On Wed, Oct 08, 2003, Richard Levitte - VMS Whacker wrote: > In message <[EMAIL PROTECTED]> on Tue, 7 Oct 2003 19:16:59 +0200, "Dr. Stephen > Henson" <[EMAIL PROTECTED]> said: > > steve> On Tue, Oct 07, 2003, Richard Levitte - VMS Whacker wrote: > steve> > steve> > As has been seen in my last few commits, I got a bit obsessed with > steve> > compression. The way it works now, at least in 0.9.8-dev, is > steve> > compliant with draft-ietf-tls-compression-05.txt, as far as I can > steve> > tell. > steve> > steve> Interesting. Is it still stateless or does it retain the > steve> compression state for improved performance? > > It's stateful, as required by that draft. >
I'll have to look at that. I've got some non-blocking zlib BIO code which is probably best reimplemented using the compression method stuff: assuming its flexible enough. > steve> > The only thing that remains is something that itches me quite a bit. > steve> > As soon as SSLv23 is used, we can kiss compression goodbye, even if > steve> > SSLv2 has been disabled. > steve> > > steve> > steve> Maybe one for the TLS mailing list? I can think of ways to do > steve> this such as dummy ciphersuites etc but it would need to be > steve> standardised. > > I think that part is already answered by the following, taken from > appendix E in RFC 2246: > Ah, I'm itcing on a different thing then :-) I was thinking that there should be a way to represent supported compression methods in the v2 client hello. For example RFC2246 appendix E again has a general way of representing a V3 ciphersuite as a V2 one: V2CipherSpec (see TLS name) = { 0x00, CipherSuite }; something like: V2CipherSpec (see TLS name) = { 0xXX, 0xXX, CompressionMethod }; I suspect the reason this hasn't been done is that hardly anyone has implemented compression so far. Steve. -- Dr Stephen N. Henson. Core developer of the OpenSSL project: http://www.openssl.org/ Freelance consultant see: http://www.drh-consultancy.demon.co.uk/ Email: [EMAIL PROTECTED], PGP key: via homepage. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]