idnits 2.17.1 draft-sabin-lzs-tls-00.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** Cannot find the required boilerplate sections (Copyright, IPR, etc.) in this document. Expected boilerplate is as follows today (2024-04-23) according to https://trustee.ietf.org/license-info : IETF Trust Legal Provisions of 28-dec-2009, Section 6.a: This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. IETF Trust Legal Provisions of 28-dec-2009, Section 6.b(i), paragraph 2: Copyright (c) 2024 IETF Trust and the persons identified as the document authors. All rights reserved. IETF Trust Legal Provisions of 28-dec-2009, Section 6.b(i), paragraph 3: This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- ** Missing expiration date. The document expiration date should appear on the first and last page. ** The document seems to lack a 1id_guidelines paragraph about Internet-Drafts being working documents. ** The document seems to lack a 1id_guidelines paragraph about the list of current Internet-Drafts. ** The document seems to lack a 1id_guidelines paragraph about the list of Shadow Directories. == No 'Intended status' indicated for this document; assuming Proposed Standard == The page length should not exceed 58 lines per page, but there was 5 longer pages, the longest (page 2) being 59 lines Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack an IANA Considerations section. (See Section 2.2 of https://www.ietf.org/id-info/checklist for how to handle the case when there are no actions for IANA.) ** The document seems to lack separate sections for Informative/Normative References. All references will be assumed normative when checking for downward references. ** The abstract seems to contain references ([RFC-1974]), which it shouldn't. Please replace those with straight textual mentions of the documents in question. ** The document seems to lack a both a reference to RFC 2119 and the recommended RFC 2119 boilerplate, even if it appears to use RFC 2119 keywords. RFC 2119 keyword, line 160: '...ords, the sender MUST reset the compre...' RFC 2119 keyword, line 161: '... Thus, the HIST_RESET bit MUST be set...' RFC 2119 keyword, line 166: '... The sender MUST flush the compre...' RFC 2119 keyword, line 201: '...n implementation SHOULD monitor the re...' RFC 2119 keyword, line 203: '...e, the uncompressed fragment SHOULD be...' Miscellaneous warnings: ---------------------------------------------------------------------------- -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- Couldn't find a document date in the document -- date freshness check skipped. Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) -- Possible downref: Non-RFC (?) normative reference: ref. 'ANSI94' -- Possible downref: Non-RFC (?) normative reference: ref. 'Calgary' ** Downref: Normative reference to an Informational RFC: RFC 1974 -- Possible downref: Non-RFC (?) normative reference: ref. 'TLS' Summary: 10 errors (**), 0 flaws (~~), 2 warnings (==), 5 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Internet Draft December 1996 (Expires June 1997) 4 M. Sabin, Consultant 5 R. Monsour, Hi/fn Inc. 6 C. Allen, Consensus Development 8 LZS Compression Transform for TLS Protocol 9 11 Status of this Memo 13 This document is an Internet-Draft. Internet-Drafts are working 14 documents of the Internet Engineering Task Force (IETF), its areas, 15 and its working groups. Note that other groups may also distribute 16 working documents as Internet-Drafts. 18 Internet-Drafts are draft documents valid for a maximum of six months 19 and may be updated, replaced, or obsoleted by other documents at any 20 time. It is inappropriate to use Internet-Drafts as reference 21 material or to cite them other than as "work in progress." 23 To learn the current status of any Internet-Draft, please check the 24 "1id-abstracts.txt" listing contained in the Internet-Drafts Shadow 25 Directories on ftp.is.co.za (Africa), nic.nordu.net (Europe), 26 munnari.oz.au (Pacific Rim), ds.internic.net (US East Coast), or 27 ftp.isi.edu (US West Coast). 29 Abstract 31 This memo proposes a compression method for the TLS protocol based on 32 the LZS compression algorithm. The method can be used to compress 33 the contents of a TLS record. The compression method proposed here 34 is stateless, meaning that a record can be decompressed independently 35 of any other record. Compression is performed prior to the 36 encryption operation, which has the side benefit of reducing the 37 amount of data that must be encrypted. 