Re: [TLS] TLS 1.3 - Support for compression to be removed
Joseph Salowey <joe@salowey.net> Fri, 09 October 2015 17:20 UTC
Return-Path: <joe@salowey.net>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 125661B48E3 for <tls@ietfa.amsl.com>; Fri, 9 Oct 2015 10:20:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.378
X-Spam-Level:
X-Spam-Status: No, score=-1.378 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, J_CHICKENPOX_51=0.6, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Xll1xBQXHUBl for <tls@ietfa.amsl.com>; Fri, 9 Oct 2015 10:20:48 -0700 (PDT)
Received: from mail-lb0-f170.google.com (mail-lb0-f170.google.com [209.85.217.170]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2CB491B48F1 for <tls@ietf.org>; Fri, 9 Oct 2015 10:20:45 -0700 (PDT)
Received: by lbcao8 with SMTP id ao8so88810754lbc.3 for <tls@ietf.org>; Fri, 09 Oct 2015 10:20:43 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:content-type; bh=GvvoXhLtOE0jRxIMpOrbunII7/wfn70NNP+GOrGHFhU=; b=gBhAocPCMwgtB5V85vroaN6leCFhpYydJeLIA7RPFKlLMdrLlA7AA1+gNyhyFbscts EgT+PY5bOlh0Xf+VhBvkvevBjOahOzTUhdSLAxp4ER9SBC5RsghQBqv+kRdwRFfWqKMn vlKOWkmECUq41IWjwhczApcrFoXAAiu7+Bq57NqXjtz8eYq1pAe8Ev9qW6P2815iw8NO omsVv8s21cNvqvH3q7ARo5CdCpnxAsbD77ByOjCv3b0fjj49DErxtTNZtqjiKOcV1tOQ UmTxFgWohj0vLzDLfWEtf79tyjje+NGIh6XO01OEf23CMPs2cUlHFOw9gsEGNUNl4AM9 +qRA==
X-Gm-Message-State: ALoCoQliamQ1b0nW96lDDoN41iWrPDtnDIUsoIxiP0oR8nWj3BBe8rwST70cvJsudUAdXWcFNFTN
MIME-Version: 1.0
X-Received: by 10.112.210.129 with SMTP id mu1mr7265725lbc.68.1444411243389; Fri, 09 Oct 2015 10:20:43 -0700 (PDT)
Received: by 10.112.2.231 with HTTP; Fri, 9 Oct 2015 10:20:43 -0700 (PDT)
In-Reply-To: <CABcZeBPK-mYuY1rFXUnKQNPhbUss4gz_+AR33A8f9Orw36bDrg@mail.gmail.com>
References: <CABcZeBNkePGEhTyZs6_7dtnyiP5cVKkcSUzcD-NspZti2-MVPg@mail.gmail.com> <20151008212255.D1F431A2CF@ld9781.wdf.sap.corp> <CABcZeBPK-mYuY1rFXUnKQNPhbUss4gz_+AR33A8f9Orw36bDrg@mail.gmail.com>
Date: Fri, 09 Oct 2015 10:20:43 -0700
Message-ID: <CAOgPGoAYBsr7FsACe1bF0VKs_x+uS+kA_LO9b7xrg6fKGVUuwQ@mail.gmail.com>
From: Joseph Salowey <joe@salowey.net>
To: "tls@ietf.org" <tls@ietf.org>
Content-Type: multipart/alternative; boundary="001a11c31e4c127d9b0521af33fc"
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/A_LkNPWZavKLFo0HC79nnDCCzzY>
Subject: Re: [TLS] TLS 1.3 - Support for compression to be removed
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 09 Oct 2015 17:20:50 -0000
The chairs have read through this thread and do not see any new information that would cause the working group to reconsider the decision to remove compression from TLS 1.3. Discussions about clarifying the language and intent of the document are OK. Thanks, J&S On Thu, Oct 8, 2015 at 6:42 PM, Eric Rescorla <ekr@rtfm.com> wrote: > > > On Thu, Oct 8, 2015 at 11:22 PM, Martin Rex <mrex@sap.com> wrote: > >> Eric Rescorla wrote: >> > Short, Todd <tshort@akamai.com> wrote: >> >> >> >> However, for those ClientHello?s that support older versions, the >> >> compression_method field may contain other values. This means that if a >> >> TLSv1.3 client happened to support compression for TLSv1.2, it would be >> >> unable to negotiate that via a single ClientHello. There?s no way to >> >> attempt to negotiate TLSv1.2+compression and TLSv1.3+no-compression in >> a >> >> single ClientHello. >> >> Yup, that is the problem with the current text. > > > Thanks for clarifying this. > > >> >> >> > >> >> In effect, the document is stating that a TLSv1.3 client MUST NOT >> support >> >> compression, regardless