On November 27, 2002 03:24 pm, Kenneth R. Robinette wrote: > Um, well that's one approach. But its a little like saying "Lets let > SSL/TLS take care of agreeing on a cipher type, and then leave it up to > the user application to take care of the actual encryption/decrytion. > I would rather see the most commonly used methods inplemented within > SSL/TLS itself.
If the SSL/TLS implementation is doing the (de)compression I don't see what your point is. Ie. with this compression method negotiated by the client and server, the SSL/TLS would still be responsible for handling compression - it would just handle it on the application data before applying the SSL/TLS framing rather than compressing data inside it. From the application point of view, there's no need to implement anything. Did you misunderstand me or vice versa? Cheers, Geoff -- Geoff Thorpe [EMAIL PROTECTED] http://www.geoffthorpe.net/ ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]