How to turn off gzip compression for SSL traffic
B.R.
reallfqq-nginx at yahoo.fr
Mon Aug 19 15:46:04 UTC 2013
On Mon, Aug 19, 2013 at 2:04 AM, Igor Sysoev <igor at sysoev.ru> wrote:
> Incorrect.
>
> CRIME attacks a vulnerability in the implementation of SSLv3 and TLS1.0
> using CBC flaw: the IV was guessable. Hte other vulnerability was a
> facilitator to inject automatically arbitrary content (so attackers could
> inject what they wish to make their trail-and-error attack).
> CRIME conclusion is: use TLS v1.1 or later (not greater than v1.2 for now).
>
>
> You probably mix up it with BEAST.
>
You're right. I mixed up things...
---
*B. R.*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20130819/adb7ab03/attachment.html>
More information about the nginx
mailing list