-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 2/3/13 8:57 AM, Dave Cridland wrote: > > On Feb 3, 2013 3:09 PM, "Salvatore Loreto" > <[email protected] > <mailto:[email protected]>> wrote: >> >> On 2/3/13 5:03 PM, Dave Cridland wrote: >>> >>> >>> On Feb 3, 2013 3:00 PM, "Salvatore Loreto" > <[email protected] > <mailto:[email protected]>> wrote: >>>> maybe it is not explicitly stated in the RFC, but this one of >>>> the > reason why >>>> you have the PING/PONG frame control in WebSocket >>> >>> Yes, that might reduce the likelihood of sessions dropping, but >>> 198 > allows a session to survive a drop. >> >> sure 198 does it, >> >> we also discussed in HyBi the possibility for WebSocket to >> survive to > a drop, >> but If I remember correctly people raised a lot of browser >> security > concerns at time >> > > Yes, because having authentication at the WebSocket layer was ruled > out. > > Because XMPP has auth, we get to have secure resumption.
Wow, it sure is handy to have stable identifiers and strong authentication, eh? In any case, we wouldn't do this at the WebSocket layer, it would happen at the level of the xmpp subprotocol. Peter - -- Peter Saint-Andre https://stpeter.im/ -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.18 (Darwin) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlEQN2sACgkQNL8k5A2w/vzWlgCgj1KgQrfVTRoqKIj9ZOVI5cRY T8AAn1AzKi90xdbqqXCC8cvXckZENqrU =/d6M -----END PGP SIGNATURE-----
