Ignore:
Timestamp:
Jul 26, 2011, 8:53:04 AM (8 years ago)
Author:
ylafon@…
Message:

Added security consideration on range flooding (See #175)

File:
1 edited

Legend:

Unmodified
Added
Removed
  • draft-ietf-httpbis/latest/p5-range.xml

    r1328 r1355  
    984984<section title="Security Considerations" anchor="security.considerations">
    985985<t>
    986    No additional security considerations have been identified beyond
    987    those applicable to HTTP in general &messaging;.
    988 </t>
     986   This section is meant to inform application developers, information
     987   providers, and users of the security limitations in HTTP/1.1 as
     988   described by this document. The discussion does not include
     989   definitive solutions to the problems revealed, though it does make
     990   some suggestions for reducing security risks.
     991</t>
     992<section title="Overlapping Ranges" anchor="overlapping.ranges">
     993<t>
     994   Range requests containing overlapping ranges may lead to the situation
     995   where a server is sending far more data than the size of the complete
     996   resource representation.
     997</t>
     998</section>
    989999</section>
    9901000
     
    16931703<section title="Since draft-ietf-httpbis-p5-range-15" anchor="changes.since.15">
    16941704<t>
    1695   None.
     1705  Closed issues:
     1706  <list style="symbols">
     1707    <t>
     1708      <eref target="http://trac.tools.ietf.org/wg/httpbis/trac/ticket/175"/>:
     1709      "Security consideration: range flooding"
     1710    </t>
     1711  </list>
    16961712</t>
    16971713</section>
Note: See TracChangeset for help on using the changeset viewer.