On Sat, Nov 26, 2016 at 11:42:20PM -0500, Victor Vasiliev wrote: > I am currently trying to figure out how much of QUIC certificate > compression can be adapted to work with TLS. I will submit a draft as soon > as I have a working prototype.
FWIW I too have started working on a prototype for gzip compressing certificates based on BoringSSL: https://github.com/ghedo/boringssl/tree/cert_compress It's not complete yet and I only implemented compression so far based on what Chromium does with QUIC. I also haven't really tested it yet (but at least it builds AFAICT :) ). I'd like to do some tests as well to measure the benefits of this (e.g. download certificates from CT logs and see how effective the compression is). I also started working on a draft for gzip compression of certificates at: https://github.com/ghedo/tls-certificate-compression Or that's the current scope anyway. Maybe it would also make sense to include the full QUIC certificate caching part, but I didn't want to duplicate RFC7924. My intention would be to use gzip-compressed certs on first connect, and then use RFC7924 for consecutive handshakes. The text is not complete and I haven't submitted it yet, though it would be nice if we could work on the same draft together, in order to avoid duplicating work (I can give you or anyone interested commit access to the repo). Cheers _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
