[Ach] NO_COMPRESSION on postfix
Tobias Dussa (SCC)
tobias.dussa at kit.edu
Thu Dec 18 10:36:44 CET 2014
Hi,
On Thu, Dec 18, 2014 at 10:27:13AM +0100, Tim wrote:
> you recommend "tls_ssl_options = NO_COMPRESSION" on postfix, can you
> tell my why compression is a bad idea? I'm familiar with
> https://en.wikipedia.org/wiki/CRIME but this seems to only apply on http?
The idea is to have ONE set of SSL-related rules. The concrete configuration
snippets are just for convenience. -:)
So, it's a consistency thing.
Cheers,
Toby.
--
If "Microsoft Word" is the right tool to write longer texts, then why is it not
called "Microsoft Sentence" or "Microsoft Paragraph"?
----
Karlsruhe Institute of Technology (KIT)
Steinbuch Centre for Computing (SCC)
KIT-CERT
Tobias Dussa
CERT Manager, CA Manager
Zirkel 2
Building 20.21
76131 Karlsruhe, Germany
Phone: +49 721 608-42479
Fax: +49 721 608-9-42479
Email: tobias.dussa at kit.edu
Web: http://www.kit.edu/
KIT – University of the State of Baden-Wuerttemberg and
National Laboratory of the Helmholtz Association
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5716 bytes
Desc: not available
URL: <http://lists.cert.at/pipermail/ach/attachments/20141218/df37f479/attachment.bin>
More information about the Ach
mailing list