IETF Logo Mail Archive

Re: [TLS] CBOR Certificate Compression of RFC 7925 certificates suitable for cTLS

Hannes Tschofenig <Hannes.Tschofenig@arm.com> Wed, 08 April 2020 13:29 UTC

Return-Path: <Hannes.Tschofenig@arm.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C2B953A08B5; Wed, 8 Apr 2020 06:29:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com header.b=JUxd0aNT; dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com header.b=JUxd0aNT
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rPPLRNl1esJQ; Wed, 8 Apr 2020 06:29:42 -0700 (PDT)
Received: from EUR05-DB8-obe.outbound.protection.outlook.com (mail-db8eur05on20610.outbound.protection.outlook.com [IPv6:2a01:111:f400:7e1a::610]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C78AC3A08B2; Wed, 8 Apr 2020 06:29:41 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=tMGdBfbxP6DbfpEyTF6H+3T9GPezvwy8RivVOTIgg4w=; b=JUxd0aNT1L2dAAK1g06+yD3gY76jyfSSucHnSjfnH45WI+NHX8dvCryD6U6UZgu1Xtn/PpOZbuOdlAnqDnvnF+ahcDmw97B+mcdTGxTpi/aRvTvvyhBGMpCNswVVq1x+ukIB8oGObpI7YqiqpqTY8Rc2OTaqLT29+Tkb664G8Nc=
Received: from AM0P190CA0022.EURP190.PROD.OUTLOOK.COM (2603:10a6:208:190::32) by AM5PR0801MB1857.eurprd08.prod.outlook.com (2603:10a6:203:4e::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2900.15; Wed, 8 Apr 2020 13:29:38 +0000
Received: from VE1EUR03FT052.eop-EUR03.prod.protection.outlook.com (2603:10a6:208:190:cafe::3a) by AM0P190CA0022.outlook.office365.com (2603:10a6:208:190::32) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2900.15 via Frontend Transport; Wed, 8 Apr 2020 13:29:38 +0000
Authentication-Results: spf=pass (sender IP is 63.35.35.123) smtp.mailfrom=arm.com; ietf.org; dkim=pass (signature was verified) header.d=armh.onmicrosoft.com;ietf.org; dmarc=bestguesspass action=none header.from=arm.com;
Received-SPF: Pass (protection.outlook.com: domain of arm.com designates 63.35.35.123 as permitted sender) receiver=protection.outlook.com; client-ip=63.35.35.123; helo=64aa7808-outbound-1.mta.getcheckrecipient.com;
Received: from 64aa7808-outbound-1.mta.getcheckrecipient.com (63.35.35.123) by VE1EUR03FT052.mail.protection.outlook.com (10.152.19.173) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2856.17 via Frontend Transport; Wed, 8 Apr 2020 13:29:37 +0000
Received: ("Tessian outbound eadf07c3b4bb:v50"); Wed, 08 Apr 2020 13:29:37 +0000
X-CR-MTA-TID: 64aa7808
Received: from 5165e4a73be1.1 by 64aa7808-outbound-1.mta.getcheckrecipient.com id 04AC9452-8B02-40CD-9B10-BCE23A5F3C52.1; Wed, 08 Apr 2020 13:29:32 +0000
Received: from EUR04-HE1-obe.outbound.protection.outlook.com by 64aa7808-outbound-1.mta.getcheckrecipient.com with ESMTPS id 5165e4a73be1.1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384); Wed, 08 Apr 2020 13:29:32 