39 Acknowledgments 41 The LZS details presented here are similar to those in "PPP Stac LZS 42 Compression Protocol," by R. Friend and W. A. Simpson [RFC-1974]. 44 Table of Contents 46 1. Introduction 47 2. Format of Compressed Fragment 49 Sabin, et al [Page 1] 50 3. Compression Procedure 51 4. Decompression Procedure 52 5. Security Considerations 53 6. References 54 7. Author's Addresses 55 8. Appendix: Compression Efficiency versus Fragment Size 57 1. Introduction 59 Encrypted data is random in nature and not compressible. When the 60 TLS protocol [TLS] transmits encrypted records, compression methods 61 used at lower protocol layers -- e.g., PPP compression [RFC-1962] -- 62 no longer work. If both compression and encryption are desired, 63 compression must be performed first. Accordingly, the TLS protocol 64 provides a mechanism for including compression prior to encryption. 66 A side benefit of compressing the data first is that the amount of 67 data which must be encrypted is reduced. In some implementations, 68 compression is done in hardware and encryption is done in software, 69 and this can represent a significant reduction in software overhead. 71 This memo proposes a compression method for the TLS protocol based on 72 the LZS compression algorithm. The method is stateless, meaning that 73 the contents of a TLS record can be decompressed independently of any 74 other record. 76 1.1 Background of LZS Compression 78 The LZS algorithm is a lossless compression method that uses a 79 sliding window of 2,048 bytes. During compression, redundant 80 sequences of data are replaced with tokens that represent those 81 sequences. During decompression, the original sequences are 82 substituted for the tokens, in such a way that the original data 83 is exactly recovered. LZS differs from lossy schemes, such as 84 those often used for video compression, that do not exactly 85 reproduce the original data. 87 Details of LZS formatting can be found in [ANSI94]. 89 The efficiency of the LZS algorithm depends on the degree of 90 redundancy in the original data. A typical compression ratio 91 is 2:1. LZS achieves a compression ratio of 2.34:1 on 92 the University of Calgary Text Compression Corpus [Calgary]. 94 1.2 Licensing 96 Hi/fn Inc. holds patents on the LZS algorithm. Source and object 97 code licenses for LZS are available on a non-discriminatory basis. 99 Sabin, et al [Page 2] 100 Hardware implementations are also available. For more 101 information, contact Hi/fn at the address listed with the authors' 102 addresses. 104 1.3 Requirements Terminology 106 In this document, the words that are used to define the 107 significance of each particular requirement are usually 108 capitalized. These words are: 110 - MUST: This word, or the adjective "REQUIRED," means that the 111 item is an absolute requirement of the specification. 113 - SHOULD: This word, or the adjective "RECOMMENDED," means 114 that there might exist valid reasons in particular 115 circumstances to ignore this item, but the full implications 116 should be understood and the case carefully weighed before 117 taking a different course. 119 - MAY: This word, or the adjective "OPTIONAL," means that the 120 item is truly optional. One vendor might choose to include the 121 item because of a particular marketplace requirement or because 122 it enhances the product, while another vendor might omit the 123 item. 125 2. Format of Compressed Fragment 127 The input to the compression function is a TLSPlaintext.fragment. 128 The output of the function is a TLSCompressed.fragment. The format 129 of the TLSCompressed.fragment is as follows: 131 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 132 | CC | | 133 +-+-+-+-+-+-+-+-+ | 134 | | 135 | Fragment Data (compressed or uncompressed) | 136 | | 137 | +-+-+-+-+-+-+-+-| 138 | | 139 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 141 2.1 Compression Control 143 The Compression Control (CC) field is a single, bit-mapped byte. 144 The bits are numbered 7 (most significant) to 0 (least 145 significant). The following bits are defined: 147 Sabin, et al [Page 3] 148 - COMPRESSED (bit 7) 150 This bit is set to 1 to indicate the fragment is compressed. 151 It is cleared to 0 to indicate the fragment is not compressed. 153 - HIST_RESET (bit 6) 155 This bit is set to 1 to indicate that the compression history 156 was reset prior to processing this fragment. It is cleared to 157 0 to indicate the compression history was not reset. 159 In order to make the compression function stateless between 160 records, the sender MUST reset the compression history prior to 161 processing each fragment. Thus, the HIST_RESET bit MUST be set 162 to 1 in every fragment. (The HIST_RESET bit is defined here 163 for upwards compatibility with future methods that may allow 164 statefulness.) 166 The sender MUST flush the compressor at the end of each 167 compressed fragment. Flushing means that all data going into 168 the compressor is included in the output, i.e., no data is held 169 back in the hope of achieving better compression. Flushing is 170 necessary to prevent a record's data from spilling over into a 171 later record. 173 2.2 Fragment Data 175 The Fragment Data field contains the data of 176 TLSPlaintext.fragment, in either compressed or uncompressed form. 177 The value of the COMPRESSED bit of the CC field is set 178 accordingly. The Fragment Data field is an integral number of 179 bytes in length. 181 3. Compression Procedure 183 The compression procedure consists of the following steps: 185 i) The sender resets the compression history and sets the 186 HIST_RESET bit of the CC field to 1. 188 ii) The sender decides whether or not to compress the fragment. 190 - If the sender chooses to compress the fragment, the LZS 191 algorithm is applied. The resulting compressed data is 192 formatted according to [ANSI94]. The COMPRESSED bit of the CC 193 field is set to 1. 195 Sabin, et al [Page 4] 196 - If the sender chooses not to compress the fragment, the 197 COMPRESSED bit of the CC field is set to 0. 199 iii) The CC field and Fragment Data field are concatenated. 201 An implementation SHOULD monitor the results of the fragment 202 compression operation and reject the operation if it results in 203 expansion. In such a case, the uncompressed fragment SHOULD be 204 transmitted with the COMPRESSED bit set to 1. 206 4. Decompression Procedure 208 The decompression procedure consists of the following steps: 210 i) The receiver checks the HIST_RESET bit of the CC field. If 211 HIST_RESET = 1, the decompression history is reset. If HIST_RESET 212 = 0, a TLS error alert of type "decompression_failure" is 213 declared. 215 ii) The receiver checks the COMPRESSED bit of the CC field. If 216 COMPRESSED = 1, the LZS decompression algorithm is applied to the 217 fragment data. If COMPRESSED = 0, decompression is not applied. 219 iii) The CC field is removed, leaving only the Fragment Data 220 field. 222 5. Security Considerations 224 Security issues are not discussed in this memo. 226 6. References 228 [ANSI94] American National Standards Institute, Inc., "Data 229 Compression Method for Information Systems," ANSI X3.241-1994, 230 August 1994. 232 [Calgary] Text Compression Corpus, University of Calgary, available 233 at 234 ftp://ftp.cpsc.ucalgary.ca/pub/projects/text.compression.corpus. 236 [RFC-1962] D. Rand, "The PPP Compression Control Protocol (CCP)," 237 RFC-1962, June 1996. 239 [RFC-1974] R. Friend and W. A. Simpson, "PPP Stac LZS Compression 240 Protocol," RFC-1974, August 1996. 242 [TLS] A. Frier, P. Karlton, P. Kocher, and T. Dierks, "The TLS 243 Protocol Version 1.0," work in progress, available at 245 Sabin, et al [Page 5] 246 ftp://ds.internic.net/draft-ietf-tls-protocol.00.txt, 247 November 1996. 249 7. Authors' Addresses 251 Michael Sabin 252 883 Mango Avenue 253 Sunnyvale, CA 94087 254 Email: mike.sabin@worldnet.att.net 256 Robert Monsour 257 Hi/fn Inc. 258 12636 High Bluff Drive 259 San Diego, CA 92130 260 Email: rmonsour@earthlink.net 262 Christopher Allen 263 Consensus Development Corporation 264 1563 Solano Avenue #355 265 Berkeley, CA 94707-2116 266 Email: christophera@consensus.com 268 8. Appendix: Compression Efficiency versus Fragment Size 270 The following table offers some guidance on the compression 271 efficiency that can be achieved as a function of fragment size. Each 272 entry in the table shows the compression ratio that was achieved when 273 the proposed method was applied to a test file using fragments of 274 a specified size. 276 The test file was the University of Calgary Text Compression Corpus 277 [Calgary]. The length of the file prior to compression was 3,278,000 278 bytes. When the entire file was compressed as a single fragment, a 279 compression ratio of 2.34 resulted. 281 Fragment size,| 64 128 256 512 1024 2048 4096 8192 16384 282 bytes | 283 --------------|---------------------------------------------------- 284 Compression |1.18 1.28 1.43 1.58 1.74 1.91 2.04 2.11 2.14 285 ratio | 287 Sabin, et al [Page 6]