On 2/5/13 1:06 AM, Dave Cridland wrote: > > > On 5 Feb 2013 03:26, "Peter Saint-Andre" <[email protected] > <mailto:[email protected]>> wrote: > > > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: SHA1 > > > > On 2/3/13 8:57 AM, Dave Cridland wrote: > > > > > > On Feb 3, 2013 3:09 PM, "Salvatore Loreto" > > > <[email protected] <mailto:[email protected]> > > > <mailto:[email protected] > <mailto:[email protected]>>> wrote: > > >> > > >> On 2/3/13 5:03 PM, Dave Cridland wrote: > > >>> > > >>> > > >>> On Feb 3, 2013 3:00 PM, "Salvatore Loreto" > > > <[email protected] <mailto:[email protected]> > > > <mailto:[email protected] > <mailto:[email protected]>>> wrote: > > >>>> maybe it is not explicitly stated in the RFC, but this one of > > >>>> the > > > reason why > > >>>> you have the PING/PONG frame control in WebSocket > > >>> > > >>> Yes, that might reduce the likelihood of sessions dropping, but > > >>> 198 > > > allows a session to survive a drop. > > >> > > >> sure 198 does it, > > >> > > >> we also discussed in HyBi the possibility for WebSocket to > > >> survive to > > > a drop, > > >> but If I remember correctly people raised a lot of browser > > >> security > > > concerns at time > > >> > > > > > > Yes, because having authentication at the WebSocket layer was ruled > > > out. > > > > > > Because XMPP has auth, we get to have secure resumption. > > > > Wow, it sure is handy to have stable identifiers and strong > > authentication, eh? > > > > Yes, it turns out to be useful, much to everyone's surprise. > > Though transient identifiers, such as resources or TLS sessions are > just as good here, as long as they're able to be authenticated. > > > In any case, we wouldn't do this at the WebSocket layer, it would > > happen at the level of the xmpp subprotocol. > > > > Right. XEP-0198 over XMPP over WebSocket. > > As I recall, Lance has plans to add something about this to draft-moffitt-xmpp-over-websocket (which will become draft-ietf-xmpp-websocket or somesuch, if Lance coordinates with the XMPP WG chairs).
Peter
