Le 26/01/2018 à 11:18, internet-dra...@ietf.org a écrit :
> A New Internet-Draft is available from the on-line Internet-Drafts
> This draft is a work item of the Transport Layer Security WG of the IETF.
> Title : Transport Layer Security (TLS) Certificate
> Authors : Alessandro Ghedini
> Victor Vasiliev
> Filename : draft-ietf-tls-certificate-compression-02.txt
> Pages : 7
> Date : 2018-01-26
I am sorry I am late in the process of commenting this draft, but I have
a question about the CompressedCertificate message: why does it contain
an uncompressed_length field?
What is the point of this field which can not be trusted? If the idea is
to give a hint of how long a certificate is, we already know that.
Since the whole goal of this draft is to reduce the size of the message,
I would strongly suggest this field be removed. It is too much a
temptation to be considered as a reliable information for shaky
TLS mailing list