[stunnel-users] Compression

• Previous message (by thread): [stunnel-users] Compression
• Next message (by thread): [stunnel-users] Compression
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi Mike,

Yes, this is better to disable it by default.
But do you project to return on openssl 1.0.0x  for next release to 
control compression ?

And why are you move from openssl 1.0.0 to 0.9.8 in version 4.48 to 4.49 
? (for FIPS i suppose)

Thank's.

Ludovic.


Le 09/12/2011 18:46, Michal Trojnara a écrit :
> I wrote:
>> My conclusion:
>> I will add "compression = none" global option implemented as:
>> #ifndef OPENSSL_NO_COMP
>>     sk_SSL_COMP_zero(SSL_COMP_get_compression_methods());
>> #endif
>
> On second thought:
> This might be probably even better to switch compression off by 
> default.  The memory and CPU requirements of compression probably make 
> it a bad choice for ~90% of users.
>
> The available parameters will be:
>  - deflate - RFC 3749 https://www.ietf.org/rfc/rfc3749.txt
>  - zlib - OpenSSL 0.9.7 compatibility
>  - rle - OpenSSL 0.9.7 compatibility
> The default will be to disable compression entirely.
>
> What do you think?
>
> Mike 

• Previous message (by thread): [stunnel-users] Compression
• Next message (by thread): [stunnel-users] Compression
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]