On Tue, Sep 22, 2015 at 1:35 PM, Stephen Farrell <stephen.farr...@cs.tcd.ie> wrote: > > > On 22/09/15 17:23, Tony Arcieri wrote: >> But an unsafe feature shouldn't be kept in >> TLS just because some protocols want to do unsafe things and are too lazy >> to implement their own compression. > > Compression does have issues clearly, but it's not correct to describe > people wanting TLS to compress as lazy. They're rather looking for the > same features that TLS has offered for a couple of decades. So if there > were a way to help them, that'd be good. And if not, the onus I think > is on us in this WG to clearly explain why we're removing that feature > in TLS1.3. > > That doesn't have to be text in the TLS1.3 specification but I would > guess the question may keep coming up, so documenting the answer in > some archival form (such as an RFC:-) might be a good plan.
I like this idea... and it doesn't have to be compression-specific but could rather be of the variety of "Things that we [don't think make sense/consider harmful/are best done] if done at the TLS layer." This won't help get 1.3 out the door sooner, but it would be very useful to understand important points of consensus in TLS WG that are broader design decisions that may persist past 1.3. best, Joe -- Joseph Lorenzo Hall Chief Technologist Center for Democracy & Technology 1634 I ST NW STE 1100 Washington DC 20006-4011 (p) 202-407-8825 (f) 202-637-0968 j...@cdt.org PGP: https://josephhall.org/gpg-key fingerprint: 3CA2 8D7B 9F6D DBD3 4B10 1607 5F86 6987 40A9 A871 _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
