> On 20 Nov 2015, at 17:17, Mankin, Allison <[email protected]> wrote: > > This seems like content for the unified TLS/DTLS profiles draft that Sara, > Tiru and DKG are now working on.
Yes - this recommendation is already in our preliminary document. Sara. > > Sent from my iPhone > >> On Nov 20, 2015, at 12:00, Visweswaran, Gowri <[email protected]> >> wrote: >> >> Also, the wording in https://tools.ietf.org/html/rfc7525#section-3.3 >> (pasted below) be changed from SHOULD to MUST and re-worded: >> >> 3.3. Compression >> >> In order to help prevent compression-related attacks (summarized in >> Section 2.6 of [RFC7457]), implementations and deployments SHOULD >> disable TLS-level compression (Section 6.2.2 of [RFC5246]), unless >> the application protocol in question has been shown not to be open to >> such attacks. _______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
