On Tue, Sep 19, 2000 at 03:00:28AM -0700, David Schwartz wrote:
> While I do agree that any encryption algorithm worth using should be able
> to withstand a known plaintext, I disagree that randomizing the plaintext is
> not valuable. For one thing, it's nobody's business exactly how many by
"David Schwartz" <[EMAIL PROTECTED]> writes:
> to withstand a known plaintext, I disagree that randomizing the plaintext is
> not valuable. For one thing, it's nobody's business exactly how many bytes
> your HTTP request is.
This is why SSL allows variable length padding, up to 255 bytes.
> I als
> "David Schwartz" <[EMAIL PROTECTED]> writes:
> > Speaking of which, does anyone know why SSL doesn't support any
> > compression? Not only would it save bandwidth, but it seems to
> > me that it
> > would improve the strength of the encryption by randomizing the
> > 'plaintext'.
> It does s
