RE: FW: New Version Notification for draft-thomson-http2-client-certs-01.txt from Mike Bishop on 2016-01-28 (ietf-http-wg@w3.org from January to March 2016)

From: Mike Bishop <Michael.Bishop@microsoft.com>
Date: Thu, 28 Jan 2016 23:31:16 +0000
To: Martin Thomson <martin.thomson@gmail.com>
CC: Kazuho Oku <kazuhooku@gmail.com>, HTTP Working Group <ietf-http-wg@w3.org>
Message-ID: <CY1PR03MB1374F64784E17F46AB58764687DA0@CY1PR03MB1374.namprd03.prod.outlook.com>

https://github.com/MikeBishop/http2-client-certs/commit/2315bd353bfe8aa123838b873205c6675fa60633

-----Original Message-----
From: Martin Thomson [mailto:martin.thomson@gmail.com] 
Sent: Thursday, January 28, 2016 2:02 PM
To: Mike Bishop <Michael.Bishop@microsoft.com>
Cc: Kazuho Oku <kazuhooku@gmail.com>; HTTP Working Group <ietf-http-wg@w3.org>
Subject: Re: FW: New Version Notification for draft-thomson-http2-client-certs-01.txt

On 29 January 2016 at 04:56, Mike Bishop <Michael.Bishop@microsoft.com> wrote:
> Do we have data on how commonly certificates are greater than 16KB in size?

I suppose that someone could check the CT log, but that is server certs only, so it might be a poor data source for client certs.

I'm inclined to take the bloody minded approach here and wait until someone complains.  16k is a pretty big cert.

And before someone brings up post-quantum crypto and 8M McEliece keys, I think that public key sizes need to be much smaller than 16k if that's going to be deployed.

Received on Thursday, 28 January 2016 23:31:46 UTC