> On Sep 23, 2015, at 4:17 PM, Jeffrey Walton <noloa...@gmail.com> wrote: > >> IMHO, compression adds too many security vulnerabilities to a general >> purpose secure communication protocol. I think TLS 1.3 is right in >> eliminating it. It is too big a foot gun. > > To play devil's advocate: if (1) compression increases attack surface > and (2) people use compression, then wouldn't the best place to > address it be in a protocol or security library rather than pushing it > into a higher level in the stack where it likely won't be addressed?
No, because compression is not a good idea for the general use case of TLS. It might be a good idea for specific applications (where there may be specific reasons for which it will not violate security), but then one can (and should) resolve it specifically for those applications. Even within one application, there may be parts where the security suffers from compressing, and some where it does not. Only the application can make this decision. Best, Bjoern _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
