On March 28, 2018 4:15:02 PM PDT, Peter Eisentraut <peter.eisentr...@2ndquadrant.com> wrote: >On 3/28/18 13:26, Konstantin Knizhnik wrote: >> If SSL compression is deprecated, should we provide own compression? >> I have implemented some prototype implementation of it (patch is >attached). >> I have added compression=on/off parameter to connection string and -Z >> option to psql and pgbench utilities. > >What I'd like to see here is extensive protocol documentation that >describes the compression method negotiation, and the interaction with >SSL, and a test suite to support that. > >Maybe start a new thread.
+analysis of whether that's safe to do from a cryptographic POV. There's a reason compression has been disabled for just about all SSL/TLS libraries. Andres -- Sent from my Android device with K-9 Mail. Please excuse my brevity.