Different compression scheme
Posted Sep 20, 2012 5:45 UTC (Thu) by alonz
In reply to: Different compression scheme
Parent article: CRIME Attack Uses Compression Ratio of TLS Requests as Side Channel to Hijack Secure Sessions (threatpost)
Another option is to reset the compression state between the headers and payload (I know many compression schemes have a special control code to do this — unfortunately I don't know if SSL/TLS compression does).
to post comments)