Craig Ringer <craig@2ndquadrant.com> writes: > Yep... and I'm not sure it's actually doing SSL compression, rather than > compression of the stream *inside* the SSL socket.
Worth noting here is that many/most people have abandoned use of SSL compression because it is now known to render the stream more decryptable. I do not know whether that objection also applies to doing separate compression "inside the socket" as you put it.
Whether or not it does, if it's not actual SSL compression it won't interoperate with PostgreSQL - as you know, PostgreSQL doesn't support data stream compression on the socket.
Some people are trying to use SSL compression as a workaround for this. I think the real answer is probably to just add PostgreSQL protocol-level support for compression, rather than trying to (ab)use SSL for it.