Re: [TLS] TLS 1.3 - Support for compression to be removed
Viktor Dukhovni <ietf-dane@dukhovni.org> Fri, 25 September 2015 20:37 UTC
Return-Path: <ietf-dane@dukhovni.org>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 424F11A1C00 for <tls@ietfa.amsl.com>; Fri, 25 Sep 2015 13:37:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hIjxs2YW0fHd for <tls@ietfa.amsl.com>; Fri, 25 Sep 2015 13:37:26 -0700 (PDT)
Received: from mournblade.imrryr.org (mournblade.imrryr.org [38.117.134.19]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 190851A1BE6 for <tls@ietf.org>; Fri, 25 Sep 2015 13:37:25 -0700 (PDT)
Received: by mournblade.imrryr.org (Postfix, from userid 1034) id D7EF128304A; Fri, 25 Sep 2015 20:37:23 +0000 (UTC)
Date: Fri, 25 Sep 2015 20:37:23 +0000
From: Viktor Dukhovni <ietf-dane@dukhovni.org>
To: tls@ietf.org
Message-ID: <20150925203723.GD21942@mournblade.imrryr.org>
References: <20150922132321.17789008.2591.24358@ll.mit.edu> <CAHOTMV+riEzyYQcDfh4mMRokivCD_6T=ErTKF+BP41xABWEG8A@mail.gmail.com> <56019B0F.3020208@trigofacile.com> <201509221423.38061.davemgarrett@gmail.com> <56019FEE.5010008@trigofacile.com> <a3e83d0bbb994343b6715c958422438f@ustx2ex-dag1mb1.msg.corp.akamai.com> <92D67610-81FD-4515-AFE6-910E8B4E0F44@gmail.com> <CAAF6GDcvkFXMWJ4Ef-QQdhhe0wOq9tbpkjDVho13tRW7JwpDzA@mail.gmail.com> <CAHOTMV+jB9N4AS60voE5pFNVaL6hJnOQDt5b3V-6k5GsByW3AQ@mail.gmail.com> <56059505.5000001@wizmail.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <56059505.5000001@wizmail.org>
User-Agent: Mutt/1.5.24 (2015-08-30)
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/bVAbZthXQNnyoRQSHLYp_eE1vF0>
Subject: Re: [TLS] TLS 1.3 - Support for compression to be removed
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tls@ietf.org
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 25 Sep 2015 20:37:28 -0000
On Fri, Sep 25, 2015 at 07:40:05PM +0100, Jeremy Harris wrote: > Why is it not possible for TLS1.3 to provide that same service > combination, but implemented by design in a layered fashion? TLS is correctly agnostic of semantic boundaries, in application data. For this to work, applications would need to be able to ask TLS to enable and disable compression at any time after the handshake, once some uncompressed or compressed data has gone by. This requires new application protocol verbs "STARTCOMPRESSION", "STOPCOMPRESSION", and underlying support in the TLS layer. A suitable application I/O library that supports pushing and popping protocol "modules" onto a raw I/O stream, would be a better vehicle for this than forcing dynamic compression support into TLS. -- Viktor.
- [TLS] TLS 1.3 - Support for compression to be rem… Alewa, Christos
- Re: [TLS] TLS 1.3 - Support for compression to be… Julien ÉLIE
- Re: [TLS] TLS 1.3 - Support for compression to be… Salz, Rich
- Re: [TLS] TLS 1.3 - Support for compression to be… Julien ÉLIE
- Re: [TLS] TLS 1.3 - Support for compression to be… Kurt Roeckx
- Re: [TLS] TLS 1.3 - Support for compression to be… Loganaden Velvindron
- Re: [TLS] TLS 1.3 - Support for compression to be… Julien ÉLIE
- Re: [TLS] TLS 1.3 - Support for compression to be… Geoffrey Keating
- Re: [TLS] TLS 1.3 - Support for compression to be… Salz, Rich
- Re: [TLS] TLS 1.3 - Support for compression to be… Dave Garrett
- Re: [TLS] TLS 1.3 - Support for compression to be… Julien ÉLIE
- Re: [TLS] TLS 1.3 - Support for compression to be… Watson Ladd
- Re: [TLS] TLS 1.3 - Support for compression to be… Julien ÉLIE
- Re: [TLS] TLS 1.3 - Support for compression to be… Karthikeyan Bhargavan
