- From: Poul-Henning Kamp <phk@phk.freebsd.dk>
- Date: Fri, 12 Sep 2014 14:41:40 +0000
- To: Martin Thomson <martin.thomson@gmail.com>
- cc: "Buzonas, Steve" <sbuzonas@carnegielearning.com>, Julian Reschke <julian.reschke@gmx.de>, Mark Nottingham <mnot@mnot.net>, HTTP Working Group <ietf-http-wg@w3.org>
-------- In message <CABkgnnWgA+cTwUcxF_kt1SQsmEz5X4=82G=do+3Vxtg24NaxZw@mail.gmail.com> , Martin Thomson writes: >On 11 September 2014 22:51, Buzonas, Steve ><sbuzonas@carnegielearning.com> wrote: >> Passing an MD5 sum won't really cut it either. Each hop could replace the value with whatever it decides to tack on. > >I think that the concern is accident here, not malice. That's my concern: How does the client know it got the right post-patch result ? -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence.
Received on Friday, 12 September 2014 14:42:09 UTC