[TLS] Confirmation of Consensus on Removing Compression from TLS 1.3
"Joseph Salowey (jsalowey)" <jsalowey@cisco.com> Wed, 26 March 2014 18:42 UTC
Return-Path: <jsalowey@cisco.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5F8351A0386 for <tls@ietfa.amsl.com>; Wed, 26 Mar 2014 11:42:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.511
X-Spam-Level:
X-Spam-Status: No, score=-9.511 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tE_3fU3H3PeI for <tls@ietfa.amsl.com>; Wed, 26 Mar 2014 11:42:54 -0700 (PDT)
Received: from alln-iport-2.cisco.com (alln-iport-2.cisco.com [173.37.142.89]) by ietfa.amsl.com (Postfix) with ESMTP id 0F0B71A0172 for <tls@ietf.org>; Wed, 26 Mar 2014 11:42:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=395; q=dns/txt; s=iport; t=1395859372; x=1397068972; h=from:to:subject:date:message-id:content-id: content-transfer-encoding:mime-version; bh=cuR+hn7qv6hT6q5O1lKELPlzG7QOg5UhHNRJbYiWgoU=; b=hOrLFKWnT4zWxpdCgwW8EBoJhfMFVIrz74e2PSD8o7z2Q+UwjcxIjHqg HSJo9JCQLyq1Gahm4It0Zz49ttecLHa33UsGxbVe3GR4m9D2FlFXP6mpf NmIyHMMOh9TBd3k43dyFV9OZQhHTrTQvofkW3IpYOL9nugZOKVnRDYsXS 4=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AnsFAEQfM1OtJXHB/2dsb2JhbABZgwaBEsQSFnSCLDpRAT5CJwSIDJ8ZsWwXkhyBFASYTZIzgy6CKw
X-IronPort-AV: E=Sophos;i="4.97,737,1389744000"; d="scan'208";a="30599127"
Received: from rcdn-core2-6.cisco.com ([173.37.113.193]) by alln-iport-2.cisco.com with ESMTP; 26 Mar 2014 18:42:52 +0000
Received: from xhc-aln-x04.cisco.com (xhc-aln-x04.cisco.com [173.36.12.78]) by rcdn-core2-6.cisco.com (8.14.5/8.14.5) with ESMTP id s2QIgqEI017745 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL) for <tls@ietf.org>; Wed, 26 Mar 2014 18:42:52 GMT
Received: from xmb-rcd-x09.cisco.com ([169.254.9.247]) by xhc-aln-x04.cisco.com ([173.36.12.78]) with mapi id 14.03.0123.003; Wed, 26 Mar 2014 13:42:52 -0500
From: "Joseph Salowey (jsalowey)" <jsalowey@cisco.com>
To: "<tls@ietf.org>" <tls@ietf.org>
Thread-Topic: Confirmation of Consensus on Removing Compression from TLS 1.3
Thread-Index: AQHPSSMxZ0z0INsV8EeHhSnGu4GmzA==
Date: Wed, 26 Mar 2014 18:42:51 +0000
Message-ID: <DA7A3139-EE44-4FE2-B674-4ECAE4D51079@cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.33.248.91]
Content-Type: text/plain; charset="us-ascii"
Content-ID: <396A07315D02E24E9DA53B8962C5583C@emea.cisco.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/xhMLf8j4pq8W_ZGXUUU1G_m6r1c
Subject: [TLS] Confirmation of Consensus on Removing Compression from TLS 1.3
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 26 Mar 2014 18:42:55 -0000
The use of compression within TLS has resulted in vulnerabilities that can be exploited to disclose TLS encrypted application data. The consensus in the room at IETF-89 was to remove compression from TLS 1.3 to remove this attack vector. If you have concerns about this decision please respond on the TLS list by April 11, 2014. Thanks, Joe [Speaking for the TLS chairs]
- [TLS] Confirmation of Consensus on Removing Compr… Joseph Salowey (jsalowey)
- Re: [TLS] Confirmation of Consensus on Removing C… Yaron Sheffer
- Re: [TLS] Confirmation of Consensus on Removing C… Martin Thomson
- Re: [TLS] Confirmation of Consensus on Removing C… Martin Rex
- Re: [TLS] Confirmation of Consensus on Removing C… Eric Rescorla
- Re: [TLS] Confirmation of Consensus on Removing C… Paterson, Kenny
- Re: [TLS] Confirmation of Consensus on Removing C… Martin Rex
- Re: [TLS] Confirmation of Consensus on Removing C… Eric Rescorla
- Re: [TLS] Confirmation of Consensus on Removing C… Watson Ladd
- Re: [TLS] Confirmation of Consensus on Removing C… Martin Rex
- Re: [TLS] Confirmation of Consensus on Removing C… Joachim Strömbergson
- Re: [TLS] Confirmation of Consensus on Removing C… Alyssa Rowan
- Re: [TLS] Confirmation of Consensus on Removing C… Richard Hartmann
- Re: [TLS] Confirmation of Consensus on Removing C… Peter Gutmann
- Re: [TLS] Confirmation of Consensus on Removing C… Karthikeyan Bhargavan
- Re: [TLS] Confirmation of Consensus on Removing C… Bill Frantz
- Re: [TLS] Confirmation of Consensus on Removing C… Joseph Salowey (jsalowey)
- Re: [TLS] Confirmation of Consensus on Removing C… Eric Rescorla
- Re: [TLS] Confirmation of Consensus on Removing C… Eric Rescorla