[Last-Call] Secdir last call review of draft-ietf-httpbis-sfbis-05

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Reviewer: Peter Yee
Review result: Ready

This is a somewhat exhaustive (exhausting) specification for creating and
handling HTTP Structured Fields. There's nothing cryptographic in here nor is
the document overtly related to security. It's really about specifying the
fields and being able to serialize and parse them. To that extent, parsing
implementation tends to be the problem. This document calls out potential DoS
issues with enormous fields, not always being able to correctly fail to parse a
field, and Display String sanitization concerns. I've nothing to add on top of
that, so I deem the document Ready.


-- 
last-call mailing list
last-call@xxxxxxxx
https://www.ietf.org/mailman/listinfo/last-call



[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Mhonarc]     [Fedora Users]

  Powered by Linux