Welcome! Log In Create A New Profile

Advanced

Re: What about BREACH (CVE-2013-3587)?

J.R.
February 04, 2020 03:46PM
> testssl.ch still laments about BREACH, when tested against a recent
> nginx 1.16.
>
> Qualys ssllabs doesn't mention it at all.
>
> Is it fixed?
>
> Can you safely enable gzip on ssl-vhosts?

I think you are confusing TLS compression with HTTP compression...
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Subject Author Posted

What about BREACH (CVE-2013-3587)?

Anonymous User February 04, 2020 11:18AM

Re: What about BREACH (CVE-2013-3587)?

J.R. February 04, 2020 03:46PM

Re: What about BREACH (CVE-2013-3587)?

Rainer Duffner February 04, 2020 04:36PM

Re: What about BREACH (CVE-2013-3587)?

Frank Liu February 04, 2020 05:46PM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 97
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready