Re: [TLS] I-D Action: draft-ietf-tls-certificate-compression-02.txt
Alessandro Ghedini <alessandro@ghedini.me> Fri, 26 January 2018 10:27 UTC
Return-Path: <alessandro@ghedini.me>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0669F12D962 for <tls@ietfa.amsl.com>; Fri, 26 Jan 2018 02:27:05 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.011
X-Spam-Level:
X-Spam-Status: No, score=-2.011 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ghedini.me
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sXD9g-aLH238 for <tls@ietfa.amsl.com>; Fri, 26 Jan 2018 02:27:02 -0800 (PST)
Received: from blastoise.ghedini.me (blastoise.ghedini.me [IPv6:2001:19f0:6c01:a56:5400:1ff:fe4a:5694]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 902B512D779 for <tls@ietf.org>; Fri, 26 Jan 2018 02:27:02 -0800 (PST)
Received: from localhost (unknown [IPv6:2a02:8010:6241:0:b438:3849:a6c:eeb7]) by blastoise.ghedini.me (Postfix) with ESMTPSA id 85153DF2F3 for <tls@ietf.org>; Fri, 26 Jan 2018 10:27:00 +0000 (UTC)
Date: Fri, 26 Jan 2018 10:26:59 +0000
From: Alessandro Ghedini <alessandro@ghedini.me>
To: tls@ietf.org
Message-ID: <20180126102659.GA5204@pinky>
Mail-Followup-To: tls@ietf.org
References: <151696190108.24397.6150515497869897080@ietfa.amsl.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <151696190108.24397.6150515497869897080@ietfa.amsl.com>
User-Agent: Mutt/1.9.2 (2017-12-15)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ghedini.me; s=mail; t=1516962420; h=from:subject:date:message-id:to:mime-version:content-type:in-reply-to:references; bh=vmyWb0JVcE3jdTO3xa6QihN6ZeU/ucWa5NtDT5Qj+fg=; b=PRTG4kzy8msOn4wtcOT/gQzIj+1q98JIyPTfAY2ia3I56RZxeulnm4r89wTWW+PLox8MPU rZkwv81gWXdhVK6oZihLQd+aLxp+1B6M19a7QBVuXA91K0K4Ch+12fP148rk9tYRrGXdLI DpenVOKW/X71yKPCBCkHPbUfK7otHTo=
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/nTbImzMUJ9knVqlYWkD381l_T1o>
Subject: Re: [TLS] I-D Action: draft-ietf-tls-certificate-compression-02.txt
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 26 Jan 2018 10:27:05 -0000
Hello, Here's a fresh new update based on the latest round of discussion. On Fri, Jan 26, 2018 at 02:18:21AM -0800, internet-drafts@ietf.org wrote: > > A New Internet-Draft is available from the on-line Internet-Drafts directories. > This draft is a work item of the Transport Layer Security WG of the IETF. > > Title : Transport Layer Security (TLS) Certificate Compression > Authors : Alessandro Ghedini > Victor Vasiliev > Filename : draft-ietf-tls-certificate-compression-02.txt > Pages : 7 > Date : 2018-01-26 > > Abstract: > In Transport Layer Security (TLS) handshakes, certificate chains > often take up the majority of the bytes transmitted. > > This document describes how certificate chains can be compressed to > reduce the amount of data transmitted and avoid some round trips. > > > The IETF datatracker status page for this draft is: > https://datatracker.ietf.org/doc/draft-ietf-tls-certificate-compression/ > > There are also htmlized versions available at: > https://tools.ietf.org/html/draft-ietf-tls-certificate-compression-02 > https://datatracker.ietf.org/doc/html/draft-ietf-tls-certificate-compression-02 > > A diff from the previous version is available at: > https://www.ietf.org/rfcdiff?url2=draft-ietf-tls-certificate-compression-02 The main changes are: * The CompressedCertificate message itself now carries the selected compression algorithm, rather than it being specified in a ServerHello extension. This means that client and server can independently select an algorithm for their own certificates (or none at all as in the previous version) rather than using the one picked by the server. * The server now advertises support for compressed client certitificates as an extension in the CertificateRequest message (so different sets of algorithms can be used for client compression). * The feature is now TLS >= 1.3 only, due to the dependency on extensions in CertificateRequest and to avoid middlebox interference. Me and Victor would like to ask for early codepoints assignment again, if you think we are ready now. Cheers
- [TLS] I-D Action: draft-ietf-tls-certificate-comp… internet-drafts
- Re: [TLS] I-D Action: draft-ietf-tls-certificate-… Alessandro Ghedini
- Re: [TLS] I-D Action: draft-ietf-tls-certificate-… Benjamin Kaduk
- Re: [TLS] I-D Action: draft-ietf-tls-certificate-… Victor Vasiliev
- Re: [TLS] I-D Action: draft-ietf-tls-certificate-… Benjamin Kaduk
- Re: [TLS] I-D Action: draft-ietf-tls-certificate-… Sean Turner
- Re: [TLS] I-D Action: draft-ietf-tls-certificate-… Sean Turner
- Re: [TLS] I-D Action: draft-ietf-tls-certificate-… Victor Vasiliev
- Re: [TLS] I-D Action: draft-ietf-tls-certificate-… Sean Turner
- Re: [TLS] I-D Action: draft-ietf-tls-certificate-… Alessandro Ghedini
- Re: [TLS] I-D Action: draft-ietf-tls-certificate-… Olivier Levillain
- Re: [TLS] I-D Action: draft-ietf-tls-certificate-… Ilari Liusvaara
- Re: [TLS] I-D Action: draft-ietf-tls-certificate-… Victor Vasiliev