[openssl-users] removing compression?

Thomas Tanner tanner at gmx.net
Sat Apr 4 16:04:07 UTC 2015

On 03.04.15 21:53, Salz, Rich wrote:
> But on a larger scale, does anyone use TLS compression?  It has
> certainly caused problems with HTTP (see
> http://en.wikipedia.org/wiki/CRIME). And the best practice these days is
> to do it at the application layer, and feed the compressed bytes down to
> TLS.

How about at least implementing the length hiding mitigation suggested
by the BREACH paper
by randomly interspersing flush commands into the data stream
(description and example implementation
It's not perfect but for some use cases better than having no
compression at all.

More information about the openssl-users mailing list