| From: | Andres Freund <andres(at)anarazel(dot)de> |
|---|---|
| To: | pgsql-hackers(at)lists(dot)postgresql(dot)org,Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com>,Konstantin Knizhnik <k(dot)knizhnik(at)postgrespro(dot)ru> |
| Subject: | Re: disable SSL compression? |
| Date: | 2018-03-28 23:16:52 |
| Message-ID: | 39713CBC-3997-480A-88D2-84A0CBF7693A@anarazel.de |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On March 28, 2018 4:15:02 PM PDT, Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com> wrote:
>On 3/28/18 13:26, Konstantin Knizhnik wrote:
>> If SSL compression is deprecated, should we provide own compression?
>> I have implemented some prototype implementation of it (patch is
>attached).
>> I have added compression=on/off parameter to connection string and -Z
>> option to psql and pgbench utilities.
>
>What I'd like to see here is extensive protocol documentation that
>describes the compression method negotiation, and the interaction with
>SSL, and a test suite to support that.
>
>Maybe start a new thread.
+analysis of whether that's safe to do from a cryptographic POV. There's a reason compression has been disabled for just about all SSL/TLS libraries.
Andres
--
Sent from my Android device with K-9 Mail. Please excuse my brevity.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Isaac Morland | 2018-03-28 23:19:43 | Re: csv format for psql |
| Previous Message | Peter Eisentraut | 2018-03-28 23:16:20 | Re: committing inside cursor loop |