GNUTLS-SA-2012-4 notes the CRIME attack:
http://www.gnu.org/software/gnutls/security.html
and indicates that GnuTLS does not enable compression by default. It also indicates that if compression is enabled, use the CBC ciphers which, while not mitigating the attack, make it substantially harder to succeed.
GNUTLS-SA-2012-4 notes the CRIME attack:
http:// www.gnu. org/software/ gnutls/ security. html
and indicates that GnuTLS does not enable compression by default. It also indicates that if compression is enabled, use the CBC ciphers which, while not mitigating the attack, make it substantially harder to succeed.