|
Security and privacy in BEEP are per-session, not per-channel. Thus you couldn't actually do a TLS encrypted request while simultaneously streaming unencrypted images in the same session.
One of the nice things about BEEP is that it takes the "upgrade" approach to TLS usage rather than the "separate port" approach. That means that you don't have to define two ports for BEEP-based protocols; instead, a peer can "tune" an existing connection for privacy - using TLS or a SASL defined mechanism like DIGEST-MD5 - on demand at any time during the session.
|
Previous Message
