Stream feature negotiation ordering. Was: Re: [jdev] S2S questions - from attribute and version support
Ralph Meijer
jabber.org at ralphm.ik.nu
Tue Jan 10 08:19:52 CST 2006
On Tue, Jan 10, 2006 at 01:57:43PM +0000, Tony Finch wrote:
> On Tue, 10 Jan 2006, Joe Hildebrand wrote:
>
> > > I want to note here that JEP-0138, Stream Compression, should be done
> > > after TLS negotiation. The JEP does not mention that it should also go
> > > before SASL but that seems fairly logical.
> >
> > why before SASL? It seems like the restart of the stream after SASL might be
> > interpreted to supersede the compressed stream.
>
> However the restart of the stream after SASL does not supersede TLS.
Right. I see it as an onion. You wrap your XML Streams in a
authenticated stream that is wrapped in an compressed stream that is
wrapped in a encrypted stream.
Surely it doesn't matter (much) if you compress before or after SASL,
but I suppose compressing as soon as possible gains you at least some
bytes. It also depends on how much traffic is in between establishing
the encryption layer and the point where you can start sending XML
Stanzas. Also note that if you use TLS compression, it is in effect
before SASL authentication.
--
Groetjes,
ralphm
More information about the JDev
mailing list