Re: [TLS] TLS 1.3 - Support for compression to be removed

Ilari Liusvaara <ilari.liusvaara@elisanet.fi> Sat, 03 October 2015 17:55 UTC

Return-Path: <ilari.liusvaara@elisanet.fi>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ACEB31B2FF4 for <tls@ietfa.amsl.com>; Sat, 3 Oct 2015 10:55:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ona6O7wcE9DW for <tls@ietfa.amsl.com>; Sat, 3 Oct 2015 10:55:17 -0700 (PDT)
Received: from emh06.mail.saunalahti.fi (emh06.mail.saunalahti.fi [62.142.5.116]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A43C91B371E for <tls@ietf.org>; Sat, 3 Oct 2015 10:55:16 -0700 (PDT)
Received: from LK-Perkele-VII (a91-155-194-207.elisa-laajakaista.fi [91.155.194.207]) by emh06.mail.saunalahti.fi (Postfix) with ESMTP id 8308969974; Sat, 3 Oct 2015 20:55:13 +0300 (EEST)
Date: Sat, 03 Oct 2015 20:55:13 +0300
From: Ilari Liusvaara <ilari.liusvaara@elisanet.fi>
To: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Message-ID: <20151003175512.GA26293@LK-Perkele-VII>
References: <20151002162424.63B871A2BA@ld9781.wdf.sap.corp> <87a8s0549t.fsf@alice.fifthhorseman.net>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
In-Reply-To: <87a8s0549t.fsf@alice.fifthhorseman.net>
User-Agent: Mutt/1.5.24 (2015-08-30)
Sender: Ilari Liusvaara <ilari.liusvaara@elisanet.fi>
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/JWevhmmmXZOyE3WBgKnBh_L6XcQ>
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] TLS 1.3 - Support for compression to be removed
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 03 Oct 2015 17:55:19 -0000

On Sat, Oct 03, 2015 at 12:02:38PM -0400, Daniel Kahn Gillmor wrote:
> On Fri 2015-10-02 12:24:24 -0400, Martin Rex wrote:
> 
> > But the collateral damage is that you break stuff that feeds on the
> > outer record layer structure and state, which can easily push adoption
> > of TLSv1.3 from the 5-years-spec-to-usage for TLSv1.2 to the
> > 15-years-spec-to-marginal-use marginal use seen with IPv6.
> 
> Can you enumerate the stuff you expect to break from encrypted content
> type that will cause a decade-long delay in adoption?  It would be great
> to have a list of those things so we can evaluate them.

I personally would expect that anything that would be broken by content
type encryption is already broken by fixing the handshake (it has number
of known flaws).

That version number field that has absolutely no use in encrypted records
is still there... For compatiblity.

Also, new user protocols (like TLS) are much much easier to deploy than
new addressing protocols (like IPv6).

And the stuff that breaks... Probably some badly done "middleware" in
"enterprise" environment.


-Ilari