On Fri, Jun 6, 2014 at 10:16 AM, Jeff Trawick <traw...@gmail.com> wrote:
>> On Tue, Jun 3, 2014 at 3:52 PM, Tom Browder <tom.brow...@gmail.com> wrote:
>> > I have several SSL/TLS-only virtual sites running under Apache 2.4.7.
>> > I haven't turned on compression because of all the warnings about
>> > CRIME and BREACH.  However, when I run my sites against web site
>> > analyzers they always suggest turning on compression.
>> >
>> > So what is the consensus?
...
> I think the free "OpenSSL cookbook" part of Ivan Ristić's guide addresses
> some of your question.  There's also an Apache-specific chapter of the big
> book which I haven't looked at.

Thanks, Jeff--I forgot about Ivan's book!

Best regards,

-Tom

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Reply via email to