Menu
I was just wondering, in the HTTP 1.1 specifications, there is a field Content-MD5. However, since HTTP ride atop TCP/IP in the entire OSI Stack, and given that TCP/IP has a Header Checksum to ensure that all data transmitted is checked, I am curious as to why the need for a Content-MD5 in the HTTP 1.1 specifications? Did I misunderstand or miss out something?
For the HTTP/1.1 header specs I referred to:
http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.15
For the TCP/IP specs I referred to section 3.1 at:
http://www.ietf.org/rfc/rfc791.txt
To me, by adding the Content-MD5 in the HTTP header, we're just adding more work to be done at the server. Why not just use the mechanisms that TCP/IP already provides?
Cheers and thanks to all in advance :)
775
The HTTP content MD5 value is independently useful.
The TCP checksum is pretty weak, and given the amount of data transmitted on the Internet, it is quite likely that there are silent failures of the TCP checksum value.
If you really care, however, you want to use something stronger, like TLS.
174
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