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=NIw41vm9H+SvSVfAVNxAAlZCa2yQsw5xmi2uGwAsQ9xsXWxLc6S0prvfB/fcrRH7+paM9ZZeSMAl4r0XcwWQNrXrcAxKt0uyYxmt/U2WJ24MiHMJloJjvN6vhCWaAGy5M9YOy4hufW1o0lmRkoYYtx6inVdyGbGD0DJh01/XR9DcZtAtsDjHWL9LJXOM28pte1Sru0X/nBFZJlsixlxljFNNsu4wmv4VXNDUjfO5HUvlP0d72xuXXZvOmtoz+hEWN+0vsPatBWFSJVpMEC2/d0T547KDq0LXI/hi0eHlG6tsc7DQZB0d4qaI35Csb0W6cYddwg/N4dyhVwAHhu3gEw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=tMGdBfbxP6DbfpEyTF6H+3T9GPezvwy8RivVOTIgg4w=; b=k+G1aJ0U8JI+L6IrN+PobIMB0MShi/AI7bybwmvm6juZMwEwoJP8AgLMC7lEy3YU9A9mlTHxR4yokQRVv92kvDTA131RkRcxIr/9SnfPUyRWnTxR+AonfvQqQIWXDsk4sf/hik7sxlmT33eN9RXwmKAxr7QLQmolx1kruJtShq4MW6kT4P5Q86GkPr3/FM21uHveEU4oUftmA05MLKOnjA9QF0G4KvIjAg8z93Hasq6VJi5lFKLBW1JVRCjL4RiSX9mls+53U7yMyGeZubuNZL0yPZehw+ogrFkRkoIOwaqzqcmF/6ZQ+kkl75gTqjU+s0giK+ppGcn5kMwnTfA3vg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass header.d=arm.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=tMGdBfbxP6DbfpEyTF6H+3T9GPezvwy8RivVOTIgg4w=; b=JUxd0aNT1L2dAAK1g06+yD3gY76jyfSSucHnSjfnH45WI+NHX8dvCryD6U6UZgu1Xtn/PpOZbuOdlAnqDnvnF+ahcDmw97B+mcdTGxTpi/aRvTvvyhBGMpCNswVVq1x+ukIB8oGObpI7YqiqpqTY8Rc2OTaqLT29+Tkb664G8Nc=
Received: from AM0PR08MB3716.eurprd08.prod.outlook.com (2603:10a6:208:106::13) by AM0PR08MB3762.eurprd08.prod.outlook.com (2603:10a6:208:100::25) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2878.15; Wed, 8 Apr 2020 13:29:30 +0000
Received: from AM0PR08MB3716.eurprd08.prod.outlook.com ([fe80::2159:870b:25df:e612]) by AM0PR08MB3716.eurprd08.prod.outlook.com ([fe80::2159:870b:25df:e612%5]) with mapi id 15.20.2878.022; Wed, 8 Apr 2020 13:29:30 +0000
From: Hannes Tschofenig <Hannes.Tschofenig@arm.com>
To: John Mattsson <john.mattsson@ericsson.com>, "tls@ietf.org" <tls@ietf.org>, "uta@ietf.org" <uta@ietf.org>
Thread-Topic: [TLS] CBOR Certificate Compression of RFC 7925 certificates suitable for cTLS
Thread-Index: AQHWDaeDkPpKX8oyt0iX3UQ9nri0DqhvOAag
Date: Wed, 08 Apr 2020 13:29:30 +0000
Message-ID: <AM0PR08MB3716CD4DA4854230B57AB6AEFAC00@AM0PR08MB3716.eurprd08.prod.outlook.com>
References: <CD58C8B5-BBB4-4D59-B2BF-4DE53A2725F1@ericsson.com>
In-Reply-To: <CD58C8B5-BBB4-4D59-B2BF-4DE53A2725F1@ericsson.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ts-tracking-id: 116b1e97-f95a-41b9-86d2-f6524c9f6771.1
x-checkrecipientchecked: true
Authentication-Results-Original: spf=none (sender IP is ) smtp.mailfrom=Hannes.Tschofenig@arm.com;
x-originating-ip: [80.92.115.119]
x-ms-publictraffictype: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: 5ec161b7-db81-4fa1-f2aa-08d7dbc0e2a1
x-ms-traffictypediagnostic: AM0PR08MB3762:|AM5PR0801MB1857:
X-Microsoft-Antispam-PRVS: <AM5PR0801MB18576FA4741E04C5F55FC489FAC00@AM5PR0801MB1857.eurprd08.prod.outlook.com>
x-checkrecipientrouted: true
nodisclaimer: true
x-ms-oob-tlc-oobclassifiers: OLM:10000;OLM:10000;
x-forefront-prvs: 0367A50BB1
X-Forefront-Antispam-Report-Untrusted: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM0PR08MB3716.eurprd08.prod.outlook.com; PTR:; CAT:NONE; SFTY:; SFS:(10009020)(4636009)(346002)(39860400002)(396003)(366004)(376002)(136003)(66946007)(52536014)(66446008)(66556008)(8936002)(6506007)(33656002)(966005)(66476007)(53546011)(478600001)(55016002)(9686003)(64756008)(86362001)(71200400001)(81156014)(8676002)(2906002)(186003)(66574012)(316002)(7696005)(81166007)(26005)(110136005)(76116006)(5660300002); DIR:OUT; SFP:1101;
received-spf: None (protection.outlook.com: arm.com does not designate permitted sender hosts)
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Untrusted: BCL:0;
