Security Considerations Regarding Compression Dictionaries

httpwg / admin

When you want to speak to the manager.

9 stars 15 forks source link

Security Considerations Regarding Compression Dictionaries #7

Open mnot opened 3 years ago

mnot commented 3 years ago

See draft-handte-httpbis-dict-sec.

mnot commented 3 years ago

Need to find someone to push this.

mnot commented 3 years ago

One thing it'd be good to get clarity on is whether we need an RFC detailing the security properties of dictionary compression, or just a working document to help us navigate the space when doing the actual work of standardising a mechanism.

@ekr @sleevi thoughts?