Re: [TLS] I-D Action: draft-ietf-tls-certificate-compression-01.txt
Bill Frantz <frantz@pwpconsult.com> Mon, 11 December 2017 20:43 UTC
Return-Path: <frantz@pwpconsult.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 945381273B1 for <tls@ietfa.amsl.com>; Mon, 11 Dec 2017 12:43:33 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.62
X-Spam-Level:
X-Spam-Status: No, score=-2.62 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8P_eP55K7h12 for <tls@ietfa.amsl.com>; Mon, 11 Dec 2017 12:43:32 -0800 (PST)
Received: from elasmtp-masked.atl.sa.earthlink.net (elasmtp-masked.atl.sa.earthlink.net [209.86.89.68]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3B1981205F0 for <tls@ietf.org>; Mon, 11 Dec 2017 12:43:31 -0800 (PST)
Received: from [47.143.125.17] (helo=Williams-MacBook-Pro.local) by elasmtp-masked.atl.sa.earthlink.net with esmtpa (Exim 4) (envelope-from <frantz@pwpconsult.com>) id 1eOUvC-0003Uu-GO for tls@ietf.org; Mon, 11 Dec 2017 15:43:30 -0500
Date: Mon, 11 Dec 2017 12:43:30 -0800
From: Bill Frantz <frantz@pwpconsult.com>
To: tls@ietf.org
X-Priority: 3
In-Reply-To: <CABkgnnUu6aE0socrxXm6L11T5F0cdHL-Y5K0deQudOorwEeVqg@mail.gmail.com>
Message-ID: <r470Ps-10132i-E0E190ABCD214523B790DE7F83C37914@Williams-MacBook-Pro.local>
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: quoted-printable
X-Mailer: Mailsmith 2.4 (470)
X-ELNK-Trace: 3a5e54fa03f1b3e21aa676d7e74259b7b3291a7d08dfec79981a4485c35ab0bccfd33feda9c621c1350badd9bab72f9c350badd9bab72f9c350badd9bab72f9c
X-Originating-IP: 47.143.125.17
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/heMMEE8QVBQWtHtJlKQz9-U-c4o>
Subject: Re: [TLS] I-D Action: draft-ietf-tls-certificate-compression-01.txt
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 11 Dec 2017 20:43:34 -0000
The discussion of this draft makes it sound like implementations will have additional complexity to support certificate compression. Complexity adds security risks, so just how much benefit does certificate compression provide? My naive thinking is that most of the data in certificates is signatures, which shouldn't be very compressible. Of course, for small systems, even a small improvement may be important. Cheers - Bill ------------------------------------------------------------------------- Bill Frantz | When it comes to the world | Periwinkle (408)356-8506 | around us, is there any choice | 16345 Englewood Ave www.pwpconsult.com | but to explore? - Lisa Randall | Los Gatos, CA 95032
- [TLS] I-D Action: draft-ietf-tls-certificate-comp… internet-drafts
- Re: [TLS] I-D Action: draft-ietf-tls-certificate-… Alessandro Ghedini
- Re: [TLS] I-D Action: draft-ietf-tls-certificate-… Ilari Liusvaara
- Re: [TLS] I-D Action: draft-ietf-tls-certificate-… Sean Turner
- Re: [TLS] I-D Action: draft-ietf-tls-certificate-… Martin Thomson
- Re: [TLS] I-D Action: draft-ietf-tls-certificate-… Ilari Liusvaara
- Re: [TLS] I-D Action: draft-ietf-tls-certificate-… Martin Thomson
- Re: [TLS] I-D Action: draft-ietf-tls-certificate-… Ilari Liusvaara
- Re: [TLS] I-D Action: draft-ietf-tls-certificate-… Martin Thomson
- Re: [TLS] I-D Action: draft-ietf-tls-certificate-… Bill Frantz
- Re: [TLS] I-D Action: draft-ietf-tls-certificate-… Martin Thomson
- Re: [TLS] I-D Action: draft-ietf-tls-certificate-… Victor Vasiliev
- Re: [TLS] I-D Action: draft-ietf-tls-certificate-… Victor Vasiliev
- Re: [TLS] I-D Action: draft-ietf-tls-certificate-… Martin Thomson
- Re: [TLS] I-D Action: draft-ietf-tls-certificate-… Victor Vasiliev
- Re: [TLS] I-D Action: draft-ietf-tls-certificate-… Sean Turner
- Re: [TLS] I-D Action: draft-ietf-tls-certificate-… Victor Vasiliev
- Re: [TLS] I-D Action: draft-ietf-tls-certificate-… Sean Turner
- Re: [TLS] I-D Action: draft-ietf-tls-certificate-… Hanno Böck
- Re: [TLS] I-D Action: draft-ietf-tls-certificate-… David Benjamin
- Re: [TLS] I-D Action: draft-ietf-tls-certificate-… Victor Vasiliev
- Re: [TLS] I-D Action: draft-ietf-tls-certificate-… Ilari Liusvaara
- Re: [TLS] I-D Action: draft-ietf-tls-certificate-… David Benjamin
- Re: [TLS] I-D Action: draft-ietf-tls-certificate-… Victor Vasiliev