Page MenuHome GnuPG
Create Task
Maniphest T6001

Drop compression support in ntbtls
Closed, InvalidPublic
Actions

Description

TLS compression is insecure (CRIME attack), so ntbtls should drop support for it.

Details

External Link
https://en.wikipedia.org/wiki/CRIME

Event Timeline

DemiMarie created this task.May 23 2022, 5:51 PM
DemiMarie created this object in space S1 Public.
DemiMarie created this object with edit policy "Custom Policy".
werner closed this task as Invalid.May 23 2022, 10:54 PM
werner added a subscriber: werner.

ntbltls does not implement compression:

/* ret = deflate (&ssl->transform_out->ctx_deflate, Z_SYNC_FLUSH); */
ret = gpg_error (GPG_ERR_NOT_IMPLEMENTED);

;-)