At ekoparty 2012, Thai Duong and Juliano Rizzo announced CRIME, a compression side-channel attack against HTTPS. An attacker with the ability to:
- Inject partial chosen plaintext into a victim's requests - Measure the size of encrypted traffic More info: https://www.djangoproject.com/weblog/2013/aug/06/breach-and-django/ The appropriate question for this group is: "How vulnerable Google App Engine is when SSL (and GZIP) is/are enabled??" -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/google-appengine. For more options, visit https://groups.google.com/groups/opt_out.
