[gnutls-devel] removing compression

Daniel Kahn Gillmor dkg at fifthhorseman.net
Wed Jun 7 16:17:21 CEST 2017


On Tue 2017-06-06 18:21:24 +0200, Nikos Mavrogiannopoulos wrote:
>  As I dig into TLS 1.3 support where compression is no longer
> supported, I realized that keeping compression for TLS 1.2 or earlier
> would only cause problems by making complex code even more
> complicated. As TLS compression is already considered insecure, I
> would like to drop that support completely (an MR is at [0]), unless
> there are serious objections. If none, I'll merge that removal by the
> end of this month.

I support this change.  Application protocols that want to compress can
do it in the application layer, where they have some hope of avoiding
compression that mixes untrusted data with trusted data (see the recent
work on improving NNTP over TLS).  Uniform compression over the entire
stream just doesn't make sense from a security standpoint, and it makes
for a security toolkit to put that kind of footgun out of reach of
casual users.

Thanks for making this change,

         --dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 832 bytes
Desc: not available
URL: </pipermail/attachments/20170607/0f26c2b8/attachment.sig>


More information about the Gnutls-devel mailing list