- Re: [TLS] TLS 1.3 - Support for compression to be… Salz, Rich
- Re: [TLS] TLS 1.3 - Support for compression to be… Julien ÉLIE
- Re: [TLS] TLS 1.3 - Support for compression to be… Viktor Dukhovni
- Re: [TLS] TLS 1.3 - Support for compression to be… Julien ÉLIE
- Re: [TLS] TLS 1.3 - Support for compression to be… Daniel Kahn Gillmor
- Re: [TLS] TLS 1.3 - Support for compression to be… Tony Arcieri
- Re: [TLS] TLS 1.3 - Support for compression to be… Thijs van Dijk
- Re: [TLS] TLS 1.3 - Support for compression to be… Simon Josefsson
- Re: [TLS] TLS 1.3 - Support for compression to be… Blumenthal, Uri - 0553 - MITLL
- Re: [TLS] TLS 1.3 - Support for compression to be… Watson Ladd
- Re: [TLS] TLS 1.3 - Support for compression to be… Tony Arcieri
- Re: [TLS] TLS 1.3 - Support for compression to be… Stephen Farrell
- Re: [TLS] TLS 1.3 - Support for compression to be… Joseph Lorenzo Hall
- Re: [TLS] TLS 1.3 - Support for compression to be… Julien ÉLIE
- Re: [TLS] TLS 1.3 - Support for compression to be… Tony Arcieri
- Re: [TLS] TLS 1.3 - Support for compression to be… Dave Garrett
- Re: [TLS] TLS 1.3 - Support for compression to be… Yoav Nir
- Re: [TLS] TLS 1.3 - Support for compression to be… Julien ÉLIE
- Re: [TLS] TLS 1.3 - Support for compression to be… Salz, Rich
- Re: [TLS] TLS 1.3 - Support for compression to be… Julien ÉLIE
- Re: [TLS] TLS 1.3 - Support for compression to be… Jeffrey Walton
- Re: [TLS] TLS 1.3 - Support for compression to be… Dave Garrett
- Re: [TLS] TLS 1.3 - Support for compression to be… Watson Ladd
- Re: [TLS] TLS 1.3 - Support for compression to be… Stephen Farrell
- Re: [TLS] TLS 1.3 - Support for compression to be… Yoav Nir
- Re: [TLS] TLS 1.3 - Support for compression to be… Dave Garrett
- Re: [TLS] TLS 1.3 - Support for compression to be… Benjamin Kaduk
- Re: [TLS] TLS 1.3 - Support for compression to be… Kurt Roeckx
- Re: [TLS] TLS 1.3 - Support for compression to be… Peter Gutmann
- Re: [TLS] TLS 1.3 - Support for compression to be… Colm MacCárthaigh
- Re: [TLS] TLS 1.3 - Support for compression to be… Tony Arcieri
- Re: [TLS] TLS 1.3 - Support for compression to be… Colm MacCárthaigh
- Re: [TLS] TLS 1.3 - Support for compression to be… Bill Frantz
- Re: [TLS] TLS 1.3 - Support for compression to be… Jeffrey Walton
- Re: [TLS] TLS 1.3 - Support for compression to be… Björn Tackmann
- Re: [TLS] TLS 1.3 - Support for compression to be… Bill Frantz
- Re: [TLS] TLS 1.3 - Support for compression to be… Jeffrey Walton
- Re: [TLS] TLS 1.3 - Support for compression to be… Yoav Nir
- Re: [TLS] TLS 1.3 - Support for compression to be… Nikos Mavrogiannopoulos
- Re: [TLS] TLS 1.3 - Support for compression to be… Julien ÉLIE
- Re: [TLS] TLS 1.3 - Support for compression to be… Julien ÉLIE
- Re: [TLS] TLS 1.3 - Support for compression to be… Jeremy Harris
- Re: [TLS] TLS 1.3 - Support for compression to be… Dave Garrett
- Re: [TLS] TLS 1.3 - Support for compression to be… Viktor Dukhovni
- Re: [TLS] TLS 1.3 - Support for compression to be… Yuhong Bao
- Re: [TLS] TLS 1.3 - Support for compression to be… Salz, Rich
- Re: [TLS] TLS 1.3 - Support for compression to be… Viktor Dukhovni
- Re: [TLS] TLS 1.3 - Support for compression to be… takamichi saito
- Re: [TLS] TLS 1.3 - Support for compression to be… Roland Zink
- Re: [TLS] TLS 1.3 - Support for compression to be… Salz, Rich
- Re: [TLS] TLS 1.3 - Support for compression to be… Eric Rescorla
- Re: [TLS] TLS 1.3 - Support for compression to be… Daniel Kahn Gillmor
- Re: [TLS] TLS 1.3 - Support for compression to be… Salz, Rich
- Re: [TLS] TLS 1.3 - Support for compression to be… Martin Rex
- Re: [TLS] TLS 1.3 - Support for compression to be… Yoav Nir
- Re: [TLS] TLS 1.3 - Support for compression to be… Daniel Kahn Gillmor
- Re: [TLS] TLS 1.3 - Support for compression to be… Ilari Liusvaara
- Re: [TLS] TLS 1.3 - Support for compression to be… takamichi saito
- Re: [TLS] TLS 1.3 - Support for compression to be… takamichi saito
- Re: [TLS] TLS 1.3 - Support for compression to be… Eric Rescorla
- Re: [TLS] TLS 1.3 - Support for compression to be… Yoav Nir
- Re: [TLS] TLS 1.3 - Support for compression to be… Tony Arcieri
- Re: [TLS] TLS 1.3 - Support for compression to be… Jeffrey Walton
- Re: [TLS] TLS 1.3 - Support for compression to be… Tony Arcieri
- Re: [TLS] TLS 1.3 - Support for compression to be… Dave Garrett
- Re: [TLS] TLS 1.3 - Support for compression to be… Jeffrey Walton
- Re: [TLS] TLS 1.3 - Support for compression to be… Dave Garrett
- Re: [TLS] TLS 1.3 - Support for compression to be… Dave Garrett
- Re: [TLS] TLS 1.3 - Support for compression to be… Tony Arcieri
- Re: [TLS] TLS 1.3 - Support for compression to be… Dave Garrett
- Re: [TLS] TLS 1.3 - Support for compression to be… Jeffrey Walton
- Re: [TLS] TLS 1.3 - Support for compression to be… Watson Ladd
- Re: [TLS] TLS 1.3 - Support for compression to be… Tony Arcieri
- Re: [TLS] TLS 1.3 - Support for compression to be… Eric Rescorla
- Re: [TLS] TLS 1.3 - Support for compression to be… Salz, Rich
- Re: [TLS] TLS 1.3 - Support for compression to be… Jeffrey Walton
- Re: [TLS] TLS 1.3 - Support for compression to be… Eric Rescorla
- Re: [TLS] TLS 1.3 - Support for compression to be… Martin Thomson
- Re: [TLS] TLS 1.3 - Support for compression to be… Eric Rescorla
- Re: [TLS] TLS 1.3 - Support for compression to be… Martin Thomson
- Re: [TLS] TLS 1.3 - Support for compression to be… Douglas Stebila
- Re: [TLS] TLS 1.3 - Support for compression to be… Martin Rex
- Re: [TLS] TLS 1.3 - Support for compression to be… Dave Garrett
- Re: [TLS] TLS 1.3 - Support for compression to be… Eric Rescorla
- Re: [TLS] TLS 1.3 - Support for compression to be… Martin Rex
- Re: [TLS] TLS 1.3 - Support for compression to be… Eric Rescorla
- Re: [TLS] TLS 1.3 - Support for compression to be… Short, Todd
- Re: [TLS] TLS 1.3 - Support for compression to be… Geoffrey Keating
- Re: [TLS] TLS 1.3 - Support for compression to be… Eric Rescorla
- Re: [TLS] TLS 1.3 - Support for compression to be… Tony Arcieri
- Re: [TLS] TLS 1.3 - Support for compression to be… Bill Frantz
- Re: [TLS] TLS 1.3 - Support for compression to be… Martin Rex
- Re: [TLS] TLS 1.3 - Support for compression to be… Jeffrey Walton
- Re: [TLS] TLS 1.3 - Support for compression to be… Watson Ladd
- Re: [TLS] TLS 1.3 - Support for compression to be… Jeffrey Walton
- Re: [TLS] TLS 1.3 - Support for compression to be… Tony Arcieri
- Re: [TLS] TLS 1.3 - Support for compression to be… Short, Todd
- Re: [TLS] TLS 1.3 - Support for compression to be… Eric Rescorla
- Re: [TLS] TLS 1.3 - Support for compression to be… Joseph Salowey
- Re: [TLS] TLS 1.3 - Support for compression to be… Martin Rex
- Re: [TLS] TLS 1.3 - Support for compression to be… Watson Ladd
- Re: [TLS] TLS 1.3 - Support for compression to be… Martin Rex
- Re: [TLS] TLS 1.3 - Support for compression to be… Dave Garrett
- Re: [TLS] TLS 1.3 - Support for compression to be… takamichi saito
- Re: [TLS] TLS 1.3 - Support for compression to be… takamichi saito
- Re: [TLS] TLS 1.3 - Support for compression to be… Julien ÉLIE