The security community thinks that compression is risky, error-prone, and that a security/auth layer is the wrong place to put it.
So far, the only counter-argument has been "if TLS 1.2 has a flaw, I want to move to TLS 1.3 without losing data compression." Is this accurate? -- Senior Architect, Akamai Technologies IM: richs...@jabber.at Twitter: RichSalz _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
