On Fri 2015-07-24 07:28:53 -0400, Ben Laurie wrote:
> On Thu, 23 Jul 2015 at 20:59 Salz, Rich <[email protected]> wrote:
>> Steve raised issue of exposing what certs a client is interested in if
>> size of get-entries can shrink to one, for example.
>
> My response was omitted: this doesn't matter so long as the client
> continues to request entries until it has all the ones it originally
> decided to fetch.
as a concrete example, if a client says "give me entries from 1000 to
2000" while knowing it actually only wants entry 1223, and the server
dribbles them back one at a time instead of 1000 at a time, then the
client which stops at 1223 has effectively lost privacy.
If the client continues with the next 777 fetches anyway, then it should
be identical privacy-wise to the initial request (albeit at a likely
higher expense in terms of latency and network traffic)
--dkg
_______________________________________________
Trans mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/trans
