I want to note here that JEP-0138, Stream Compression, should be done after TLS negotiation. The JEP does not mention that it should also go before SASL but that seems fairly logical.
why before SASL? It seems like the restart of the stream after SASL might be interpreted to supersede the compressed stream.
