Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

That's true, and you shouldn't support TLS compression anyway (to resolve attacks like CRIME).

You should also set SSL_MODE_RELEASE_BUFFERS to reclaim memory from idle SSL connections.



Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: