Re: [TLS] TLS 1.3 - Support for compression to be removed

Jeffrey Walton <noloader@gmail.com> Thu, 08 October 2015 16:56 UTC

Return-Path: <noloader@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DD8091AC3D2 for <tls@ietfa.amsl.com>; Thu, 8 Oct 2015 09:56:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QPD_yydqN-78 for <tls@ietfa.amsl.com>; Thu, 8 Oct 2015 09:56:04 -0700 (PDT)
Received: from mail-ig0-x22c.google.com (mail-ig0-x22c.google.com [IPv6:2607:f8b0:4001:c05::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6B5511AC3BF for <tls@ietf.org>; Thu, 8 Oct 2015 09:56:04 -0700 (PDT)
Received: by igbkq10 with SMTP id kq10so17343262igb.0 for <tls@ietf.org>; Thu, 08 Oct 2015 09:56:03 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:reply-to:in-reply-to:references:date:message-id :subject:from:to:cc:content-type; bh=Qz7KMgW//wt25cPbDZov8V/VwbSoWI5DpSMsh2jzfxI=; b=GUn7j9Rn9QuRypKz96shud3Lsz/Y/rSyznFqq7Zgmg6n5yd2KHY4RmAromBK/09RGJ dvg/JV57RiQ3hR7KwijnLEADGL9zhfjYs47umk+z6kXWR0GHgXxPwxQ7PosufW4D1n8s Wy7pfMcuWc8yFvyx4BtcxNqUyeGrAt9qpAU7JhwW1vLcOqh0XfR5H68BQRpWUw5aj2FI 5hclimLOTlqQcSuaa5PqoSCYVHPT0xvNReb599VTiPJmZhRk1xVuduY6N1nX3BatWApW 4YB3bdyi23J/u9a/81TUjMmLDaJ2mQu3RABProPIZdKbtjZQJWLekLx0dUAXThyVOvF3 quJw==
MIME-Version: 1.0
X-Received: by 10.50.138.72 with SMTP id qo8mr5451797igb.46.1444323363843; Thu, 08 Oct 2015 09:56:03 -0700 (PDT)
Received: by 10.36.123.131 with HTTP; Thu, 8 Oct 2015 09:56:03 -0700 (PDT)
In-Reply-To: <CAHOTMV+Lbn1iW3uBiKyYeejTvoQDr+nn+C6vLd2sioNtfgkQTA@mail.gmail.com>
References: <CABcZeBNfFHR3eDi1yoifOuZ_ALMPN+xRo1nBx+qk19J+LQjmLw@mail.gmail.com> <20151007211155.384AC1A2C5@ld9781.wdf.sap.corp> <CABcZeBPoF9Qm=ySx+xXkLCegWn1j=06LP+KPcZ=6N7NAbodBew@mail.gmail.com> <49943603-287F-4C78-AEC1-45628554C190@akamai.com> <CABcZeBNkePGEhTyZs6_7dtnyiP5cVKkcSUzcD-NspZti2-MVPg@mail.gmail.com> <CAHOTMV+Lbn1iW3uBiKyYeejTvoQDr+nn+C6vLd2sioNtfgkQTA@mail.gmail.com>
Date: Thu, 08 Oct 2015 12:56:03 -0400
Message-ID: <CAH8yC8=JS3sWGR5JZYB2Vvf_sqsVFv4ZEa0ti1cUL-EthYvFgw@mail.gmail.com>
From: Jeffrey Walton <noloader@gmail.com>
To: Tony Arcieri <bascule@gmail.com>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/UFDJKGPhr3uAlmY28S_sbypVdrk>
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] TLS 1.3 - Support for compression to be removed
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: noloader@gmail.com
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 08 Oct 2015 16:56:06 -0000

On Thu, Oct 8, 2015 at 12:53 AM, Tony Arcieri <bascule@gmail.com> wrote:
> On Wed, Oct 7, 2015 at 9:43 PM, Eric Rescorla <ekr@rtfm.com> wrote:
>>
>> Yes, this is what I believe it says and what I believe the WG had
>> consensus
>> on, the reasoning being that we really wished to just remove the feature
>> entirely. If the chairs declare consensus on something else, I will of
>> course edit
>> it to say something else.
>
>
> I think it would be prudent for the chairs to give some sort of judgment on
> this issue, given the high volumes of mailing list traffic created by a
> small number of detractors despite what is otherwise a rough consensus

That's kind of a loaded request.

We would need to know the security goals and objectives to ensure
things are progressing as expected. As far as I know, they are not
stated anywhere.

For example, if a goal is to ensure TLS is trouble free and does not
get egg on its face, then the goal is met by removing compression
altogether. If the goal is to ensure TLS users are safe, then the
result will likely fail to meet expectation because there will be
1,000's of incorrect, 1-off solutions.

The failed goal assumes not everyone RTFM's, which I think is
reasonable given past history. I can't help but feel if RTFM was going
to work, it would have happened in the last 30 or 50 years or so.

Jeff