Re: [TLS] TLS 1.3 - Support for compression to be removed

> > Do we know how many protocols currently suffer from CRIME? > > > Maybe a best practice could be suggested by UTA for the implementation of TLS > in software, to disable compression if vulnerable. And for the others, to > implement a way to enable/disable compression in case one day a vuln

Re: [TLS] TLS 1.3 - Support for compression to be removed

Browsers are not a concern as they already have their own comp/decomp codes. HTTP/1 can compress content (Content-encoding and transfer-encoding) and HTTP2 has additional header compression. Regards, Roland Am 02.10.2015 um 15:08 schrieb takamichi saito: Do we know how many protocols current

Re: [TLS] TLS 1.3 - Support for compression to be removed

> 1) We know CRIME threat, but it can not be risk for everyone. > e.g., CVSS v2 Base Score: 2.6 (LOW) CVSS isn't always appropriate; CVSS2 called Heartbleed a 5; CVS v3 called it 7.5 > Which one is safer, "tls1.2" v.s. "tls1.3 with comp/decomp" ? They are equivalent. If you use AES-GCM and ECD

Re: [TLS] TLS 1.3 - Support for compression to be removed

On Fri, Oct 2, 2015 at 8:24 AM, Salz, Rich wrote: > > > 1) We know CRIME threat, but it can not be risk for everyone. > > e.g., CVSS v2 Base Score: 2.6 (LOW) > > CVSS isn't always appropriate; CVSS2 called Heartbleed a 5; CVS v3 called > it 7.5 > > > Which one is safer, "tls1.2" v.s. "tls1.3 with

Re: [TLS] TLS 1.3 - Support for compression to be removed

> I don't think we should be claiming that TLS 1.2 is equivalent to TLS > 1.3 without many more caveats. :) Fair enough. ___ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls

Re: [TLS] TLS 1.3 - Support for compression to be removed

On Fri 2015-10-02 11:24:10 -0400, Salz, Rich wrote: >> Which one is safer, "tls1.2" v.s. "tls1.3 with comp/decomp" ? > > They are equivalent. If you use AES-GCM and ECDHE, and you don't need 0RTT, > then there is no compelling reason to use TLS 1.3. ...and you use session-hash, and you either do

Re: [TLS] TLS 1.3 - Support for compression to be removed

Eric Rescorla wrote: > On Fri, Oct 2, 2015 at 8:24 AM, Salz, Rich wrote: >> >>> 1) We know CRIME threat, but it can not be risk for everyone. >>> e.g., CVSS v2 Base Score: 2.6 (LOW) >> >> CVSS isn't always appropriate; CVSS2 called Heartbleed a 5; CVS v3 called >> it 7.5 >> >>> Which one is safer,

Re: [TLS] TLS 1.3 - Support for compression to be removed

> On Oct 2, 2015, at 6:42 PM, Eric Rescorla wrote: > > > > On Fri, Oct 2, 2015 at 8:24 AM, Salz, Rich > wrote: > > > 1) We know CRIME threat, but it can not be risk for everyone. > > e.g., CVSS v2 Base Score: 2.6 (LOW) > > CVSS isn't always appropriate; CVSS2 called