Re: [TLS] I-D Action: draft-ietf-tls-certificate-compression-05.txt

John Mattsson <john.mattsson@ericsson.com> Fri, 05 April 2019 11:04 UTC

Return-Path: <john.mattsson@ericsson.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A5C091203CE for <tls@ietfa.amsl.com>; Fri, 5 Apr 2019 04:04:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hQ4kQ0yRAVuL for <tls@ietfa.amsl.com>; Fri, 5 Apr 2019 04:04:02 -0700 (PDT)
Received: from EUR02-AM5-obe.outbound.protection.outlook.com (mail-eopbgr00051.outbound.protection.outlook.com [40.107.0.51]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CC59D1203CD for <tls@ietf.org>; Fri, 5 Apr 2019 04:04:01 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=5a1W/QVQc0o3b2nOXfJF32CDtPiZMnMyLKZGqYfYRMU=; b=MWk8jbOCRnwi0vqO8jn2ag67k5XLDLW0KtGJKVwXJ9Fn+LV2UsHpAPitsvvthYT3/UHk6zWGr97fIyGqX4NGA4ISDBt5LQHoh2+JSlFx0/ok9YeBKrb1HMgwWDdnncwDsexT9439uSnjValXAU3QMh8PTvoPPYMNpoPtQOGMf+E=
Received: from VI1PR07MB4175.eurprd07.prod.outlook.com (20.176.6.24) by VI1PR07MB5693.eurprd07.prod.outlook.com (20.178.120.219) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1792.8; Fri, 5 Apr 2019 11:03:58 +0000
Received: from VI1PR07MB4175.eurprd07.prod.outlook.com ([fe80::6df6:7394:f531:2436]) by VI1PR07MB4175.eurprd07.prod.outlook.com ([fe80::6df6:7394:f531:2436%2]) with mapi id 15.20.1771.011; Fri, 5 Apr 2019 11:03:58 +0000
From: John Mattsson <john.mattsson@ericsson.com>
To: Jeremy Harris <jgh@wizmail.org>, "tls@ietf.org" <tls@ietf.org>
Thread-Topic: [TLS] I-D Action: draft-ietf-tls-certificate-compression-05.txt
Thread-Index: AQHU65bmUD0chwOOnEeIC41x2K33zaYtXyQAgAApvgA=
Date: Fri, 05 Apr 2019 11:03:58 +0000
Message-ID: <187E4B97-9285-4399-A74A-110886486AD6@ericsson.com>
References: <155445860706.13142.18114741162189514330@ietfa.amsl.com> <740c8243-395d-61ee-ad64-58557ec99526@wizmail.org>
In-Reply-To: <740c8243-395d-61ee-ad64-58557ec99526@wizmail.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.17.1.190326
authentication-results: spf=none (sender IP is ) smtp.mailfrom=john.mattsson@ericsson.com;
x-originating-ip: [192.176.1.85]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: af40dd18-0ef5-4963-fcde-08d6b9b66756
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600139)(711020)(4605104)(2017052603328)(7193020); SRVR:VI1PR07MB5693;
x-ms-traffictypediagnostic: VI1PR07MB5693:
x-ms-exchange-purlcount: 2
x-microsoft-antispam-prvs: <VI1PR07MB56934F6EAC410E495B82CDC389510@VI1PR07MB5693.eurprd07.prod.outlook.com>
x-forefront-prvs: 0998671D02
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(346002)(396003)(39860400002)(136003)(376002)(366004)(189003)(199004)(13464003)(66066001)(71190400001)(229853002)(71200400001)(97736004)(7736002)(110136005)(14454004)(68736007)(82746002)(14444005)(2501003)(256004)(316002)(966005)(5660300002)(58126008)(25786009)(66574012)(478600001)(305945005)(81166006)(81156014)(8676002)(83716004)(2906002)(6486002)(3846002)(476003)(6512007)(486006)(106356001)(36756003)(53546011)(11346002)(2616005)(6306002)(6506007)(186003)(86362001)(8936002)(76176011)(105586002)(6246003)(6436002)(26005)(446003)(53936002)(99286004)(44832011)(33656002)(6116002)(102836004); DIR:OUT; SFP:1101; SCL:1; SRVR:VI1PR07MB5693; H:VI1PR07MB4175.eurprd07.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: ericsson.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: qh1Q3RfpgTrV3DK6vdifRTlcAmn+xv43yN4jmSG2Or6hnqKsGMh/PQvB4VQsAJyZ/erCNJfANM30CYZPaGlYe8UhvuTLLdLCTX+CGfWtC9qNCtpUdD5Rl6kbbPcfW1CC+6PV4MFBdXl06Ry4n7a+xZdeG+Ts6j0CIFU31zf6cKQi2UGpy+O7LdCPsfkgCvitn+ehjg0ecWmfEi5gk3o2vHUllHyaVtdxg4YObofsNv3zbmxvXUOxUo19rVUiXjoF5QMboce0MUNmCnEou9v5hsAh6v3q3cDE4a1pbsKjLpPKx4VHK/KPZon5tQcGNxnlrBBCfClleCD2hHiSLeOEGJkvgvkE2QO+JcDxk/enloGaHABwDZCkslHmxlEgBwQddM5w9vpYYtJ293xstons5adMCs1EQiOmqeh8gRFoaVI=
Content-Type: text/plain; charset="utf-8"
Content-ID: <83C5A72ED37C8A419777D8FA2A8BC2A7@eurprd07.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-Network-Message-Id: af40dd18-0ef5-4963-fcde-08d6b9b66756
X-MS-Exchange-CrossTenant-originalarrivaltime: 05 Apr 2019 11:03:58.6753 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR07MB5693
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/7Eeuyj-o6qHfZevD_EAJINIKaCw>
Subject: Re: [TLS] I-D Action: draft-ietf-tls-certificate-compression-05.txt
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 05 Apr 2019 11:04:05 -0000

If fragmentation is used on some layer, lowering the number of bytes can definitely reduce the number of round-trips. This should probably be explained a bit more.

If used in any of the TLS based EAP methods, the use of compression may even be needed to make the handshake complete at all as many access points drop EAP connections after 40-50 packets.
https://tools.ietf.org/html/draft-ms-emu-eaptlscert-02

John

-----Original Message-----
From: TLS <tls-bounces@ietf.org> on behalf of Jeremy Harris <jgh@wizmail.org>
Date: Friday, 5 April 2019 at 12:35
To: "TLS@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] I-D Action: draft-ietf-tls-certificate-compression-05.txt

    On 05/04/2019 11:03, internet-drafts@ietf.org wrote:
    >    In TLS handshakes, certificate chains often take up the majority of
    >    the bytes transmitted.
    > 
    >    This document describes how certificate chains can be compressed to
    >    reduce the amount of data transmitted and avoid some round trips.
    
    Reducing the number of bytes (and possibly packets) is a good thing,
    but how does this reduce roundtrips?
    -- 
    Thanks,
      Jeremy
    
    _______________________________________________
    TLS mailing list
    TLS@ietf.org
    https://www.ietf.org/mailman/listinfo/tls