[Dovecot] SSL + compression?
Johannes Berg
johannes at sipsolutions.net
Sat Jun 21 01:09:26 EEST 2008
On Fri, 2008-06-20 at 23:04 +0100, Ed W wrote:
> Johannes Berg wrote:
> > > I don't think it does be default. The only what I know is to establish a
> > > compressed SSH tunnel to your server and then access the server over the
> > > tunnel. It will compress and give you an extra layer of encryption.
> > >
> >
> > Umm, no. It will not compress. Think about it, encrypted data is
> > fundamentally not compressible, that's the whole point.
> >
> >
>
> We are way off topic...
:)
> Back to the original question - discount SSH - how do we get
> compression + SSL out of openssl..
I don't think it's possible. OpenSSL says, in the NOTES section of
SSL_COMP_add_compression_method(3):
The TLS standard (or SSLv3) allows the integration of
compression methods into the communication. The TLS RFC does
however not specify compression methods or their corresponding
identifiers, so there is currently no compatible way to
integrate compression with unknown peers. It is therefore
currently not recommended to integrate compression into
applications. Applications for non-public use may agree on
certain compression methods. Using different compression methods
with the same identifier will lead to connection failure.
johannes
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part
Url : http://dovecot.org/pipermail/dovecot/attachments/20080621/21879112/attachment.bin
More information about the dovecot
mailing list