Hello, Here's a fresh new update based on the latest round of discussion.
On Fri, Jan 26, 2018 at 02:18:21AM -0800, internet-dra...@ietf.org wrote: > > A New Internet-Draft is available from the on-line Internet-Drafts > directories. > This draft is a work item of the Transport Layer Security WG of the IETF. > > Title : Transport Layer Security (TLS) Certificate > Compression > Authors : Alessandro Ghedini > Victor Vasiliev > Filename : draft-ietf-tls-certificate-compression-02.txt > Pages : 7 > Date : 2018-01-26 > > Abstract: > In Transport Layer Security (TLS) handshakes, certificate chains > often take up the majority of the bytes transmitted. > > This document describes how certificate chains can be compressed to > reduce the amount of data transmitted and avoid some round trips. > > > The IETF datatracker status page for this draft is: > https://datatracker.ietf.org/doc/draft-ietf-tls-certificate-compression/ > > There are also htmlized versions available at: > https://tools.ietf.org/html/draft-ietf-tls-certificate-compression-02 > https://datatracker.ietf.org/doc/html/draft-ietf-tls-certificate-compression-02 > > A diff from the previous version is available at: > https://www.ietf.org/rfcdiff?url2=draft-ietf-tls-certificate-compression-02 The main changes are: * The CompressedCertificate message itself now carries the selected compression algorithm, rather than it being specified in a ServerHello extension. This means that client and server can independently select an algorithm for their own certificates (or none at all as in the previous version) rather than using the one picked by the server. * The server now advertises support for compressed client certitificates as an extension in the CertificateRequest message (so different sets of algorithms can be used for client compression). * The feature is now TLS >= 1.3 only, due to the dependency on extensions in CertificateRequest and to avoid middlebox interference. Me and Victor would like to ask for early codepoints assignment again, if you think we are ready now. Cheers _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls