RFC Errata
RFC 7457, "Summarizing Known Attacks on Transport Layer Security (TLS) and Datagram TLS (DTLS)", February 2015
Source of RFC: uta (sec)
Errata ID: 4592
Status: Reported
Type: Technical
Publication Format(s) : TEXT
Reported By: Matthäus Wander
Date Reported: 2016-01-10
Section 2.6 says:
The TIME attack can be mitigated by disabling TLS compression. We are not aware of mitigations at the TLS protocol level to the BREACH attack, and so application-level mitigations are needed (see [BREACH]).
It should say:
The CRIME attack can be mitigated by disabling TLS compression. We are not aware of mitigations at the TLS protocol level to the TIME and BREACH attacks, and so application-level mitigations are needed (see [BREACH]).
Notes:
As explained in the second paragraph in 2.6, the TIME attack makes use of HTTP-level response compression (in fact, it does not matter on which layer the compression occurs, but exploitation of HTTP-level response compression has been demonstrated). Hence, it cannot be mitigated by disabling TLS compression alone.
Instead, CRIME can be mitigated by disabling TLS compression, as it exploits TLS-level compression of requests.