[DOC] Guide to Nginx + SSL + SPDY

Valentin V. Bartenev vbart at nginx.com
Thu Sep 12 16:58:31 UTC 2013


On Thursday 12 September 2013 20:24:38 mex wrote:
> Updates:
> 
> - SSL Client Authentication
> - BREACH
> - incorporated suggestions from the list
> 
> 
> http://www.mare-system.de/guide-to-nginx-ssl-spdy-hsts/
> 


In your section about BREACH requirements:

 - User-Data transfered via GET/POST - parameters

actually wrong statement.  The right one is:

 - Reflect user-input in HTTP response bodies 

(from breachattack.com)


  wbr, Valentin V. Bartenev



More information about the nginx mailing list