Re: [TLS] TLS 1.3 - Support for compression to be removed

Bill Frantz <> Thu, 08 October 2015 04:56 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id 7B2261A87D1 for <>; Wed, 7 Oct 2015 21:56:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: 0.1
X-Spam-Status: No, score=0.1 tagged_above=-999 required=5 tests=[BAYES_50=0.8, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id whbj_KtQTai3 for <>; Wed, 7 Oct 2015 21:56:55 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id 27FE11A87C9 for <>; Wed, 7 Oct 2015 21:56:55 -0700 (PDT)
Received: from [] (helo=Williams-MacBook-Pro.local) by with esmtpa (Exim 4.67) (envelope-from <>) id 1Zk3G0-0005fU-B9; Thu, 08 Oct 2015 00:56:44 -0400
Date: Wed, 07 Oct 2015 21:56:39 -0700
From: Bill Frantz <>
To: Eric Rescorla <>
X-Priority: 3
Message-ID: <r422Ps-1075i-FD656F4366714CB39980C4DB5730AF82@Williams-MacBook-Pro.local>
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: quoted-printable
X-Mailer: Mailsmith 2.3.1 (422)
X-ELNK-Trace: 3a5e54fa03f1b3e21aa676d7e74259b7b3291a7d08dfec790b946754916f504b1429c7f144c1b5d0350badd9bab72f9c350badd9bab72f9c350badd9bab72f9c
Archived-At: <>
Subject: Re: [TLS] TLS 1.3 - Support for compression to be removed
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 08 Oct 2015 04:56:56 -0000

On 10/8/15 at 9:43 PM, (Eric Rescorla) wrote:

>Yes, this is what I believe it says and what I believe the WG had consensus
>on, the reasoning being that we really wished to just remove the feature
>entirely. If the chairs declare consensus on something else, I will of
>course edit
>it to say something else.

I would love to support compression, but I don't hear any of the 
proponents suggesting a way to support compression that is 
immune to the the attacks that have already been fielded. With 
nothing safe on the table, I think compression has to be kicked 
up a layer.

It is possible to think of a parallel layer to TLS which only 
does compression and offers no secrecy features. This facility 
may solve the NNTP problem, but I am not qualified to say 
whether it can solve that problem or not. In any case, such a 
facility  may have many features in common with TLS, including a 
compatible initial negotiation, but it would not be a privacy 
protocol. It could include integrity.

Cheers - Bill

Bill Frantz        | Truth and love must prevail  | Periwinkle
(408)356-8506      | over lies and hate.          | 16345 
Englewood Ave |               - Vaclav Havel | Los Gatos, 
CA 95032