incubator-couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Damien Katz (JIRA)" <j...@apache.org>
Subject [jira] Commented: (COUCHDB-558) Validate Content-MD5 request headers on uploads
Date Mon, 02 Nov 2009 23:08:59 GMT

    [ https://issues.apache.org/jira/browse/COUCHDB-558?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12772742#action_12772742
] 

Damien Katz commented on COUCHDB-558:
-------------------------------------

Robert is correct, MD5 is fine for validating integrity, and as far as I know, it's the only
hash function that's standardized in HTTP.

For fully secure, unspoofable transmission, SSL is the way to go anyway.

> Validate Content-MD5 request headers on uploads
> -----------------------------------------------
>
>                 Key: COUCHDB-558
>                 URL: https://issues.apache.org/jira/browse/COUCHDB-558
>             Project: CouchDB
>          Issue Type: Improvement
>          Components: Database Core, HTTP Interface
>            Reporter: Adam Kocoloski
>             Fix For: 0.11
>
>
> We could detect in-flight data corruption if a client sends a Content-MD5 header along
with the data and Couch validates the MD5 on arrival.
> RFC1864 - The Content-MD5 Header Field
> http://www.faqs.org/rfcs/rfc1864.html

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message