[openssl-dev] removing compression?

Leif Thuresson leif.thuresson at foxt.com
Sun Apr 5 12:48:03 UTC 2015


I assume the questions is only about dropping compression in the TLS 
protocol?
I have no problem with that, but I would like keep the ability to use 
compression
in BIO filers so please don't drop zlib support all together.
Thanks,
/leif

On 03/04/15 21:53, Salz, Rich wrote:
>
> I am thinking about removing compression and would like to know what 
> the community thinks.
>
> At a minimum, I am going to remove the ability to add compression at 
> run-time.  This was never really documented. Moving forward, if 
> someone wants to add a new compression scheme they will need to modify 
> the OpenSSL source.  This means COMP_METHOD becomes an internal datatype.
>
> But on a larger scale, does anyone use TLS compression?  It has 
> certainly caused problems with HTTP (see 
> http://en.wikipedia.org/wiki/CRIME). And the best practice these days 
> is to do it at the application layer, and feed the compressed bytes 
> down to TLS.
>
> If this will cause problems for you, please post on the list, ideally 
> within the next week.
>
> Thanks.
>
> -- 
>
> Senior Architect, Akamai Technologies
>
> IM: richsalz at jabber.at Twitter: RichSalz
>
>
>
> _______________________________________________
> openssl-dev mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20150405/0e1f55a6/attachment-0001.html>


More information about the openssl-dev mailing list