[Standards] XEP-0138 vs. TLS compression

Tomasz Sterna tomek at xiaoka.com
Tue Aug 28 20:13:03 UTC 2007


While implementing XEP-0138 for jabberd2 I have discovered the following
note:

http://www.openssl.org/docs/ssl/SSL_COMP_add_compression_method.html

NOTES
The TLS standard (or SSLv3) allows the integration of compression
methods into the communication. The TLS RFC does however not specify
compression methods or their corresponding identifiers, so there is
currently no compatible way to integrate compression with unknown peers.
It is therefore currently not recommended to integrate compression into
applications. [...]


This makes all our notes about using TLS compression and the order of
TLS and XEP-0138 at least questionable, don't it?

-- 
Tomasz Sterna
Xiaoka.com  http://www.xiaoka.com/




More information about the Standards mailing list