On Tue, 2016-11-29 at 13:56 +0100, Hubert Kario wrote:

> > Given that certificates usually take up most of the bytes exchanged
> > during a
> > full handshake it seems this could be useful, but I don't know if
> > in
> > practice the benefits are worth the added complexity. Thoughts?
> 
> Decompressing completely untrusted and unverified data directly in
> theĀ 
> security library?
> No, I don't think we need more complex code in TLS implementations.

Well, PKIX/X.509 parsing seems to be order of magnitude more complex
than compression :)

regards,
Nikos

_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls

Reply via email to