Hi, We have submitted a new draft to TLS https://tools.ietf.org/html/draft-mattsson-tls-cbor-cert-compress-00 The draft register a new compression algorithms for use with TLS Certificate Compression in TLS 1.3 and DTLS 1.3 (draft-ietf-tls-certificate-compression).
The draft uses https://tools.ietf.org/html/draft-raza-ace-cbor-certificates-04 to compress RFC 7925 profiles certificates by encoding them from DER to CBOR. The aim is to be compatible with all RFC 7925 profiled certificates. With the included example DER encoded RFC 7925 certificate to certificate is compressed from 314 to 136 bytes, a compression rate of 57%. The general purpose compression algorithms defined in draft-ietf-tls-certificate-compression do not seem able to compress profiled RFC 7925 X.509 certificates much at all. zlib compressed the example cert 9%, but for other certificates we tested, zlib did in many cases not provide any compression at all. We have submitted a similar draft to the COSE WG registering a new algorithms for the TLS 1.3 certificate compression extension. https://tools.ietf.org/html/draft-mattsson-tls-cbor-cert-compress-00 Cheers, John -----Original Message----- From: "internet-dra...@ietf.org" <internet-dra...@ietf.org> Date: Monday, 9 March 2020 at 21:19 To: John Mattsson <john.matts...@ericsson.com>, John Mattsson <john.matts...@ericsson.com>, Joel Höglund <joel.hogl...@ri.se>, Joel Hoglund <joel.hogl...@ri.se>, Göran Selander <goran.selan...@ericsson.com>, Martin Furuhed <martin.furu...@nexusgroup.com>, Göran Selander <goran.selan...@ericsson.com>, Shahid Raza <shahid.r...@ri.se> Subject: New Version Notification for draft-mattsson-tls-cbor-cert-compress-00.txt A new version of I-D, draft-mattsson-tls-cbor-cert-compress-00.txt has been successfully submitted by John Preuss Mattsson and posted to the IETF repository. Name: draft-mattsson-tls-cbor-cert-compress Revision: 00 Title: CBOR Certificate Algorithm for TLS Certificate Compression Document date: 2020-03-09 Group: Individual Submission Pages: 6 URL: https://www.ietf.org/internet-drafts/draft-mattsson-tls-cbor-cert-compress-00.txt Status: https://datatracker.ietf.org/doc/draft-mattsson-tls-cbor-cert-compress/ Htmlized: https://tools.ietf.org/html/draft-mattsson-tls-cbor-cert-compress-00 Htmlized: https://datatracker.ietf.org/doc/html/draft-mattsson-tls-cbor-cert-compress Abstract: Certificate chains often take up the majority of the bytes transmitted in TLS handshakes. Large handshakes can cause problems, particularly in constrained IoT environments. RFC 7925 defines a TLS certificate profile for constrained IoT. General purpose compression algorithms can in many cases not compress RFC 7925 profiled certificates at all. By using the fact that the certificates are profiled, the CBOR certificate compression algorithms can in many cases compress RFC 7925 profiled certificates with over 50%. This document specifies the CBOR certificate compression algorithm for use with TLS Certificate Compression in TLS 1.3 and DTLS 1.3. Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. The IETF Secretariat _______________________________________________ Uta mailing list Uta@ietf.org https://www.ietf.org/mailman/listinfo/uta