of the protocol version that may be negotiated. >> > >> > Yes, this is what I believe it says and what I believe the WG had >> consensus >> > on, the reasoning being that we really wished to just remove the feature >> > entirely. If the chairs declare consensus on something else, I will of >> > course edit it to say something else. >> >> The current text is trying to force a specific policy in a fashion >> that is in the worst conceivable violation of rfc2119 section 6 that >> is possible. >> >> A ClientHello with >> >> ClientHello.client_version = (3,3) >> ClientHello.compression_methods = (1,0) >> >> will be interoperable with TLSv1.0, TLSv1.1, TLSv1.2 and TLSv1.3 servers. >> >> >> ClientHello.client_version = (3,4) >> ClientHello.compression_methods = (1,0) >> >> will be interoperable with TLSv1.0, TLSv1.1 and TLSv1.2 servers, >> but TLSv1.3 servers that follow the stupid idea will choke and >> abort with an "illegal_parameter" alert. >> >> Essentially, the current wording is calling for a newly creating what >> must be called a "compression method intolerance" -- but essentially >> it is indistinguishable from a "TLS version intolerance" > > > Hmm... I'm not sure I follow this argument. We have a bunch of rules for > how TLS 1.3 clients MUST behave and TLS 1.3 servers will choke if > they don't. This doesn't create any present interop problem and only > creates a problem if in future we wish to reintroduce compression. > Is that your concern? > > > >> For a number of years, it seemed to have been consensus in the IETF TLS WG >> that TLS version intolerance is an implemenattion defect and a real >> problem. >> It would be sad if the current TLS WG would confirm that recklessly adding >> handshake failure causing new intolerances into TLSv1.3 is the new >> engeneering approach. > > > As I said, I edited the document in conformance with what I believed the > chair declaration of WG consensus was. If the WG consensus is to remove > this requirement, then I will of course do so. So, rather than going back > and > forth, I would suggest that the best way for you to proceed here is to: > > 1. Ask the chairs to re-state the previous consensus. If I misunderstood, > then that's > easy. > 2. If you're still not happy, then you could ask the chairs to re-assess > the currnet > consensus. > 3. If you're still not happy, and you believe this violates 2119, then you > can of > course appeal. > > This of course also goes for people who think we should re-allow > compression. > > Best, > -Ekr > > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls > >
- [TLS] TLS 1.3 - Support for compression to be rem… Alewa, Christos
- Re: [TLS] TLS 1.3 - Support for compression to be… Julien ÉLIE
- Re: [TLS] TLS 1.3 - Support for compression to be… Salz, Rich
- Re: [TLS] TLS 1.3 - Support for compression to be… Julien ÉLIE
- Re: [TLS] TLS 1.3 - Support for compression to be… Kurt Roeckx
- Re: [TLS] TLS 1.3 - Support for compression to be… Loganaden Velvindron
- Re: [TLS] TLS 1.3 - Support for compression to be… Julien ÉLIE
- Re: [TLS] TLS 1.3 - Support for compression to be… Geoffrey Keating
- Re: [TLS] TLS 1.3 - Support for compression to be… Salz, Rich
- Re: [TLS] TLS 1.3 - Support for compression to be… Dave Garrett
- Re: [TLS] TLS 1.3 - Support for compression to be… Julien ÉLIE
- Re: [TLS] TLS 1.3 - Support for compression to be… Watson Ladd
- Re: [TLS] TLS 1.3 - Support for compression to be… Julien ÉLIE
- Re: [TLS] TLS 1.3 - Support for compression to be… Karthikeyan Bhargavan