X-Microsoft-Antispam-Message-Info-Original: OA/XBcNAVaXrrFjF/1htlyhen/hfrfU8ZFnX1Cr5tAKBKbr/nTcBtUNJITLEJiAuZ91Si/IFScTjRUIBaZfMAEkPs1PuyYDCKY8j/xaOA50+gmCgr7QupvfIljM6UFu6MI+zHiN6aFk7duC974PXLe5pyfONbIVys4EUmRSCJh1ZlXs1bGOTMu1LcPbX2gtp6YG1tBxpzeBzfpUexeddKwdF7iwFOuN6rR0DMjuhhBfRLejdFswLtxxBZ4syFmgkto5JR7bvkc7reIMb37BwtT+qBYfoCEo54jq1Bo8tDUCsDXIPbZr/19eZFq9wgAaiUIo5/Bg8xddSrpyVxHGVgFMxUDzaobM2RoN4ASW21CKHNsVJFydlGL9J5EqXI+M/6dHMjqLWK2WINzbbyt/aJlTdJI9OYW8mGlSCTbUrwJnKUkPanUD8jk97IeFEPQIp+RDmUMk0zfaHMixzyHr44NyyDJt4cjkrZMP5/9E5OHOcJ7hqrd03OGNYVl/LLghh+z1loFDRRLVUjmODcpX6pA==
x-ms-exchange-antispam-messagedata: wK/2/tnfop4XTriuzvCw6PFpZNg+A8Eqtzx5EPKWB+0VCdmm7uv/v5WCnI1U6ii10A134H6IeJtqh3G09B0ayxjWm3jrMuLarDlCSSebVu4JFpe+xVBvokp51JBU0KkS32tBC5yyXF0Z0wSYAxFusA==
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0PR08MB3762
Original-Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=Hannes.Tschofenig@arm.com;
X-EOPAttributedMessage: 0
X-MS-Exchange-Transport-CrossTenantHeadersStripped: VE1EUR03FT052.eop-EUR03.prod.protection.outlook.com
X-Forefront-Antispam-Report: CIP:63.35.35.123; CTRY:IE; LANG:en; SCL:1; SRV:; IPV:CAL; SFV:NSPM; H:64aa7808-outbound-1.mta.getcheckrecipient.com; PTR:ec2-63-35-35-123.eu-west-1.compute.amazonaws.com; CAT:NONE; SFTY:; SFS:(10009020)(4636009)(396003)(136003)(346002)(376002)(39860400002)(46966005)(2906002)(316002)(186003)(7696005)(26005)(36906005)(356004)(110136005)(6506007)(53546011)(336012)(9686003)(8676002)(55016002)(86362001)(81166007)(450100002)(52536014)(81156014)(5660300002)(8936002)(478600001)(66574012)(33656002)(26826003)(70586007)(82740400003)(966005)(47076004)(70206006); DIR:OUT; SFP:1101;
X-MS-Office365-Filtering-Correlation-Id-Prvs: 65219477-4c0e-4a8c-7493-08d7dbc0de60
X-Forefront-PRVS: 0367A50BB1
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: 9RblPdrdECyb5F0t7jpPyXnXbdMqCPHMSb1hLXcwZ+odRA/cup3cKRYDqRj/C5fDrwuDJcIGWDf7UmJ/npLfGHk7sCFWXfBVG7PDgdcl96sU9pFMzfBKXnNC0ipbYA1dUCjCwTEyIlealwMoZkVgavlbFAYpK/AJGfZapU2Foai1WSjgGMZXUN8sXFqeelEDplw8/QW53cYpYtjArlMzwuQN5CSo0G/aaOtaLDJ4l4rrmNVpvr0CCnyrN3hPEClUKYfC/FcZkH6ajVD0Zu35BywfKRSrgd7DKIXBpONpCBmDt4/eYbK9Fh/zDZtDNe2dUfnIXgeYX6tn3aRtcIkutVkFis4Mh/1gi4Vp2nFBV3aVs+KePBQbL8x9glXrLvb9OpmDFe172SO7g30k/YDD+reGvblWoxPoHni25KSekgAr2XWETfmx0kFFTOFpd33antJB/MAbjfug9sFGDYEGHOy1DPsY1hIp5oDoWJzlOXKnNvGfew52laj2YPKgMipap/kR9jao5ZCWNFqGJa11olh9RF/8OT8UBbecq3xf2Z1HA93+LPZUClXJtkbBz7bqXNYJMYyG8BzosOP0Bw3KOw==
X-OriginatorOrg: arm.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 08 Apr 2020 13:29:37.6961 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 5ec161b7-db81-4fa1-f2aa-08d7dbc0e2a1
X-MS-Exchange-CrossTenant-Id: f34e5979-57d9-4aaa-ad4d-b122a662184d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=f34e5979-57d9-4aaa-ad4d-b122a662184d; Ip=[63.35.35.123]; Helo=[64aa7808-outbound-1.mta.getcheckrecipient.com]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM5PR0801MB1857
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/lgMd7USdZ758gJTdp2jLdUMY_ac>
Subject: Re: [TLS] CBOR Certificate Compression of RFC 7925 certificates suitable for cTLS
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Apr 2020 13:29:45 -0000

