[dlitz]

XMPP "when encrypted and compressed" seems fairly pointless; it's insecure.

The CRIME attack demonstrated that compress-then-encrypt fails to provide confidentiality if it mixes confidential data with attacker-controlled data.

[e12e]

CRIME allows for the recovery of certain parts of the cipher text, by sending many requests. I don't see an easy way to use it to apply it to xmpp (or imap).

In https, it is possible to enumerate certain headers, or other predictable data - session cookies in particular. How would you leverage the use of compression to attack xmpp?

[Zash]

Not easy, but it can be applied to XMPP: https://blog.thijsalkema.de/blog/2014/08/07/https-attacks-an...

[e12e]

Interesting. Perhaps digest auth should make a comeback with tls.

[and rate-limiting logins, obviously, as well as 2fa etc]