Project

General

Profile

What is the right sequence of operations for session resumption (XEP-0198)

Igor Khomenko
Added over 4 years ago

With common chat login scenario we have next sequence of operations:

C is a client, S is a server

1
C: sends initial stream header 
S: sends response stream header with stream features

2
C: sends STARTTLS request
S: informs client to proceed with the TLS negotiation

3
C: sends new initial stream header 
S: sends response stream header with stream features requiring SASL negotiation and offering appropriate SASL mechanisms

4
C: sends auth credentials
S: sends success sasl response 

5
C: sends new initial stream header 
S: sends response stream header with stream features

6
C: sends bind resource request
S: sends success on binding

7
C: sends open session request
S: sends success response 

8
C: fetch roster
S: returns roster

9
C: sends initial presence

10
C: sends 'enable stream managements' request
S: sends 'enabled' response  

What is the right sequence of operations for session resumption (XEP-0198)?

Here is some description http://xmpp.org/extensions/xep-0198.html#resumption

Does it mean that we have to skip 6, 7, 8, 9, 10 steps and do session resumption after 5th(auth) step?


Replies (2)

Added by Andrzej Wójcik IoT 1 CloudTigaseTeam over 4 years ago

Yes, in stream resumption you need to skip steps 6-10 and do stream resumption as you are resuming a stream for which steps 6-10 where already done, why steps 1-5 are required to properly secure new connection.

Added by Igor Khomenko over 4 years ago

Thanks Andrzej!

this is what I wanted to hear

    (1-2/2)