"SSL compression" config & usage when SPDY's in use?
Maxim Dounin
mdounin at mdounin.ru
Thu Jul 12 21:30:59 UTC 2012
Hello!
On Thu, Jul 12, 2012 at 11:42:19AM -0700, pgndev wrote:
> I'm running
>
> nginx 1.3.3 + spdy/47
>
> SPDY's enabled and functioning. At least it's seen in headers,
> detected by browsers, etc.
>
> In Chromium, SSL site-cert popup reports
>
> "The connection does not use SSL compression."
>
> Reading
>
> SSL, Compression, and You
> http://www.belshe.com/2010/11/18/ssl-compression-and-you/
>
> Nginx memory usage with SSL
> http://www.toofishes.net/blog/nginx-memory-usage-ssl/
>
> http://trac.nginx.org/nginx/changeset/4186/nginx
>
> http://trac.nginx.org/nginx/changeset/4187/nginx
>
> I'm a bit confused as to what the expected/preferred behavior is, re:
> SSL compression,
>
> I've built against,
>
> openssl version
> OpenSSL 1.0.1c 10 May 2012
>
> so both
>
> SSL_OP_NO_COMPRESSION
> SSL_MODE_RELEASE_BUFFERS
>
> are certainly available. I understand they're disabled in nginx by
> default ... just unclear what should be done, and the result with it,
> when SPDY's in the loop.
>
> should Compression be ON? how, exactly, should that be config'd with spdy?
>
> any comment/clarification would be appreciated.
SPDY changes nothing here. Or, more stictly, it makes SSL
compression even more pointless, as it introduces headers
compression on it's own layer.
Maxim Dounin
More information about the nginx-devel
mailing list