>> WG - I’d like to echo Alessandro request for reviews. If this outstanding >> WG item is not resolved before IETF103 we will discuss the outstanding issue >> there, and barring any other major issues we are planning to WGLC the draft >> after IETF103. >> >> One question: There was some discussion earlier about dictionaries. Are >> dictionaries being used in the current deployments? > > No, neither Chrome nor Cloudflare are using dictionaries. Something I forgot > to mention in my previous email is that the numbers are for plain brotli > compression, so without dictionary.
Just to check: is this still true for the excellent numbers we saw today? Surely it’s only the text-like parts of the certificate that are compressed. As EKR mentioned, presumably a bunch of the savings is from compressing the Subject of one cert against the Issuer of another. Perhaps there’s some ASN.1 framing too? If the Brotli dictionary were there, I’d expect to see compression of “Massachusetts” and “Czechia.” But versioning of that dictionary seems dangerous for the same reasons we talked about the hash table lookups being dangerous. Is there a space for a requirement that the decompression function contain no information flow from the algorithm, so that all bits in the output were present somewhere in the compressed input? -Brian _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls