This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthor

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Page revision history

Version Date Modified Size Author Changes ... Change note

Page References

Incoming links Outgoing links
TLS Compression
TLS Compression

Version management

Difference between version and

At line 1 added 20 lines
!!! Overview
[{$pagename}] as the name implies is Compression within [TLS].
%%warning
[{$pagename}] is [Deprecated] in [TLS 1.3]
%%
[RFC 3749] describes Transport Layer Security Protocol Compression Methods.
[TLS] has the ability to compress content prior to encryption. Compression does not protect against the [BEAST] attack, but it does make it more difficult.
Normally, the bytes sent by the attacker are encrypted and sent over the wire. With compression enabled, the bytes are first compressed, which means that the attacker no longer knows what exactly is encrypted. To make the attack work, the attacker would also have to guess the compressed bytes, which may be very difficult. For this reason, the original [BEAST] exploit implemented by Duong and Rizzo could not attack compressed TLS connections.
In some estimates, compression was enabled on about half of all web servers at the time [BEAST] was announced. However, client-side support for compression was very weak then and is nonexistent today
[{$pagename}] has been a target of several [Exploits] and generally it is considered that it should be disabled. [CRIME] ia a popular [Exploit] on [{$pagename}] and it has been stated that [{$pagename}] is dead and [CRIME] killed it.
!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthorTop