Specifications
Compression Techniques (IPComp)
94 AVM Access Server – 5 AVM Access Server Concepts and Functional Principles
In this case, the digital signature is considered to be valid.
A certificate is valid if the following conditions are met:
The certificate was issued by a certification authority that the AVM
Access Server trusts. In other words, the certification authority’s
root certificate must be present in the AVM Access Server.
The certification authority’s digital signature must be valid. The
AVM Access Server can verify this using the certification authori-
ty’s root certificate. The digital signature is a hash fingerprint of
the certificate encrypted with the secret key of the root certificate.
The certificate has not expired.
The certificate has not been revoked. In other words, it is not list-
ed in the issuing certification authority’s revocation list.
Compression Techniques (IPComp)
Encrypted data cannot be compressed. This is because compression
techniques generally take advantage of repetition within a data string.
When a repetition is found, the encryption algorithm substitutes a
symbolic reference to the first occurrence. A good encryption algorithm
produces a seemingly random string, however—that is, one containing
few repetitions. (Otherwise it would be relatively easy to decrypt a
message using statistical methods, such as letter frequencies, if the
language used is known.) For this reason, if compression is desired, it
must be applied before encryption is performed. This is done by the IP-
Comp protocol. Three compression methods are possible in IPComp:
Deflate (RFC 2394)
LZS (RFC 3051), also used in Stac compression (RFC 1974)
LZJH (RFC 2395), which corresponds to V.44, used in the modem
protocol V.92
The AVM Access Server implements all three compression methods.