IETF Logo Mail Archive

Re: [TLS] A question to implementors about compression

Alex Elsayed <eternaleye@gmail.com> Wed, 08 April 2015 05:52 UTC

Return-Path: <ietf-ietf-tls@m.gmane.org>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 41F641A00B6 for <tls@ietfa.amsl.com>; Tue, 7 Apr 2015 22:52:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.129
X-Spam-Level: *
X-Spam-Status: No, score=1.129 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_ADSP_CUSTOM_MED=0.001, FREEMAIL_FROM=0.001, FSL_HELO_BARE_IP_2=1.675, NML_ADSP_CUSTOM_MED=0.9, RCVD_IN_DNSWL_LOW=-0.7, RCVD_NUMERIC_HELO=1.164, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bwwPC0-McRpD for <tls@ietfa.amsl.com>; Tue, 7 Apr 2015 22:52:37 -0700 (PDT)
Received: from plane.gmane.org (plane.gmane.org [80.91.229.3]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 05B391A00D0 for <tls@ietf.org>; Tue, 7 Apr 2015 22:52:30 -0700 (PDT)
Received: from list by plane.gmane.org with local (Exim 4.69) (envelope-from <ietf-ietf-tls@m.gmane.org>) id 1YfiuZ-0006Zg-Rp for tls@ietf.org; Wed, 08 Apr 2015 07:52:28 +0200
Received: from 66.87.139.208 ([66.87.139.208]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for <tls@ietf.org>; Wed, 08 Apr 2015 07:52:27 +0200
Received: from eternaleye by 66.87.139.208 with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for <tls@ietf.org>; Wed, 08 Apr 2015 07:52:27 +0200
X-Injected-Via-Gmane: http://gmane.org/
To: tls@ietf.org
From: Alex Elsayed <eternaleye@gmail.com>
Date: Tue, 07 Apr 2015 22:52:18 -0700
Lines: 18
Message-ID: <mg2fmj$b07$1@ger.gmane.org>
References: <2dbc5ad134f544619db764781a8bb249@ustx2ex-dag1mb2.msg.corp.akamai.com> <CABkgnnXp8UzdNo+JQSyJY+U6wo=-tCFMcopn=N9XwNi_k0DYKQ@mail.gmail.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
X-Complaints-To: usenet@ger.gmane.org
X-Gmane-NNTP-Posting-Host: 66.87.139.208
User-Agent: KNode/4.14.6
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/uprWnvuzh_5FjqFjBEMUsrZMU6c>
X-Mailman-Approved-At: Wed, 08 Apr 2015 06:25:12 -0700
Subject: Re: [TLS] A question to implementors about compression
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Apr 2015 05:52:38 -0000

Martin Thomson wrote:

> On 7 April 2015 at 06:23, Salz, Rich <rsalz@akamai.com> wrote:
>> I want to completely remove TLS-layer compression from the next release
>> of OpenSSL (roughly year-end). If you this will cause interop problems
>> with
>> your stack, can you please let me know?  Thanks.
> 
> I'm guessing that interop problems with other stacks will be the least
> of your concerns: the uncompressed option is pretty well-tested.  NSS
> happily doesn't compress.  I'd be more concerned about users who might
> have gotten attached to the feature.

Fortunately, LibreSSL ripped it out a while back, and a  large number of 
things got fixed to handle that - so I think it's unlikely this will break 
the entire world; more likely about 10-25% of it (i.e. "nobody built this 
with LibreSSL" or "upstream hasn't taken patches to fix the build on 
LibreSSL").

v2.23.0 | Report a Bug | By Email