> Barry, following up, here is some proposed text (again, not yet coordinated > with my co-authors).
Nice text all 'round; thanks. One question on one of them: > OLD > Implementations and deployments SHOULD disable TLS-level compression > ([RFC5246], Section 6.2.2). > > NEW > In order to help prevent compression-related attacks (summarized in > Section 2.6 of [RFC7457]), implementations and deployments SHOULD > disable TLS-level compression ([RFC5246], Section 6.2.2), unless the > application protocol in question has not been shown to be open to > such attacks. Do you want "has not been shown to be open to such attacks", or "has been shown not to be open to such attacks" ? Barry _______________________________________________ Uta mailing list Uta@ietf.org https://www.ietf.org/mailman/listinfo/uta
