Comment 2 for bug 1058955
Revision history for this message
| Jason Gerard DeRose (jderose) wrote Re: Disabled TLS compression to protect against CRIME like attacks | #2 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
bbfa235
(Get the code!)
Interestingly, it's not possible to disable TLS compression under Apache 2.2, something we should keep in mind for our Apache SSL frontend servers:
https:/
From testing I've done, I've confirmed you can disabled it from the client-side, so we're covered as far as Microfiber goes. But we also have to worry about the CouchDB replicator.