> Well, it is true that NNTP can stay on TLS 1.2. News clients and news servers > can implement TLS 1.2 and use it. > The concern will be when TLS 1.2 is declared "flawed". Maybe one day it will > be considered insecure; and then, compliant TLS implementations won't be > able to use compression. That facility will then be lost.
Yes. It is widely recognized that in many cases, TLS-level compression is flawed (for example NNTP authinfo?). TLS 1.3 does not have it. So NNTP that needs compression can continue to use TLS 1.2, and if TLS 1.2 is "flawed" things can change. /r$ _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls