[stunnel-users] Compression
Michal Trojnara
Michal.Trojnara at mirt.net
Fri Dec 9 19:31:45 CET 2011
Ludovic LEVET <llevet at ludosoft.org> wrote:
>Hi Mike,
>
>Yes, this is better to disable it by default.
>But do you project to return on openssl 1.0.0x for next release to
>control compression ?
>
>And why are you move from openssl 1.0.0 to 0.9.8 in version 4.48 to
>4.49
>? (for FIPS i suppose)
>
>Thank's.
>
>Ludovic.
>
>
>Le 09/12/2011 18:46, Michal Trojnara a écrit :
>> I wrote:
>>> My conclusion:
>>> I will add "compression = none" global option implemented as:
>>> #ifndef OPENSSL_NO_COMP
>>> sk_SSL_COMP_zero(SSL_COMP_get_compression_methods());
>>> #endif
>>
>> On second thought:
>> This might be probably even better to switch compression off by
>> default. The memory and CPU requirements of compression probably
>make
>> it a bad choice for ~90% of users.
>>
>> The available parameters will be:
>> - deflate - RFC 3749 https://www.ietf.org/rfc/rfc3749.txt
>> - zlib - OpenSSL 0.9.7 compatibility
>> - rle - OpenSSL 0.9.7 compatibility
>> The default will be to disable compression entirely.
>>
>> What do you think?
>>
>> Mike
>
>
>_______________________________________________
>stunnel-users mailing list
>stunnel-users at stunnel.org
>http://stunnel.mirt.net/mailman/listinfo/stunnel-users
No. Yes.
Mike
More information about the stunnel-users
mailing list