Re: [TLS] Certificate compression (a la QUIC) for TLS 1.3
Alessandro Ghedini <alessandro@ghedini.me> Sun, 27 November 2016 15:13 UTC
Return-Path: <alessandro@ghedini.me>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8BDD1129458 for <tls@ietfa.amsl.com>; Sun, 27 Nov 2016 07:13:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.498
X-Spam-Level:
X-Spam-Status: No, score=-3.498 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RP_MATCHES_RCVD=-1.497, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ghedini.me
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HK9-ektcyq_o for <tls@ietfa.amsl.com>; Sun, 27 Nov 2016 07:13:11 -0800 (PST)
Received: from marceline.ghedini.me (marceline.ghedini.me [151.236.26.30]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9957D1293D8 for <tls@ietf.org>; Sun, 27 Nov 2016 07:13:11 -0800 (PST)
Received: from localhost (82-69-45-54.dsl.in-addr.zen.co.uk [82.69.45.54]) by marceline.ghedini.me (Postfix) with ESMTPSA id D757A207CB; Sun, 27 Nov 2016 15:13:05 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=ghedini.me; s=mail; t=1480259585; bh=twAb1r6BaZisPNFRl+zJoF8Z6QtNSADlLJgGg7HxVfc=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=Gym5kxheU14lDYNw3IyGQVLat1DMzAizodF2AvK7T0j4zsjCShMISWisXGE0wG3I5 OCPL1zEGAADpqYt3mAmOuZpcCDhZ6/Tk/kfLGyCMYFdzLYKFaCXJ7XOhYV2dl+V9IV bmmUh9lQ1g7FPLnv+K8C+I9Y5FSrXa0bTGkvZopI=
Date: Sun, 27 Nov 2016 15:13:04 +0000
From: Alessandro Ghedini <alessandro@ghedini.me>
To: Victor Vasiliev <vasilvv@google.com>
Message-ID: <20161127151304.gaqxot5wqcmcey7n@pinky.local>
Mail-Followup-To: Victor Vasiliev <vasilvv@google.com>, tls@ietf.org
References: <20161127015437.kfcwpemeppg3yw7h@pinky.local> <CABcZeBO-7F-s-jtOj7FLO7kko3B+s9TyyO9WaL2MkvtN9JqYbw@mail.gmail.com> <CAAZdMacBDy0tbRvu0zR5FShm-nFZB0FmoSsoB3vT2HqTRPqLLA@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <CAAZdMacBDy0tbRvu0zR5FShm-nFZB0FmoSsoB3vT2HqTRPqLLA@mail.gmail.com>
User-Agent: NeoMutt/20161104 (1.7.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/TPhE5h5y8EKgFYuueDD2MH_vOh4>
Cc: tls@ietf.org
Subject: Re: [TLS] Certificate compression (a la QUIC) for TLS 1.3
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 27 Nov 2016 15:13:13 -0000
On Sat, Nov 26, 2016 at 11:42:20PM -0500, Victor Vasiliev wrote: > I am currently trying to figure out how much of QUIC certificate > compression can be adapted to work with TLS. I will submit a draft as soon > as I have a working prototype. FWIW I too have started working on a prototype for gzip compressing certificates based on BoringSSL: https://github.com/ghedo/boringssl/tree/cert_compress It's not complete yet and I only implemented compression so far based on what Chromium does with QUIC. I also haven't really tested it yet (but at least it builds AFAICT :) ). I'd like to do some tests as well to measure the benefits of this (e.g. download certificates from CT logs and see how effective the compression is). I also started working on a draft for gzip compression of certificates at: https://github.com/ghedo/tls-certificate-compression Or that's the current scope anyway. Maybe it would also make sense to include the full QUIC certificate caching part, but I didn't want to duplicate RFC7924. My intention would be to use gzip-compressed certs on first connect, and then use RFC7924 for consecutive handshakes. The text is not complete and I haven't submitted it yet, though it would be nice if we could work on the same draft together, in order to avoid duplicating work (I can give you or anyone interested commit access to the repo). Cheers
- [TLS] Certificate compression (a la QUIC) for TLS… Alessandro Ghedini
- Re: [TLS] Certificate compression (a la QUIC) for… Eric Rescorla
- Re: [TLS] Certificate compression (a la QUIC) for… Victor Vasiliev
- Re: [TLS] Certificate compression (a la QUIC) for… Alessandro Ghedini
- Re: [TLS] Certificate compression (a la QUIC) for… Viktor Dukhovni
- Re: [TLS] Certificate compression (a la QUIC) for… Nikos Mavrogiannopoulos
- Re: [TLS] Certificate compression (a la QUIC) for… Hubert Kario
- Re: [TLS] Certificate compression (a la QUIC) for… Nikos Mavrogiannopoulos
- Re: [TLS] Certificate compression (a la QUIC) for… Thomas Pornin
- Re: [TLS] Certificate compression (a la QUIC) for… Salz, Rich
- Re: [TLS] Certificate compression (a la QUIC) for… Bill Frantz
- Re: [TLS] Certificate compression (a la QUIC) for… Victor Vasiliev
- Re: [TLS] Certificate compression (a la QUIC) for… Viktor Dukhovni
- Re: [TLS] Certificate compression (a la QUIC) for… Victor Vasiliev