[Standards] XEP-0138 vs. TLS compression
stpeter at stpeter.im
Tue Aug 28 22:01:07 UTC 2007
Tomasz Sterna wrote:
> While implementing XEP-0138 for jabberd2 I have discovered the following
> The TLS standard (or SSLv3) allows the integration of compression
> methods into the communication. The TLS RFC does however not specify
> compression methods or their corresponding identifiers, so there is
> currently no compatible way to integrate compression with unknown peers.
> It is therefore currently not recommended to integrate compression into
> applications. [...]
> This makes all our notes about using TLS compression and the order of
> TLS and XEP-0138 at least questionable, don't it?
I don't think it invalidates our recommendation to do TLS, then SASL,
then compression. However, if the server implementation doesn't have
compression support in its underlying TLS library then it should offer
and allow stream compression via XEP-0138.
Or so it seems to me.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 7338 bytes
Desc: S/MIME Cryptographic Signature
More information about the Standards