Re: [TLS] I-D Action: draft-ietf-tls-certificate-compression-05.txt

Alessandro Ghedini <alessandro@ghedini.me> Fri, 05 April 2019 10:11 UTC

Return-Path: <alessandro@ghedini.me>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7C9BA120183 for <tls@ietfa.amsl.com>; Fri, 5 Apr 2019 03:11:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ghedini.me
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9E5IxzxmVS-o for <tls@ietfa.amsl.com>; Fri, 5 Apr 2019 03:11:47 -0700 (PDT)
Received: from blastoise.ghedini.me (blastoise.ghedini.me [45.32.158.21]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9D18D120086 for <tls@ietf.org>; Fri, 5 Apr 2019 03:11:47 -0700 (PDT)
Received: from localhost (unknown [217.138.62.245]) by blastoise.ghedini.me (Postfix) with ESMTPSA id DA7BBDF399 for <tls@ietf.org>; Fri, 5 Apr 2019 10:11:45 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ghedini.me; s=mail; t=1554459106; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=BbDYEyPTCECV4vKcf+BTT/h1upDaFsFq4HObTzt2W4Q=; b=RxkBgc0MbOkdlIRIB3I7oFGdARJ44/Kd0C+wf23eSsNayR5TJAIgAWE4o4swJZG4Z6KZjQ W7z+ESCSjbQL1fE5W+d5mNH0G1EsjZMfFaqdpkr0fEiPWXWN7hXK3rkWSdYEj8pF78w8qB eN7klhp7aJhdCoSp/s2USfuC02wMhRo=
Date: Fri, 5 Apr 2019 11:11:42 +0100
From: Alessandro Ghedini <alessandro@ghedini.me>
To: tls@ietf.org
Message-ID: <20190405101142.GA4036@mandy.flat11.house>
References: <155445860706.13142.18114741162189514330@ietfa.amsl.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <155445860706.13142.18114741162189514330@ietfa.amsl.com>
User-Agent: Mutt/1.10.1 (2018-07-13)
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/OYmUvg1WWyfzqn-sdzVS6z_EJtY>
Subject: Re: [TLS] I-D Action: draft-ietf-tls-certificate-compression-05.txt
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 05 Apr 2019 10:11:49 -0000

On Fri, Apr 05, 2019 at 03:03:27AM -0700, internet-drafts@ietf.org wrote:
> 
> A New Internet-Draft is available from the on-line Internet-Drafts directories.
> This draft is a work item of the Transport Layer Security WG of the IETF.
> 
>         Title           : TLS Certificate Compression
>         Authors         : Alessandro Ghedini
>                           Victor Vasiliev
> 	Filename        : draft-ietf-tls-certificate-compression-05.txt
> 	Pages           : 7
> 	Date            : 2019-04-05
> 
> Abstract:
>    In TLS handshakes, certificate chains often take up the majority of
>    the bytes transmitted.
> 
>    This document describes how certificate chains can be compressed to
>    reduce the amount of data transmitted and avoid some round trips.

This new version addresses the latest round of comments from both the session
at IETF 104 as well as varios discussions on the list.

CHanges include:

* Fix in the definition of CertificateCompressionAlgorithms.
* Clarifications on certain design decisions behnd the spec.
* Definition of requirements on the allowed compression functions.
* Inclusion of code point for the zstd compression algorithm.

We think all of the outstanding issues have now been addressed, so WGLC maybe?

Cheers