Stefan Fuhrmann wrote on Mon, May 02, 2016 at 07:19:34 +0200: > On 30.04.2016 02:47, Daniel Shahaf wrote: > >Does any third-party tool make that optimization? > > Such a tool would probably ignore checksums altogether > because there is no point in explicitly ignoring them > for empty files only.
I thought a reader could, if a "Content-Length: 0" header was present, hardcode the EXPECTED_MD5 value to d41d8cd98f00b204e9800998ecf8427e instead of reading it from the Checksum-MD5 header. It's not possible to do this optimization for any non-zero Content-Length, and it still provides the reader with assurance of transport integrity of the payload itself. What this optimization doesn't provide is assurance against certain bugs in the dump producer, e.g., against a bug whereby the correct payload and checksum, but incorrect Content-Length header, would be written, *and* the payload would look like whatever the dumpstream parser expects to follow an empty payload. What's the worst-case failure mode of this optimization, then? So far, I haven't come up with a failure mode that's both likely and worse than a parse error on the next node. Cheers, Daniel (by "payload" I mean the byte string whose md5 and length are in the dump node headers)
