From owner-freebsd-arch Fri Mar 16 7:41:28 2001 Delivered-To: freebsd-arch@freebsd.org Received: from hand.dotat.at (inch.demon.co.uk [194.222.223.128]) by hub.freebsd.org (Postfix) with ESMTP id A82DA37B71D for ; Fri, 16 Mar 2001 07:41:26 -0800 (PST) (envelope-from fanf@dotat.at) Received: from fanf by hand.dotat.at with local (Exim 3.20 #3) id 14dm8d-00008p-00; Fri, 16 Mar 2001 04:46:55 +0000 Date: Fri, 16 Mar 2001 04:46:55 +0000 From: Tony Finch To: Terry Lambert Cc: freebsd-arch@FreeBSD.ORG Subject: Re: [PATCH] add a SITE MD5 command to ftpd Message-ID: <20010316044655.C385@hand.dotat.at> References: <20010314161555.A4984@Odin.AC.HMC.Edu> <200103150439.VAA01217@usr05.primenet.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <200103150439.VAA01217@usr05.primenet.com> Organization: Covalent Technologies, Inc Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Terry Lambert wrote: > >The whole idea of HTTP protection like this is pretty inane, since >we've all already agreed, I think, that it's really only useful >for mirroring, or for offloading an MD5 calculation from my 800MHz >Pentium III laptop onto a big, ballsy 66MHz 486 FTP server. RFC 2616 section 14.15: [...] The Content-MD5 entity-header field, as defined in RFC 1864 [23], is an MD5 digest of the entity-body for the purpose of providing an end-to-end message integrity check (MIC) of the entity-body. (Note: a MIC is good for detecting accidental modification of the entity-body in transit, but is not proof against malicious attacks.) [...] Tony. -- f.a.n.finch fanf@covalent.net dot@dotat.at To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message