On Tuesday 17 January 2012 04:13 PM, Jakob Bohm wrote:
On 1/17/2012 11:27 AM, nilesh wrote:
Hi,
As per the RFC2246, the data might be compressed and then encrypted.
And the decryption function does the reverse operations.
But when I setup server to capture SSL3.0 and TLS1.0 traces, I have
never observed any compression algorithm being used.
The record is just encrypted and sent.
Could someone please explain if compression operation is configurable
option on Server? Is it not always present?
1. I think OpenSSL implements this feature, but I don't know
how a server and client might request it from the OpenSSL code.
2. Most protocols used with SSL/TLS already include their own
means of compressing data before handing it to SSL, so for
those protocols, enabling SSL/TLS compression would be of so
little use that few implementations would enable it for those
applications. The most notable example is HTTP/1.x over SSL
(https), where there are HTTP headers for requesting
compression independently of the use of SSL.
Thanks. Yes, I have been trying to capture HTTPS packets specifically
(with http/1.1),
and never saw compression algo mentioned in SSL header.
--
Thanks,
Nilesh
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
