Re: [TLS] TLS 1.3 - Support for compression to be removed

Peter Gutmann <> Wed, 23 September 2015 03:24 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id 3A7271B2C88 for <>; Tue, 22 Sep 2015 20:24:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -0.011
X-Spam-Status: No, score=-0.011 tagged_above=-999 required=5 tests=[BAYES_20=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id bKJyjAiTcwkE for <>; Tue, 22 Sep 2015 20:24:15 -0700 (PDT)
Received: from ( []) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 96BD01B2C8B for <>; Tue, 22 Sep 2015 20:24:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple;;; q=dns/txt; s=mail; t=1442978654; x=1474514654; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=3lp3vF5On/HE5bswCkbUr6kqzvr/1MB3429FRlrFwmk=; b=BhE2ZOmk56OCw4W2XGfD3W6Pqrx0VDDndMys6Fu5TC5hKRSQAJX1mMTn GcCmWojrUhoTcwVABenm9k6m4SHJq14e2XFmOdL+vNwJ5UIDX70s4desG X6sggFEJ+b+VCck5IORQsLNhpwm1dUg1VOKWPGG5/mvtDeW7F3VailMIU YyIe13Svjbokua5HeQheXX0ibY5ABWh4r5n40bkmUdSqgifRmyz2gaLuj iy5siJlCxQ3wpKzBlAf+fqHfIellWhKnpRmDri9b4ZDKE8p9hTBJKYrPC mmNBEgaQMYKVmHXK7HgGaJ4WgX5b6Q3QP2aezCs7DRlKSbRJOvsmnnB2f A==;
X-IronPort-AV: E=Sophos;i="5.17,576,1437393600"; d="scan'208";a="43592089"
X-Ironport-Source: - Outgoing - Outgoing
Received: from (HELO ([]) by with ESMTP/TLS/AES128-SHA; 23 Sep 2015 15:24:09 +1200
Received: from ([]) by ([]) with mapi id 14.03.0174.001; Wed, 23 Sep 2015 15:24:09 +1200
From: Peter Gutmann <>
To: Benjamin Kaduk <>, Yoav Nir <>
Thread-Topic: [TLS] TLS 1.3 - Support for compression to be removed
Date: Wed, 23 Sep 2015 03:24:08 +0000
Message-ID: <>
References: <> <> <> <> <> <> <>, <>
In-Reply-To: <>
Accept-Language: en-NZ, en-GB, en-US
Content-Language: en-NZ
x-originating-ip: []
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <>
Cc: "" <>
Subject: Re: [TLS] TLS 1.3 - Support for compression to be removed
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 23 Sep 2015 03:24:18 -0000

Benjamin Kaduk <> writes:

>Well, this just came across my browser:

There's a million compression algorithms [0] out there, you shouldn't have any
problem finding one to fit your needs, and you don't really need to wait for
some new one to come along, there are lots of viable candidates.

Responding to the OP's comment, the "we have all the bandwidth we need"
argument is the cousin of the endlessly-used "everyone has a quad-core 2GHz i7
with 8GB of RAM so we don't need to worry about efficient algorithms any
more".  You may have the bandwidth (and a quad-core i7), but there are lots
and lots of cases that don't, and never will.

(The majority of these use store-and-forward, so CMS (S/MIME) or PGP
compression, I can't immediately think of any that use TLS compression, but
wanted to point out that "well, it works for me" isn't really a valid


[0] Figure exaggerated slightly for theatrical effect, actual is hundreds to
    thousands depending on how you count sub-families and variants.