On Fri, Jun 06, 2014 at 09:21:20AM -0500, Tom Browder wrote: > On Tue, Jun 3, 2014 at 3:52 PM, Tom Browder <tom.brow...@gmail.com> wrote: > > I have several SSL/TLS-only virtual sites running under Apache 2.4.7. > > I haven't turned on compression because of all the warnings about > > CRIME and BREACH. However, when I run my sites against web site > > analyzers they always suggest turning on compression. > > > > So what is the consensus? > > Ping! Anyone? >
The site that seems authoritative for testing SSL is https://www.ssllabs.com/ssltest/ -- David Benfell <benf...@parts-unknown.org> See https://parts-unknown.org/node/2 if you don't understand the attachment.
pgpBQIAAdUWuE.pgp
Description: PGP signature
