Repair security considerations section
This commit is contained in:
parent
b43d372014
commit
9ee59562a1
|
@ -274,10 +274,6 @@ symbols, `a` and `b`, is
|
||||||
|
|
||||||
## Security Considerations
|
## Security Considerations
|
||||||
|
|
||||||
**Annotations.** In modes where a `Value` is being read while
|
|
||||||
annotations are skipped, an endless sequence of annotations may give an
|
|
||||||
illusion of progress.
|
|
||||||
|
|
||||||
**Overlong varints.** The binary format allows (but discourages)
|
**Overlong varints.** The binary format allows (but discourages)
|
||||||
overlong [varint](#varint)s. Because every `Repr` has a bound on its
|
overlong [varint](#varint)s. Because every `Repr` has a bound on its
|
||||||
length from its surrounding context, this is not a denial-of-service
|
length from its surrounding context, this is not a denial-of-service
|
||||||
|
@ -285,6 +281,10 @@ vector *per se*; however, implementations may wish to consider optional
|
||||||
restrictions on the number of redundant leading `0` bytes accepted when
|
restrictions on the number of redundant leading `0` bytes accepted when
|
||||||
reading a varint.
|
reading a varint.
|
||||||
|
|
||||||
|
**Overlong SignedIntegers.** Similarly, implementations may wish to
|
||||||
|
consider optional restrictions on the number of redundant leading `0xFF`
|
||||||
|
or `0x00` bytes accepted when reading a `SignedInteger`.
|
||||||
|
|
||||||
**Canonical form for cryptographic hashing and signing.** No canonical
|
**Canonical form for cryptographic hashing and signing.** No canonical
|
||||||
textual encoding of a `Value` is specified. A
|
textual encoding of a `Value` is specified. A
|
||||||
[canonical form][canonical] exists for binary encoded `Value`s, and
|
[canonical form][canonical] exists for binary encoded `Value`s, and
|
||||||
|
|
Loading…
Reference in New Issue