- Re: [TLS] TLS 1.3 - Support for compression to be… Salz, Rich
- Re: [TLS] TLS 1.3 - Support for compression to be… Julien ÉLIE
- Re: [TLS] TLS 1.3 - Support for compression to be… Viktor Dukhovni
- Re: [TLS] TLS 1.3 - Support for compression to be… Julien ÉLIE
- Re: [TLS] TLS 1.3 - Support for compression to be… Daniel Kahn Gillmor
- Re: [TLS] TLS 1.3 - Support for compression to be… Tony Arcieri
- Re: [TLS] TLS 1.3 - Support for compression to be… Thijs van Dijk
- Re: [TLS] TLS 1.3 - Support for compression to be… Simon Josefsson
- Re: [TLS] TLS 1.3 - Support for compression to be… Blumenthal, Uri - 0553 - MITLL
- Re: [TLS] TLS 1.3 - Support for compression to be… Watson Ladd
- Re: [TLS] TLS 1.3 - Support for compression to be… Tony Arcieri
- Re: [TLS] TLS 1.3 - Support for compression to be… Stephen Farrell
- Re: [TLS] TLS 1.3 - Support for compression to be… Joseph Lorenzo Hall
- Re: [TLS] TLS 1.3 - Support for compression to be… Julien ÉLIE
- Re: [TLS] TLS 1.3 - Support for compression to be… Tony Arcieri
- Re: [TLS] TLS 1.3 - Support for compression to be… Dave Garrett
- Re: [TLS] TLS 1.3 - Support for compression to be… Yoav Nir
- Re: [TLS] TLS 1.3 - Support for compression to be… Julien ÉLIE
- Re: [TLS] TLS 1.3 - Support for compression to be… Salz, Rich
- Re: [TLS] TLS 1.3 - Support for compression to be… Julien ÉLIE
- Re: [TLS] TLS 1.3 - Support for compression to be… Jeffrey Walton
- Re: [TLS] TLS 1.3 - Support for compression to be… Dave Garrett
- Re: [TLS] TLS 1.3 - Support for compression to be… Watson Ladd
- Re: [TLS] TLS 1.3 - Support for compression to be… Stephen Farrell
- Re: [TLS] TLS 1.3 - Support for compression to be… Yoav Nir
- Re: [TLS] TLS 1.3 - Support for compression to be… Dave Garrett
- Re: [TLS] TLS 1.3 - Support for compression to be… Benjamin Kaduk
- Re: [TLS] TLS 1.3 - Support for compression to be… Kurt Roeckx
- Re: [TLS] TLS 1.3 - Support for compression to be… Peter Gutmann
- Re: [TLS] TLS 1.3 - Support for compression to be… Colm MacCárthaigh
- Re: [TLS] TLS 1.3 - Support for compression to be… Tony Arcieri
- Re: [TLS] TLS 1.3 - Support for compression to be… Colm MacCárthaigh
- Re: [TLS] TLS 1.3 - Support for compression to be… Bill Frantz
- Re: [TLS] TLS 1.3 - Support for compression to be… Jeffrey Walton
- Re: [TLS] TLS 1.3 - Support for compression to be… Björn Tackmann
- Re: [TLS] TLS 1.3 - Support for compression to be… Bill Frantz
- Re: [TLS] TLS 1.3 - Support for compression to be… Jeffrey Walton
- Re: [TLS] TLS 1.3 - Support for compression to be… Yoav Nir
- Re: [TLS] TLS 1.3 - Support for compression to be… Nikos Mavrogiannopoulos
- Re: [TLS] TLS 1.3 - Support for compression to be… Julien ÉLIE
- Re: [TLS] TLS 1.3 - Support for compression to be… Julien ÉLIE
- Re: [TLS] TLS 1.3 - Support for compression to be… Jeremy Harris
- Re: [TLS] TLS 1.3 - Support for compression to be… Dave Garrett
- Re: [TLS] TLS 1.3 - Support for compression to be… Viktor Dukhovni
- Re: [TLS] TLS 1.3 - Support for compression to be… Yuhong Bao
- Re: [TLS] TLS 1.3 - Support for compression to be… Salz, Rich
- Re: [TLS] TLS 1.3 - Support for compression to be… Viktor Dukhovni
- Re: [TLS] TLS 1.3 - Support for compression to be… takamichi saito
- Re: [TLS] TLS 1.3 - Support for compression to be… Roland Zink
- Re: [TLS] TLS 1.3 - Support for compression to be… Salz, Rich
- Re: [TLS] TLS 1.3 - Support for compression to be… Eric Rescorla
- Re: [TLS] TLS 1.3 - Support for compression to be… Daniel Kahn Gillmor
- Re: [TLS] TLS 1.3 - Support for compression to be… Salz, Rich
