Re: [TLS] TLS 1.3 - Support for compression to be removed

mrex@sap.com (Martin Rex) Fri, 09 October 2015 22:18 UTC

Return-Path: <mrex@sap.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E7A941B4DD3 for <tls@ietfa.amsl.com>; Fri, 9 Oct 2015 15:18:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.551
X-Spam-Level:
X-Spam-Status: No, score=-6.551 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_EQ_DE=0.35, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tjHSz5Qw5MpT for <tls@ietfa.amsl.com>; Fri, 9 Oct 2015 15:18:08 -0700 (PDT)
Received: from smtpde01.smtp.sap-ag.de (smtpde01.smtp.sap-ag.de [155.56.68.170]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 51BF61B4DC3 for <tls@ietf.org>; Fri, 9 Oct 2015 15:18:08 -0700 (PDT)
Received: from mail05.wdf.sap.corp (mail05.sap.corp [194.39.131.55]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtpde01.smtp.sap-ag.de (Postfix) with ESMTPS id 5B1972B151; Sat, 10 Oct 2015 00:18:06 +0200 (CEST)
X-purgate-ID: 152705::1444429086-00001EB9-FC60DD1D/0/0
X-purgate-size: 754
X-purgate: clean
X-purgate: This mail is considered clean (visit http://www.eleven.de for further information)
X-purgate-Ad: Categorized by eleven eXpurgate (R) http://www.eleven.de
X-purgate-type: clean
X-SAP-SPAM-Status: clean
Received: from ld9781.wdf.sap.corp (ld9781.wdf.sap.corp [10.21.82.193]) by mail05.wdf.sap.corp (Postfix) with ESMTP id 4A99040257; Sat, 10 Oct 2015 00:18:06 +0200 (CEST)
Received: by ld9781.wdf.sap.corp (Postfix, from userid 10159) id 3D6EA1A2D4; Sat, 10 Oct 2015 00:18:06 +0200 (CEST)
In-Reply-To: <CACsn0ckdF8cHC84UBydtkFCO79kratbdU2XeQrUD8PvnUtBvLg@mail.gmail.com>
To: Watson Ladd <watsonbladd@gmail.com>
Date: Sat, 10 Oct 2015 00:18:06 +0200
X-Mailer: ELM [version 2.4ME+ PL125 (25)]
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="US-ASCII"
Message-Id: <20151009221806.3D6EA1A2D4@ld9781.wdf.sap.corp>
From: mrex@sap.com
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/zkcA_YlLtfeaT7J3OGvN72p7QFk>
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] TLS 1.3 - Support for compression to be removed
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: mrex@sap.com
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 09 Oct 2015 22:18:10 -0000

Watson Ladd wrote:
> 
> Why is it important that clients be permitted to signal support for
> compression and TLS 1.3 conditionally? Remember, we also want to phase
> out the use of compression in TLS 1.2.

compression in TLS is *NOT* generally bad, and not generally a problem.

It may be a problem for usage scenarios where attacker-supplied content
and unknown content are mixed prior to compression, and in particular
where an attacker is freely given elaborate control over the behaviour
of one of the endpoints (e.g. SSL-VPNs and Web-Browsers), but there
are many more, perfectly valid usage scenarios, where TLS compression
is in current use, such as copying huge sparse files over a
TLS-protected communication channel.

-Martin