Peter Saint-Andre schrieb:
Stream compression is negotiated when you can't set the TLS
compression bit for whatever reason. I'd agree with Ralph that
negotiating this after TLS and before SASL (or jabber:iq:auth) makes
the most sense. So:
1. TLS
2. Stream compression
3. SASL etc. (or jabber:iq:auth)
I think stream compression should be negotiated AFTER doing SASL. The
reason is that some SASL mechanisms can establish an encryption layer.
If SASL encrypts the stream, stream compression would not work anymore.
Negotiating stream compression after doing SASL would result in being
the stream first compressed and encrypted afterwards - which works.
Tot kijk
Matthias
