Dear Ladies and Gentlemen of the TLS Working Group, my name is Christos Alewa and I am writing you on behalf HOB GmbH & Co KG, a software enterprise from Germany, which specialises in development of software particularly for secure remote access. Our main product HOB RD VPN has received the Common Criteria EAL 4+ certificate by the German Federal Office for Information Security (BSI) which inadvertantly proves the level of security achieved - being the highest certificate available for commercial software.
I've been redirected to this e-mail in order to address our company's issue regarding the proposed cease of support for compression in the new TLS 1.3 protocol. That said, i will relay our modest request to you as I have done already before: Since we at HOB, use SSL to maintain long-running VPN connections, might it be possible to - at least - maintain the status quo of the TLS - protocol in this aspect, enabling and disabling compression if needed? As a proposal to negate the known side-attack on the compression rate, which is in my understanding the reason support for compression is to be removed altogether, our thoughts are that a possible way to prevent this kind of side-attack might be to insert a nonce (random data with random length) to SSL records of type "application data". These need to be inserted in the beginning of the SSL record payload, rendering the monitoring of the compression rate of an attacker useless. With regards, Christos Alewa Software Instructor +499103-715-3553 HOB GmbH & Co KG Cadolzburg,Germany ________________________________ Follow HOB: - HOB: http://www.hob.de/redirect/hob.html - Xing: http://www.hob.de/redirect/xing.html - LinkedIn: http://www.hob.de/redirect/linkedin.html - HOBLink Mobile: http://www.hob.de/redirect/hoblinkmobile.html - Facebook: http://www.hob.de/redirect/facebook.html - Twitter: http://www.hob.de/redirect/twitter.html - YouTube: http://www.hob.de/redirect/youtube.html - E-Mail: http://www.hob.de/redirect/mail.html HOB RD VPN - einfach, sicher und flexibel auf alle Unternehmensanwendungen und -daten zugreifen Praesentation unter: http://www.hob.de/rdvpn2/ HOB GmbH & Co. KG Schwadermuehlstr. 3 D-90556 Cadolzburg Geschaeftsfuehrung: Klaus Brandstaetter, Zoran Adamovic AG Fuerth, HRA 5180 Steuer-Nr. 218/163/00107 USt-ID-Nr. DE 132747002 Komplementaerin HOB electronic Beteiligungs GmbH AG Fuerth, HRB 3416
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
