TLS Compression is dangerous and should be avoided on the public internet. It is disabled by default in OpenSSL 1.1.0 and later, but needs to be explicitly disabled for earlier releases.

From client perspective, we should protect our clients by ensuring SSL_OP_NO_COMPRESSION is set on the client side, making it irrelevant if the server lib supports it or not.

We should check if Secure Transport or Secure Channel needs similar workaround to disable compression