[TLS] Confirmation of Consensus on Removing Compression from TLS 1.3

"Joseph Salowey (jsalowey)" <jsalowey@cisco.com> Wed, 26 March 2014 18:42 UTC

Return-Path: <jsalowey@cisco.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5F8351A0386 for <tls@ietfa.amsl.com>; Wed, 26 Mar 2014 11:42:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.511
X-Spam-Level:
X-Spam-Status: No, score=-9.511 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tE_3fU3H3PeI for <tls@ietfa.amsl.com>; Wed, 26 Mar 2014 11:42:54 -0700 (PDT)
Received: from alln-iport-2.cisco.com (alln-iport-2.cisco.com [173.37.142.89]) by ietfa.amsl.com (Postfix) with ESMTP id 0F0B71A0172 for <tls@ietf.org>; Wed, 26 Mar 2014 11:42:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=395; q=dns/txt; s=iport; t=1395859372; x=1397068972; h=from:to:subject:date:message-id:content-id: content-transfer-encoding:mime-version; bh=cuR+hn7qv6hT6q5O1lKELPlzG7QOg5UhHNRJbYiWgoU=; b=hOrLFKWnT4zWxpdCgwW8EBoJhfMFVIrz74e2PSD8o7z2Q+UwjcxIjHqg HSJo9JCQLyq1Gahm4It0Zz49ttecLHa33UsGxbVe3GR4m9D2FlFXP6mpf NmIyHMMOh9TBd3k43dyFV9OZQhHTrTQvofkW3IpYOL9nugZOKVnRDYsXS 4=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AnsFAEQfM1OtJXHB/2dsb2JhbABZgwaBEsQSFnSCLDpRAT5CJwSIDJ8ZsWwXkhyBFASYTZIzgy6CKw
X-IronPort-AV: E=Sophos;i="4.97,737,1389744000"; d="scan'208";a="30599127"
Received: from rcdn-core2-6.cisco.com ([173.37.113.193]) by alln-iport-2.cisco.com with ESMTP; 26 Mar 2014 18:42:52 +0000
Received: from xhc-aln-x04.cisco.com (xhc-aln-x04.cisco.com [173.36.12.78]) by rcdn-core2-6.cisco.com (8.14.5/8.14.5) with ESMTP id s2QIgqEI017745 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL) for <tls@ietf.org>; Wed, 26 Mar 2014 18:42:52 GMT
Received: from xmb-rcd-x09.cisco.com ([169.254.9.247]) by xhc-aln-x04.cisco.com ([173.36.12.78]) with mapi id 14.03.0123.003; Wed, 26 Mar 2014 13:42:52 -0500
From: "Joseph Salowey (jsalowey)" <jsalowey@cisco.com>
To: "<tls@ietf.org>" <tls@ietf.org>
Thread-Topic: Confirmation of Consensus on Removing Compression from TLS 1.3
Thread-Index: AQHPSSMxZ0z0INsV8EeHhSnGu4GmzA==
Date: Wed, 26 Mar 2014 18:42:51 +0000
Message-ID: <DA7A3139-EE44-4FE2-B674-4ECAE4D51079@cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.33.248.91]
Content-Type: text/plain; charset="us-ascii"
Content-ID: <396A07315D02E24E9DA53B8962C5583C@emea.cisco.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/xhMLf8j4pq8W_ZGXUUU1G_m6r1c
Subject: [TLS] Confirmation of Consensus on Removing Compression from TLS 1.3
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 26 Mar 2014 18:42:55 -0000

The use of compression within TLS has resulted in vulnerabilities that can be exploited to disclose TLS encrypted application data.   The consensus in the room at IETF-89 was to remove compression from TLS 1.3 to remove this attack vector.  If you have concerns about this decision please respond on the TLS list by April 11, 2014.

Thanks,

Joe
[Speaking for the TLS chairs]