- Re: [TLS] TLS 1.3 - Support for compression to be… Martin Rex
- Re: [TLS] TLS 1.3 - Support for compression to be… Yoav Nir
- Re: [TLS] TLS 1.3 - Support for compression to be… Daniel Kahn Gillmor
- Re: [TLS] TLS 1.3 - Support for compression to be… Ilari Liusvaara
- Re: [TLS] TLS 1.3 - Support for compression to be… takamichi saito
- Re: [TLS] TLS 1.3 - Support for compression to be… takamichi saito
- Re: [TLS] TLS 1.3 - Support for compression to be… Eric Rescorla
- Re: [TLS] TLS 1.3 - Support for compression to be… Yoav Nir
- Re: [TLS] TLS 1.3 - Support for compression to be… Tony Arcieri
- Re: [TLS] TLS 1.3 - Support for compression to be… Jeffrey Walton
- Re: [TLS] TLS 1.3 - Support for compression to be… Tony Arcieri
- Re: [TLS] TLS 1.3 - Support for compression to be… Dave Garrett
- Re: [TLS] TLS 1.3 - Support for compression to be… Jeffrey Walton
- Re: [TLS] TLS 1.3 - Support for compression to be… Dave Garrett
- Re: [TLS] TLS 1.3 - Support for compression to be… Dave Garrett
- Re: [TLS] TLS 1.3 - Support for compression to be… Tony Arcieri
- Re: [TLS] TLS 1.3 - Support for compression to be… Dave Garrett
- Re: [TLS] TLS 1.3 - Support for compression to be… Jeffrey Walton
- Re: [TLS] TLS 1.3 - Support for compression to be… Watson Ladd
- Re: [TLS] TLS 1.3 - Support for compression to be… Tony Arcieri
- Re: [TLS] TLS 1.3 - Support for compression to be… Eric Rescorla
- Re: [TLS] TLS 1.3 - Support for compression to be… Salz, Rich
- Re: [TLS] TLS 1.3 - Support for compression to be… Jeffrey Walton
- Re: [TLS] TLS 1.3 - Support for compression to be… Eric Rescorla
- Re: [TLS] TLS 1.3 - Support for compression to be… Martin Thomson
- Re: [TLS] TLS 1.3 - Support for compression to be… Eric Rescorla
- Re: [TLS] TLS 1.3 - Support for compression to be… Martin Thomson
- Re: [TLS] TLS 1.3 - Support for compression to be… Douglas Stebila
- Re: [TLS] TLS 1.3 - Support for compression to be… Martin Rex
- Re: [TLS] TLS 1.3 - Support for compression to be… Dave Garrett
- Re: [TLS] TLS 1.3 - Support for compression to be… Eric Rescorla
- Re: [TLS] TLS 1.3 - Support for compression to be… Martin Rex
- Re: [TLS] TLS 1.3 - Support for compression to be… Eric Rescorla
- Re: [TLS] TLS 1.3 - Support for compression to be… Short, Todd
- Re: [TLS] TLS 1.3 - Support for compression to be… Geoffrey Keating
- Re: [TLS] TLS 1.3 - Support for compression to be… Eric Rescorla
- Re: [TLS] TLS 1.3 - Support for compression to be… Tony Arcieri
- Re: [TLS] TLS 1.3 - Support for compression to be… Bill Frantz
- Re: [TLS] TLS 1.3 - Support for compression to be… Martin Rex
- Re: [TLS] TLS 1.3 - Support for compression to be… Jeffrey Walton
- Re: [TLS] TLS 1.3 - Support for compression to be… Watson Ladd
- Re: [TLS] TLS 1.3 - Support for compression to be… Jeffrey Walton
- Re: [TLS] TLS 1.3 - Support for compression to be… Tony Arcieri
- Re: [TLS] TLS 1.3 - Support for compression to be… Short, Todd
- Re: [TLS] TLS 1.3 - Support for compression to be… Eric Rescorla
- Re: [TLS] TLS 1.3 - Support for compression to be… Joseph Salowey
- Re: [TLS] TLS 1.3 - Support for compression to be… Martin Rex
- Re: [TLS] TLS 1.3 - Support for compression to be… Watson Ladd
- Re: [TLS] TLS 1.3 - Support for compression to be… Martin Rex
- Re: [TLS] TLS 1.3 - Support for compression to be… Dave Garrett
- Re: [TLS] TLS 1.3 - Support for compression to be… takamichi saito
- Re: [TLS] TLS 1.3 - Support for compression to be… takamichi saito
- Re: [TLS] TLS 1.3 - Support for compression to be… Julien ÉLIE