On Tue, 2016-11-29 at 13:56 +0100, Hubert Kario wrote: > > Given that certificates usually take up most of the bytes exchanged > > during a > > full handshake it seems this could be useful, but I don't know if > > in > > practice the benefits are worth the added complexity. Thoughts? > > Decompressing completely untrusted and unverified data directly in > theĀ > security library? > No, I don't think we need more complex code in TLS implementations.
Well, PKIX/X.509 parsing seems to be order of magnitude more complex than compression :) regards, Nikos _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls