On 13/08/2010 10:50 PM, Bruce Momjian wrote:
I thought all SSL traffic was compressed, unless you turned that off. It is just SSH that is always compressed?
Frankly, I thought all SSL traffic was compressed too, but the reading I've just been doing suggests otherwise. It looks like compression *is* done as part of cyphering and hashing and is used during key exchange etc, but the actual application data being transported isn't compressed. At least, that's how it seems to me from the digging I've just been doing, though I want to look into it more.
AFAIK SSH isn't always compressed. It's only compressed if you pass the "-C" flag, set -o Compression=yes, or add Compression=yes to .ssh/config or /etc/ssh/ssh_config .
I'll admit being surprised, as it's widely stated that crypto is much stronger if the data to be protected is compressed first. I guess the CPU costs are significant enough that it's not widely done for bulk data, though, only for the critical parts like negotiating and exchanging the session key.
-- Craig Ringer -- Sent via pgsql-general mailing list (pgsql-general@xxxxxxxxxxxxxx) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general