Thanks for the info, John. I will have a look at this publication.

-----Original Message-----
From: John Mattsson <john.mattsson@ericsson.com>
Sent: Wednesday, April 8, 2020 3:14 PM
To: Hannes Tschofenig <Hannes.Tschofenig@arm.com>; tls@ietf.org; uta@ietf.org
Subject: Re: [TLS] CBOR Certificate Compression of RFC 7925 certificates suitable for cTLS

Hi Hannes,

I have requested and been assigned time for draft-mattsson-tls-cbor-cert-compress-00 and draft-raza-ace-cbor-certificates-04 at the UTA virtual interim on March 23.

We have an implementation of https://link.springer.com/chapter/10.1007%2F978-3-319-93797-7_14 / draft-raza-ace-cbor-certificates-03, but the code is not written in a way so that the compression mechanism DER-> CBOR can be extracted. The example in draft-raza-ace-cbor-certificates-04 was created by hand with cbor.me. We are planning to implement a updated standalone version of the DER->CBOR compression and hopefully have interop testing in the COSE WG.

Cheers,
John

-----Original Message-----
From: TLS <tls-bounces@ietf.org> on behalf of Hannes Tschofenig <Hannes.Tschofenig@arm.com>
Date: Friday, 3 April 2020 at 14:20
To: John Mattsson <john.mattsson=40ericsson.com@dmarc.ietf.org>, "TLS@ietf.org" <tls@ietf.org>, "uta@ietf.org" <uta@ietf.org>
Subject: Re: [TLS] CBOR Certificate Compression of RFC 7925 certificates suitable for cTLS

    Hi John,

    Thanks for the heads-up.

    Discussing this aspect in draft-tschofenig-uta-tls13-profile-01 makes sense.

    I was wondering whether you have been working on an implementation of draft-mattsson-cose-cbor-cert-compress-00 / draft-raza-ace-cbor-certificates-04.

    Ciao
    Hannes

    -----Original Message-----
    From: TLS <tls-bounces@ietf.org> On Behalf Of John Mattsson
    Sent: Friday, April 3, 2020 9:03 AM
    To: TLS@ietf.org; uta@ietf.org
    Subject: [TLS] CBOR Certificate Compression of RFC 7925 certificates suitable for cTLS

    Hi,

    During the COSE virtual interim meeting yesterday, there was agreement that the COSE working group should work on CBOR compression of RFC 7925 profiled X.509 certificates. The work will be based on draft-raza-ace-cbor-certificates and draft-mattsson-cose-cbor-cert-compress and the two drafts will be merged. Doing this work in a security group focused on CBOR makes a lot of sense.

    https://tools.ietf.org/html/draft-mattsson-cose-cbor-cert-compress-00
    https://tools.ietf.org/html/draft-raza-ace-cbor-certificates-04

    The COSE draft charter has already been updated to reflect this.

    https://github.com/cose-wg/Charter/blob/master/Charter.md

    As the algorithm is focused on compressing RFC 7925 profiled certificates, It seems like a very good match for cTLS. To keep the number of internet-drafts down, I plan to also include the TLS IANA registrations in the merged draft submitted to the COSE WG and let draft-mattsson-tls-cbor-cert-compress-00 expire.

    Any comments from the TLS WG are very welcome, but otherwise these is not so much to discuss, this is just another certificate compression algorithm. Any TLS related discussions would likely be regarding the certificate profile in RFC 7925 and if any clarifications or updates are needed. This is likely best discussed in UTA which may take up work on a TLS/DTLS 1.3 update of RFC 7925.

    https://tools.ietf.org/html/draft-tschofenig-uta-tls13-profile-01

    Cheers,
    John

    -----Original Message-----
    From: John Mattsson <john.mattsson@ericsson.com>
    Date: Thursday, 12 March 2020 at 08:58
    To: "TLS@ietf.org" <TLS@ietf.org>
    Cc: "uta@ietf.org" <uta@ietf.org>
    Subject: FW: New Version Notification for draft-mattsson-tls-cbor-cert-compress-00.txt

        Hi,

        We have submitted a new draft to TLS https://tools.ietf.org/html/draft-mattsson-tls-cbor-cert-compress-00 The draft register a new compression algorithms for use with TLS Certificate Compression in TLS 1.3 and DTLS 1.3 (draft-ietf-tls-certificate-compression).

        The draft uses https://tools.ietf.org/html/draft-raza-ace-cbor-certificates-04 to compress RFC 7925 profiles certificates by encoding them from DER to CBOR. The aim is to be compatible with all RFC 7925 profiled certificates. With the included example DER encoded RFC 7925 certificate to certificate is compressed from 314 to 136 bytes, a compression rate of 57%.

        The general purpose compression algorithms defined in draft-ietf-tls-certificate-compression do not seem able to compress profiled RFC 7925 X.509 certificates much at all. zlib compressed the example cert 9%, but for other certificates we tested, zlib did in many cases not provide any compression at all.

        We have submitted a similar draft to the COSE WG registering a new algorithms for the TLS 1.3 certificate compression extension.

        https://tools.ietf.org/html/draft-mattsson-tls-cbor-cert-compress-00

        Cheers,
        John

        -----Original Message-----
        From: "internet-drafts@ietf.org" <internet-drafts@ietf.org>
        Date: Monday, 9 March 2020 at 21:19
        To: John Mattsson <john.mattsson@ericsson.com>, John Mattsson <john.mattsson@ericsson.com>, Joel Höglund <joel.hoglund@ri.se>, Joel Hoglund <joel.hoglund@ri.se>, Göran Selander <goran.selander@ericsson.com>, Martin Furuhed <martin.furuhed@nexusgroup.com>, Göran Selander <goran.selander@ericsson.com>, Shahid Raza <shahid.raza@ri.se>
        Subject: New Version Notification for draft-mattsson-tls-cbor-cert-compress-00.txt


            A new version of I-D, draft-mattsson-tls-cbor-cert-compress-00.txt
            has been successfully submitted by John Preuss Mattsson and posted to the
            IETF repository.

            Name:draft-mattsson-tls-cbor-cert-compress
            Revision:00
            Title:CBOR Certificate Algorithm for TLS Certificate Compression
            Document date:2020-03-09
            Group:Individual Submission
            Pages:6
            URL:            https://www.ietf.org/internet-drafts/draft-mattsson-tls-cbor-cert-compress-00.txt
            Status:         https://datatracker.ietf.org/doc/draft-mattsson-tls-cbor-cert-compress/
            Htmlized:       https://tools.ietf.org/html/draft-mattsson-tls-cbor-cert-compress-00
            Htmlized:       https://datatracker.ietf.org/doc/html/draft-mattsson-tls-cbor-cert-compress


            Abstract:
               Certificate chains often take up the majority of the bytes
               transmitted in TLS handshakes.  Large handshakes can cause problems,
               particularly in constrained IoT environments.  RFC 7925 defines a TLS
               certificate profile for constrained IoT.  General purpose compression
               algorithms can in many cases not compress RFC 7925 profiled
               certificates at all.  By using the fact that the certificates are
               profiled, the CBOR certificate compression algorithms can in many
               cases compress RFC 7925 profiled certificates with over 50%. This
               document specifies the CBOR certificate compression algorithm for use
               with TLS Certificate Compression in TLS 1.3 and DTLS 1.3.




            Please note that it may take a couple of minutes from the time of submission
            until the htmlized version and diff are available at tools.ietf.org.

            The IETF Secretariat






    _______________________________________________
    TLS mailing list
    TLS@ietf.org
    https://www.ietf.org/mailman/listinfo/tls
    IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.
    _______________________________________________
    TLS mailing list
    TLS@ietf.org
    https://www.ietf.org/mailman/listinfo/tls


IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

v2.23.0 | Report a Bug | By Email