On Sat, Mar 9, 2013 at 5:33 PM, Philipp Hancke <[email protected]>wrote:
> Don't use STARTTLS, just multiplex TLS on port 5222 by peek'ing the first > byte (which should be 0x16). jabberd has supported that for ages, it works > quite reliably for TLSv1 client hellos (and slightly less for sslv2) Prosody does that too for HTTP, SSL and SSL if I recall correctly...just wondered what the correct way of doing TLS resumption is. XEP-0198 seems to suggest resumption on STARTTLS, which does feel strange since you'd loose a lot through the extra rount-trips. Although I agree, best would be to just do TLS resumption on the usual XMPP port as advertised via SRV for that domain, which would require the aforementioned port multiplexing. Does jabberd support TLS resumption? If so what client has it been tested against if any at all?
_______________________________________________ JDev mailing list Info: http://mail.jabber.org/mailman/listinfo/jdev Unsubscribe: [email protected] _______________________________________________
