Certificates are pretty wasteful, outside of the keys themselves. There has to be some significant gains to be had. I think that we have discussed generating a dictionary that would be useful for certificates, so if we do that we won't know the full answer yet (I see no mention of that in the draft, so I guess that I might be in dreamland).
On Mon, Dec 11, 2017 at 2:43 PM, Bill Frantz <fra...@pwpconsult.com> wrote: > The discussion of this draft makes it sound like implementations will have > additional complexity to support certificate compression. Complexity adds > security risks, so just how much benefit does certificate compression > provide? My naive thinking is that most of the data in certificates is > signatures, which shouldn't be very compressible. > > Of course, for small systems, even a small improvement may be important. > > Cheers - Bill > > ------------------------------------------------------------------------- > Bill Frantz | When it comes to the world | Periwinkle > (408)356-8506 | around us, is there any choice | 16345 Englewood Ave > www.pwpconsult.com | but to explore? - Lisa Randall | Los Gatos, CA 95032 > > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
