On Sat, Jul 29, 2023 at 10:47 PM Watson Ladd <watsonbl...@gmail.com> wrote:
> On Sat, Jul 29, 2023 at 8:35 PM Phillip Hallam-Baker > <ph...@hallambaker.com> wrote: > > > > Which compression scheme is this? > > Abridge certificate compression from > https://datatracker.ietf.org/meeting/117/session/tls > > > > Why is this compression scheme likely to take off when there was no > interest in pursuing my proposal or that of Rob Straddling ten years ago? > > > > I am not sure why the number of CAs would lead to issues either. Please > explain. > > Each CA has a root that has to be identified and an intermediate that > also needs identification. This increases the amount of data the > clients have to ship with. > Doesn't Firefox already ship with the full content of all root certificates, and also preemptively download all known valid intermediates? Taken as a whole, these only amount to ~2000 certificates; that's not exactly a large amount of data. How much efficiency can actually be gained here? https://blog.mozilla.org/security/2020/11/13/preloading-intermediate-ca-certificates-into-firefox/ Alex -- You received this message because you are subscribed to the Google Groups "dev-security-policy@mozilla.org" group. To unsubscribe from this group and stop receiving emails from it, send an email to dev-security-policy+unsubscr...@mozilla.org. To view this discussion on the web visit https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/CAN3-_m4r83nxu6NOda3X1SD%2BhVeownK2ejBXZ6tfAPY-CYg6KA%40mail.gmail.com.
