[openssl-dev] removing compression?
Alexey Melnikov
alexey.melnikov at isode.com
Tue Apr 7 16:00:19 UTC 2015
Hi Rich,
On 03/04/2015 20:53, Salz, Rich wrote:
>
> I am thinking about removing compression and would like to know what
> the community thinks.
>
> At a minimum, I am going to remove the ability to add compression at
> run-time. This was never really documented. Moving forward, if
> someone wants to add a new compression scheme they will need to modify
> the OpenSSL source. This means COMP_METHOD becomes an internal datatype.
>
> But on a larger scale, does anyone use TLS compression? It has
> certainly caused problems with HTTP (see
> http://en.wikipedia.org/wiki/CRIME). And the best practice these days
> is to do it at the application layer, and feed the compressed bytes
> down to TLS.
>
> If this will cause problems for you, please post on the list, ideally
> within the next week.
>
Isode is using TLS compression with IMAP and XMPP, so removing
compression altogether would be an inconvenience. We don't use adding
compression at run-time.
Best Regards,
Alexey
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20150407/e32fc581/attachment.html>
More information about the openssl-dev
mailing list