On Mon, 16 Jan 2017 18:06:40 -0600 William A Rowe Jr <[email protected]> wrote:
> If so, maybe we teach both to step out of the way when SSL encryption > filters are in place? This would make no sense. Brotli is only supported over HTTPS by browsers. Compression-based attacks are a tricky problem, however someone has yet to show that they are abused in practice. But preventing deployment of a new compression algorithm doesn't help. You'd have to disable compression altogether to avoid them. -- Hanno Böck https://hboeck.de/ mail/jabber: [email protected] GPG: FE73757FA60E4E21B937579FA5880072BBB51E42
