Skip to content
This repository has been archived by the owner on Apr 22, 2023. It is now read-only.
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: nodejs/node-v0.x-archive
base: 8803aa3af703
Choose a base ref
...
head repository: nodejs/node-v0.x-archive
compare: 8a79cca80cd3
Choose a head ref
  • 1 commit
  • 1 file changed
  • 1 contributor

Commits on Dec 15, 2013

  1. crypto: comment change on disabling compression 

    This is a comment change, where it originally says disabling TLS
Compression protects against BEAST attack. But in fact, it is the
CRIME attack(Compression Ratio Info-leak Made Easy) that makes use
of TLS Compression and not BEAST.

BEAST(Browser Exploit Against SSL/TLS) is an entirely another variant
making use of the chosen boundary attack against CBC mode in
encryption.

Just making sure, that the exact reason for disabling TLS compression
must be made clear and not be misleading with some other attack.
    @skepticfx @indutny
    skepticfx authored and indutny committed Dec 15, 2013
    Copy the full SHA
    8a79cca View commit details
    Browse the repository at this point in the history