+9zl/DYIBeJZE9BDdtubohWoREWgRa6vxjwkypY1O9Lglt91LmfIm8fNqusF KfP3OyeMzno5oi4WLFzwkHmTCRh0EX8c3jwtmgs3LDPrECTpT35qJ4JvA8TY8u+b82Jp U4oA==
MIME-Version: 1.0
X-Received: by 10.180.83.163 with SMTP id r3mr3753598wiy.10.1374997885793; Sun, 28 Jul 2013 00:51:25 -0700 (PDT)
Received: by 10.194.60.46 with HTTP; Sun, 28 Jul 2013 00:51:25 -0700 (PDT)
In-Reply-To: <CAPyZ6=K8a=LqVZPq28Kmc=aoPjU4FSX+p2t_B8itFLHuBUerQQ@mail.gmail.com>
References: <CAPyZ6=K8a=LqVZPq28Kmc=aoPjU4FSX+p2t_B8itFLHuBUerQQ@mail.gmail.com>
Date: Sun, 28 Jul 2013 00:51:25 -0700
Message-ID: <CABkgnnXRtr0XrAL+g1rekxQsW1wNDiQ7r-VmKmGGGVG0Yw98-Q@mail.gmail.com>
From: Martin Thomson <martin.thomson@gmail.com>
To: Tatsuhiro Tsujikawa <tatsuhiro.t@gmail.com>
Cc: "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
Content-Type: text/plain; charset=UTF-8
Received-SPF: pass client-ip=74.125.82.49; envelope-from=martin.thomson@gmail.com; helo=mail-wg0-f49.google.com
X-W3C-Hub-Spam-Status: No, score=-4.4
X-W3C-Hub-Spam-Report: AWL=-1.736, BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001
X-W3C-Scan-Sig: lisa.w3.org 1V3Lli-0005Rk-LO f2e09d28ce0be333a2588a5fadcfbeda
X-Original-To: ietf-http-wg@w3.org
Subject: Re: Header compression integrity
Archived-At: <http://www.w3.org/mid/CABkgnnXRtr0XrAL+g1rekxQsW1wNDiQ7r-VmKmGGGVG0Yw98-Q@mail.gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/18939
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

On 27 July 2013 20:56, Tatsuhiro Tsujikawa <tatsuhiro.t@gmail.com> wrote:
> I think it would be good to add some kind of integrity checking against
> uncompressed header sets(e.g., parity, hash, etc).

This is an interesting suggestion.  Perhaps our initial
interoperability testing will allow us to discover how likely this is
going to be.  The only thing that bothers me is the eviction scheme,
but the -01 draft seems to be clear enough.  If things get more
complex, or we discover problems, then maybe a sanity check might be
appropriate.