Re: [TLS] adopted: draft-ghedini-tls-certificate-compression
Ilari Liusvaara <ilariliusvaara@welho.com> Wed, 07 June 2017 20:28 UTC
Return-Path: <ilariliusvaara@welho.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3AC84129B38; Wed, 7 Jun 2017 13:28:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AjK6yoZjz03v; Wed, 7 Jun 2017 13:28:57 -0700 (PDT)
Received: from welho-filter1.welho.com (welho-filter1.welho.com [83.102.41.23]) by ietfa.amsl.com (Postfix) with ESMTP id DC291129AC7; Wed, 7 Jun 2017 13:28:55 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by welho-filter1.welho.com (Postfix) with ESMTP id EE08A63245; Wed, 7 Jun 2017 23:28:52 +0300 (EEST)
X-Virus-Scanned: Debian amavisd-new at pp.htv.fi
Received: from welho-smtp1.welho.com ([IPv6:::ffff:83.102.41.84]) by localhost (welho-filter1.welho.com [::ffff:83.102.41.23]) (amavisd-new, port 10024) with ESMTP id Z0oORFhMeoJO; Wed, 7 Jun 2017 23:28:52 +0300 (EEST)
Received: from LK-Perkele-V2 (87-92-51-204.bb.dnainternet.fi [87.92.51.204]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by welho-smtp1.welho.com (Postfix) with ESMTPSA id AACE0C4; Wed, 7 Jun 2017 23:28:52 +0300 (EEST)
Date: Wed, 07 Jun 2017 23:28:48 +0300
From: Ilari Liusvaara <ilariliusvaara@welho.com>
To: Raja ashok <raja.ashok@huawei.com>
Cc: "draft-ghedini-tls-certificate-compression@ietf.org" <draft-ghedini-tls-certificate-compression@ietf.org>, "<tls@ietf.org>" <tls@ietf.org>
Message-ID: <20170607202848.GA21563@LK-Perkele-V2.elisa-laajakaista.fi>
References: <B3FAE1B5-E608-489F-B3B9-BC966B673D94@sn3rd.com> <FDFEA8C9B9B6BD4685DCC959079C81F5E1953C09@BLREML509-MBS.china.huawei.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
In-Reply-To: <FDFEA8C9B9B6BD4685DCC959079C81F5E1953C09@BLREML509-MBS.china.huawei.com>
User-Agent: Mutt/1.5.23 (2014-03-12)
Sender: ilariliusvaara@welho.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/oBnPtcZkfSHls6hKP3YZHUoWW1Y>
Subject: Re: [TLS] adopted: draft-ghedini-tls-certificate-compression
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Jun 2017 20:28:59 -0000
On Wed, Jun 07, 2017 at 05:38:59AM +0000, Raja ashok wrote: > Hi Victor & Alessandro, > > I have gone through the draft and I am having a doubt. > > > The extension only affects the Certificate message from the server. > > It does not change the format of the Certificate message sent by the > > client. > > This draft provides a mechanism to compress only the server certificate > message, not the client certificate message. I feel client authentication > is not performed in HTTPS of web application. But in all other applications > (eg. Wireless sensor network) certificate based client authentication is > more important. > > So I suggest we should consider compression on client certificate message > also. Doing client certificate compression would add some complexity, because the compression indication currently needs to be external to certificates, and there is no place to stick such indication for client certificate. -Ilari
- [TLS] adopted: draft-ghedini-tls-certificate-comp… Sean Turner
- Re: [TLS] adopted: draft-ghedini-tls-certificate-… Hanno Böck
- Re: [TLS] adopted: draft-ghedini-tls-certificate-… Raja ashok
- Re: [TLS] adopted: draft-ghedini-tls-certificate-… Dave Garrett
- Re: [TLS] adopted: draft-ghedini-tls-certificate-… Piotr Sikora
- Re: [TLS] adopted: draft-ghedini-tls-certificate-… Salz, Rich
- Re: [TLS] adopted: draft-ghedini-tls-certificate-… Ilari Liusvaara
- Re: [TLS] adopted: draft-ghedini-tls-certificate-… David Benjamin
- Re: [TLS] adopted: draft-ghedini-tls-certificate-… Martin Rex
- Re: [TLS] adopted: draft-ghedini-tls-certificate-… Dave Garrett
- Re: [TLS] adopted: draft-ghedini-tls-certificate-… Watson Ladd
- Re: [TLS] adopted: draft-ghedini-tls-certificate-… Piotr Sikora
- Re: [TLS] adopted: draft-ghedini-tls-certificate-… Martin Thomson