This is documented. Quote from http://nginx.org/en/docs/http/ngx_http_gzip_module.html
*When using the SSL/TLS protocol, compressed responses may be subject to BREACH <https://en.wikipedia.org/wiki/BREACH> attacks. * On Tue, Feb 4, 2020 at 1:35 PM Rainer Duffner <rai...@ultra-secure.de> wrote: > > > Am 04.02.2020 um 21:38 schrieb J.R. <themadbea...@gmail.com>: > > I think you are confusing TLS compression with HTTP compression... > > > > > Probably. > I read that later somewhere else. > > I just wonder why it’s lumped-in in testssl.sh. > > > _______________________________________________ > nginx mailing list > nginx@nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx
_______________________________________________ nginx mailing list nginx@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx
