On Mon 2017-07-31 18:10:39 +0200, Jason A. Donenfeld wrote:

> No, not a chance. Compression is really better left for upper layers.
> I'm not sure I see the value in adding at layer 3. This is an
> especially contentious issue because of the history of complex and
> catastrophic interactions between compression and encryption (such as
> the CRIME and BREACH attacks against TLS).

I just wanted to second this response.  Jason's making absolutely the
right choice here, since content-agnostic transports like wireguard have
no way of knowing whether a given stream is a mixture of
confidentiality-sensitive data and attacker-controlled data.

If your application layer knows that certain things can be safely
compressed, it should do the compression itself.

            --dkg