Re: SSL compression

At 2021-11-08 08:41:42 +0100, mjbaars1977.pgsql.hackers@gmail.com wrote:
>
> Could someone please explain to me, why compression is being
> considered unsafe / insecure?

https://en.wikipedia.org/wiki/CRIME

> Might the underlying reason be, that certain people have shown
> interest in my libpq/PQblockwrite algorithms (
> https://www.postgresql.org/message-id/c7cccd0777f39c53b9514e3824badf276759fa87.camel%40cyberfiber.eu)
> but felt turned down and are now persuading me to trade the algorithms
> against SSL compression, than just say so please. I'll see what I can
> do.

The whole world is trying to move away from TLS compression (which has
been removed from TLS 1.3). It has nothing to do with you.

-- Abhijit