On 03.04.15 21:53, Salz, Rich wrote: > But on a larger scale, does anyone use TLS compression? It has > certainly caused problems with HTTP (see > http://en.wikipedia.org/wiki/CRIME). And the best practice these days is > to do it at the application layer, and feed the compressed bytes down to > TLS. How about at least implementing the length hiding mitigation suggested by the BREACH paper http://breachattack.com/resources/BREACH%20-%20SSL,%20gone%20in%2030%20seconds.pdf by randomly interspersing flush commands into the data stream (description and example implementation https://github.com/wnyc/breach_buster)? It's not perfect but for some use cases better than having no compression at all.
