Stream feature negotiation ordering. Was: Re: [jdev] S2S questions - from attribute and version support

Matthias Wimmer m at
Thu Apr 27 12:34:21 CDT 2006

Peter Saint-Andre schrieb:
> Stream compression is negotiated when you can't set the TLS 
> compression bit for whatever reason. I'd agree with Ralph that 
> negotiating this after TLS and before SASL (or jabber:iq:auth) makes 
> the most sense. So:
> 1. TLS
> 2. Stream compression
> 3. SASL etc. (or jabber:iq:auth)

I think stream compression should be negotiated AFTER doing SASL. The 
reason is that some SASL mechanisms can establish an encryption layer. 
If SASL encrypts the stream, stream compression would not work anymore.
Negotiating stream compression after doing SASL would result in being 
the stream first compressed and encrypted afterwards - which works.

Tot kijk

More information about the JDev mailing list