On Apr 03, Marek Marczykowski-Górecki wrote:
The idea is to verify if they are non-malicious, not necessary "correct". So, as soon you verify they conform to the expected format, you can drop "untrusted_" prefix.
Ah, gotcha.
Also, be careful about things like server sending too much or too little data.
Oof, my brain is blanking. Could you give some examples of what could happen if a server sent too much/little?
Thanks btw for all the help! Jason Phan -- You received this message because you are subscribed to the Google Groups "qubes-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-devel+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-devel/20200403011217.vyw4ghxqwt2tp5ng%40macbook.local.