Re: [TLS] Confirmation of Consensus on Removing Compression from TLS 1.3
Eric Rescorla <ekr@rtfm.com> Sat, 26 April 2014 15:35 UTC
Return-Path: <ekr@rtfm.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AAFDF1A04E9 for <tls@ietfa.amsl.com>; Sat, 26 Apr 2014 08:35:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.977
X-Spam-Level:
X-Spam-Status: No, score=-1.977 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ux-wP9XBtfVo for <tls@ietfa.amsl.com>; Sat, 26 Apr 2014 08:35:58 -0700 (PDT)
Received: from mail-wg0-f51.google.com (mail-wg0-f51.google.com [74.125.82.51]) by ietfa.amsl.com (Postfix) with ESMTP id E65CC1A01DA for <tls@ietf.org>; Sat, 26 Apr 2014 08:35:57 -0700 (PDT)
Received: by mail-wg0-f51.google.com with SMTP id z12so3576357wgg.10 for <tls@ietf.org>; Sat, 26 Apr 2014 08:35:50 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type; bh=QGTEsf7isGKg/9bcw6dMruImJwz1XTGX41bHR0khSnY=; b=DqYo1lDumK21K44I39R8E8+2kKEwE3qbi6sUw+gyzR3cZH04CytAvC0SiVsM6JKDFs gDQJoCjvbswT5bpW912ipt+njxftZ3g7gRP3E+DvOG4C5A4Dw4Fl+/xaB2yehDD3+0Ab rugAwdPlGVlDKoNvK5QA6XKNvfOpBL8ZWbx8Ko7nlbchTUHzLAQXTfH+ex4lkG7AF/9N 9Aq7emxSQVrQniQemKO4BDy0vT87OPctxqnbKZhJGuxpamnPNNWbYktXgpyYuYUB033U C+2ZjRBmQCadGUhY8egl7ri1N9XG55GiISfL8Hky/v8nZN3EqpvLqEWhZSBk4YbnOxTM P/mQ==
X-Gm-Message-State: ALoCoQnSeES/VnC/5fTb6KE6bs62oKiE6Bo3Iu3qFtm7JyN4ddIcoWnSAlCWMbhRbK0c4RGTtRWf
X-Received: by 10.194.187.107 with SMTP id fr11mr36988wjc.70.1398526550625; Sat, 26 Apr 2014 08:35:50 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.216.218.198 with HTTP; Sat, 26 Apr 2014 08:35:10 -0700 (PDT)
X-Originating-IP: [74.95.2.168]
In-Reply-To: <C490E2C7-6435-4483-9C82-89A9F00392F4@cisco.com>
References: <DA7A3139-EE44-4FE2-B674-4ECAE4D51079@cisco.com> <C490E2C7-6435-4483-9C82-89A9F00392F4@cisco.com>
From: Eric Rescorla <ekr@rtfm.com>
Date: Sat, 26 Apr 2014 08:35:10 -0700
Message-ID: <CABcZeBMuvQ0s+Rm9opdJZ8-f+=tHUd6wLoSDpF8C7cTfQG3yRg@mail.gmail.com>
To: "Joseph Salowey (jsalowey)" <jsalowey@cisco.com>
Content-Type: multipart/alternative; boundary="047d7bb03f604262f704f7f3d66b"
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/ShFIidDSDjSHEUdVbxFF4yF_DLk
Cc: "<tls@ietf.org>" <tls@ietf.org>
Subject: Re: [TLS] Confirmation of Consensus on Removing Compression from TLS 1.3
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 26 Apr 2014 15:35:59 -0000
Acknowledged. I will prepare these changes (and those for the other two issues) as git pull requests and notify the list so that people can confirm that the changes accurately capture the consensus of the WG. -Ekr On Sat, Apr 26, 2014 at 8:24 AM, Joseph Salowey (jsalowey) < jsalowey@cisco.com> wrote: > We have strong confirmation of consensus to remove compression from TLS > 1.3. The Editor is requested to make the appropriate changes to the draft > on github. > > Joe > [For the chairs] > On Mar 26, 2014, at 11:42 AM, Joe Salowey <jsalowey@cisco.com> wrote: > > > The use of compression within TLS has resulted in vulnerabilities that > can be exploited to disclose TLS encrypted application data. The > consensus in the room at IETF-89 was to remove compression from TLS 1.3 to > remove this attack vector. If you have concerns about this decision please > respond on the TLS list by April 11, 2014. > > > > Thanks, > > > > Joe > > [Speaking for the TLS chairs] > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls >
- [TLS] Confirmation of Consensus on Removing Compr… Joseph Salowey (jsalowey)
- Re: [TLS] Confirmation of Consensus on Removing C… Yaron Sheffer
- Re: [TLS] Confirmation of Consensus on Removing C… Martin Thomson
- Re: [TLS] Confirmation of Consensus on Removing C… Martin Rex
- Re: [TLS] Confirmation of Consensus on Removing C… Eric Rescorla
- Re: [TLS] Confirmation of Consensus on Removing C… Paterson, Kenny
- Re: [TLS] Confirmation of Consensus on Removing C… Martin Rex
- Re: [TLS] Confirmation of Consensus on Removing C… Eric Rescorla
- Re: [TLS] Confirmation of Consensus on Removing C… Watson Ladd
- Re: [TLS] Confirmation of Consensus on Removing C… Martin Rex
- Re: [TLS] Confirmation of Consensus on Removing C… Joachim Strömbergson
- Re: [TLS] Confirmation of Consensus on Removing C… Alyssa Rowan
- Re: [TLS] Confirmation of Consensus on Removing C… Richard Hartmann
- Re: [TLS] Confirmation of Consensus on Removing C… Peter Gutmann
- Re: [TLS] Confirmation of Consensus on Removing C… Karthikeyan Bhargavan
- Re: [TLS] Confirmation of Consensus on Removing C… Bill Frantz
- Re: [TLS] Confirmation of Consensus on Removing C… Joseph Salowey (jsalowey)
- Re: [TLS] Confirmation of Consensus on Removing C… Eric Rescorla
- Re: [TLS] Confirmation of Consensus on Removing C… Eric Rescorla