Re: plain text protocol [was: Re: Performance analysis questions]

hallam@dxal18.cern.ch (HALLAM-BAKER Phillip)

Mail folder: WWW Talk Apr 94-present
Next message: Ari Luotonen: "WIT - W3 Interactive Talk"
Previous message: Andrew Payne: "Re: plain text protocol [was: Re: Performance analysis questions] "

Errors-To: listmaster@www0.cern.ch
Date: Sun, 5 Jun 1994 21:44:45 +0200
Errors-To: listmaster@www0.cern.ch
Message-id: <9406051942.AA01260@dxal18.cern.ch>
Errors-To: listmaster@www0.cern.ch
Reply-To: hallam@dxal18.cern.ch
Originator: www-talk@info.cern.ch
Sender: www-talk@www0.cern.ch
Precedence: bulk
From: hallam@dxal18.cern.ch (HALLAM-BAKER Phillip)
To: Multiple recipients of list <www-talk@www0.cern.ch>
Subject: Re: plain text protocol [was: Re: Performance analysis questions]
X-Listprocessor-Version: 6.0c -- ListProcessor by Anastasios Kotsikonas

In article <7235@cernvm.cern.ch> you write:

|>>> Suppose, in the future, we want to be able to take the md5 checksum of
|>>> the HTTP headers. If you corrupt the bytes by throwing away whitespace
|>>> at the end of a line, you defeat such efforts.
|>>
|>>	You're saying that HTTP is  -not-  a plain text protocol.
|>>	If it's not a plain text protocol,  then GET should have been
|>>something like  (in C):
|>>
|>>		sprintf(GET_REQUEST,"%c%s",0x01,URL)
|>
|>
|>What is a "plain text protocol"?  If you answer, please be very, very
|>precise.
|>
|>HTTP depends on reliable, 8-bit transport.  The fact that HTTP has byte
|>sequences that spell out English words has no implication on other aspects
|>of the protocol.

The security extensions have been designed specifically to ensure that headers
can be MD5'd. A signed header consists of two parts, one that is signed and
another that is unsigned. So a gateway must preserve absolutely the signed
parts but can add in extra bits into the unsigned portion (eg going through
a gateway).


--
Phillip M. Hallam-Baker

Not Speaking for anyone else.