David Benjamin
David Benjamin
Being able to specify starting nonce values definitely makes sense. That's a good way to reserve a couple points in the counter space for the MAC key or whatever. The...
Regarding the table: between [Alt-Svc](https://tools.ietf.org/html/rfc7838) and [SVCB/HTTPS](https://tools.ietf.org/html/draft-ietf-dnsop-svcb-https-02), the bad port list needs to be applied not just at URLs, but also at the endpoint we actually connect to. Otherwise any...
Got reminded of this recently and noticed there was this discussion point that is worth touching on: >> Is it reasonable to require CORS preflights for requests to non-allow-listed ports?...
To add to that, I think this bug may be based on a slightly mixed up premise. None of the reasons about early hints over HTTP/1.1 are related to browsers....
@bashi and @ricea FYI, regarding https://crrev.com/c/4603363
@christhompson
> So landing this will be blocked on me completing the server upgrade after all. Oof. In the likely event the upgrade makes it impossible to sign MD5, that's no...
Not having headers seems unlikely to work well, given how we expect BoringSSL to be used. You also don't usually expect to be able to use a library in C...
In parallel, I suppose I can start by upstreaming some changes to gradually take the hand-transcribed bindings closer to what bindgen would have generated. There are quite a few mistakes....
I don't think mandating that downstream specs talk about repetitions makes sense. A list is, well, a list. The default expectation is that repetitions are allowed. If you *don't* want...