https://bugzilla.wikimedia.org/show_bug.cgi?id=33890

Roan Kattouw <roan.katt...@gmail.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |roan.katt...@gmail.com

--- Comment #20 from Roan Kattouw <roan.katt...@gmail.com> ---
(In reply to comment #18)
> @Roan: According to [1] "The nginx web-server was not vulnerable to CRIME
> since
> 1.0.9/1.1.6 (October/November 2011) using OpenSSL 1.0.0+, and since
> 1.2.2/1.3.2
> (June / July 2012) using all versions of OpenSSL". Disabling header
> compression
> sounds like a prudent measure though. Even without header compression SPDY
> saves bandwidth by avoiding re-sending identical headers for each request.
> 
Which I believe is what HTTP 2.0 does too: only send modified headers, but
don't compress their contents.

-- 
You are receiving this mail because:
You are the assignee for the bug.
You are on the CC list for the bug.
_______________________________________________
Wikibugs-l mailing list
Wikibugs-l@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikibugs-l

Reply via email to