On Feb 3, 2013 3:09 PM, "Salvatore Loreto" <[email protected]> wrote: > > On 2/3/13 5:03 PM, Dave Cridland wrote: >> >> >> On Feb 3, 2013 3:00 PM, "Salvatore Loreto" <[email protected]> wrote: >> > maybe it is not explicitly stated in the RFC, but this one of the reason why >> > you have the PING/PONG frame control in WebSocket >> >> Yes, that might reduce the likelihood of sessions dropping, but 198 allows a session to survive a drop. > > sure 198 does it, > > we also discussed in HyBi the possibility for WebSocket to survive to a drop, > but If I remember correctly people raised a lot of browser security concerns at time >
Yes, because having authentication at the WebSocket layer was ruled out. Because XMPP has auth, we get to have secure resumption. >
