Re: [TLS] WG Call for adoption of draft-ghedini-tls-certificate-compression

Russ Housley <housley@vigilsec.com> Wed, 17 May 2017 16:00 UTC

Return-Path: <housley@vigilsec.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B0C8D12EAFA for <tls@ietfa.amsl.com>; Wed, 17 May 2017 09:00:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2sVtNopl-DvW for <tls@ietfa.amsl.com>; Wed, 17 May 2017 09:00:21 -0700 (PDT)
Received: from mail.smeinc.net (mail.smeinc.net [209.135.209.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BCAB1129AEA for <tls@ietf.org>; Wed, 17 May 2017 08:54:20 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mail.smeinc.net (Postfix) with ESMTP id 1DFF1300541 for <tls@ietf.org>; Wed, 17 May 2017 11:54:20 -0400 (EDT)
X-Virus-Scanned: amavisd-new at mail.smeinc.net
Received: from mail.smeinc.net ([127.0.0.1]) by localhost (mail.smeinc.net [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id n-d_BB7UUH1Q for <tls@ietf.org>; Wed, 17 May 2017 11:54:18 -0400 (EDT)
Received: from a860b60074bd.home (pool-108-45-101-150.washdc.fios.verizon.net [108.45.101.150]) by mail.smeinc.net (Postfix) with ESMTPSA id C4A2C300096; Wed, 17 May 2017 11:54:18 -0400 (EDT)
Content-Type: text/plain; charset=us-ascii
Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\))
From: Russ Housley <housley@vigilsec.com>
In-Reply-To: <11E2F0BE-9F26-455F-9C99-E2B77245EF62@sn3rd.com>
Date: Wed, 17 May 2017 11:54:20 -0400
Cc: IETF TLS <tls@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <B2E271A8-6053-420D-A8BE-21420923EFFC@vigilsec.com>
References: <11E2F0BE-9F26-455F-9C99-E2B77245EF62@sn3rd.com>
To: Sean Turner <sean@sn3rd.com>
X-Mailer: Apple Mail (2.3273)
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/5LcsvWVtE96iYAFI7SegzCjSyAk>
Subject: Re: [TLS] WG Call for adoption of draft-ghedini-tls-certificate-compression
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 17 May 2017 16:00:23 -0000

I support adoption, and I am willing to review.

I note that this document defines the Certificate structure as:

       struct {
            uint24 uncompressed_length;
            opaque compressed_certificate_message<1..2^24-1>;
       } Certificate;

However, the current TLS 1.3 already defines a Certificate structure as:

      struct {
          opaque certificate_request_context<0..2^8-1>;
          CertificateEntry certificate_list<0..2^24-1>;
      } Certificate;

I think the one in this document should be renamed.

Russ



> On May 16, 2017, at 8:52 AM, Sean Turner <sean@sn3rd.com> wrote:
> 
> All,
> 
> At the IETF 98 meeting in Chicago, there was support in the room to adopt https://datatracker.ietf.org/doc/draft-ghedini-tls-certificate-compression/. We are looking for feedback on adopting this draft form the list. Please respond if you support the draft and are willing to review it. If you object to its adoption, please let us know why. Please respond to the list by 20170530.
> 
> Cheers,
> 
> J&S
> 
> Apologies - we dropped the ball on this adoption call, the call should have gone out with the others.
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls