-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Kirill,
On 5/8/19 23:20, Kirill Ilyukhin wrote:
> This might be a bad idea, but I have exactly the same issue with
> static content (simple index.html file). Also BREACH vulnerability
> implies three conditions, a webapp developer may decide to use
Christopher,
This might be a bad idea, but I have exactly the same issue with static
content (simple index.html file). Also BREACH vulnerability implies three
conditions, a webapp developer may decide to use TLS+gzip because one of
them is not satisfied for a particular service. I suppose servers
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Kirill,
Is it a good idea to use TLS+gzip for dynamic services?
http://breachattack.com/
?
- -chris
On 5/8/19 08:27, Kirill Ilyukhin wrote:
> Mark,
>
> Could you please take a closer look to the issue? This happens with
> Safari and native apps
