> On Oct 2, 2015, at 6:42 PM, Eric Rescorla <e...@rtfm.com> wrote: > > > > On Fri, Oct 2, 2015 at 8:24 AM, Salz, Rich <rs...@akamai.com > <mailto:rs...@akamai.com>> wrote: > > > 1) We know CRIME threat, but it can not be risk for everyone. > > e.g., CVSS v2 Base Score: 2.6 (LOW) > > CVSS isn't always appropriate; CVSS2 called Heartbleed a 5; CVS v3 called it > 7.5 > > > Which one is safer, "tls1.2" v.s. "tls1.3 with comp/decomp" ? > > They are equivalent. If you use AES-GCM and ECDHE, and you don't need 0RTT, > then there is no compelling reason to use TLS 1.3. > > I don't want to take a position on what's compelling or not, but there are a > number of > other reasons to use TLS 1.3, including support for real padding, encrypted > content types, > privacy for client authentication, etc.
And client certificate authentication in HTTP/2 (This assumes that HTTP/2 is required)
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
