Re: [TLS] Confirmation of Consensus on Removing Compression from TLS 1.3 (Martin Rex) Thu, 27 March 2014 00:04 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id E8CF21A0406 for <>; Wed, 26 Mar 2014 17:04:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -5.552
X-Spam-Status: No, score=-5.552 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_EQ_DE=0.35, J_BACKHAIR_57=1, RCVD_IN_DNSWL_HI=-5, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id DlxORhB-YQPf for <>; Wed, 26 Mar 2014 17:04:34 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id F17071A03FE for <>; Wed, 26 Mar 2014 17:04:33 -0700 (PDT)
Received: from by (26) with ESMTP id s2R04Vlg004504 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Thu, 27 Mar 2014 01:04:31 +0100 (MET)
In-Reply-To: <>
To: Eric Rescorla <>
Date: Thu, 27 Mar 2014 01:04:31 +0100 (CET)
X-Mailer: ELM [version 2.4ME+ PL125 (25)]
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="US-ASCII"
Message-Id: <>
From: (Martin Rex)
X-SAP: out
Cc: "" <>
Subject: Re: [TLS] Confirmation of Consensus on Removing Compression from TLS 1.3
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 27 Mar 2014 00:04:36 -0000

Eric Rescorla wrote:
> This is more an http issue than a tls issue but we pretty much have
> to go with the Web we have which includes (restricted) cross origin
> requests subject to the same origin policy.

Eric, in principle I'm with you.  The TLS WG needs to take into account
real world usage scenarios or it will cease to be a useful technology.

But we are having a real problem that folks a looking at TLS to be
"magic pixie dust", and the perception that any apps or protocol design,
no matter what design flaws it has, will automatically become secure
by adding TLS to it.

I don't see a solution for the disclosing authentication (=passwords)
at the human<->machine interface, not even on the horizon.

But the disclosing authentication on pure machine<->machine interfaces
(including "SSL Cookies") provides ample opportunity for new security
problems, and I'm seeing that TLS channel encryption is (ab)used to
excuse the continued use of disclosing authentication on what is
pure machine<->machine interfaces, and that train is heading in
the wrong direction.