Regarding encryption and compression:
- XMPP Core defines TLS encryption, specifically STARTTLS
- XEP-0138  defines Zlib compression
ejabberd currently implements:
But only one of those options can be used at the same time by a client in ejabberd right now.
The current TLS specs allow compression, but it's difficult to implement the required negotiation .
Since the compression feature included in TLS can't be used, the only way is TLS + XEP-0138, as described in XEP-0170. Order of negotiation:
3. Stream compression
4. Resource binding
Feature request reported by Kostix in the ejabberd chatroom.
 From the man page on SSL_COMP_add_compression_method(3) (OpenSSL):
The TLS standard (or SSLv3) allows the integration of compression methods into the communication. The TLS RFC does however not specify compression methods or their corresponding identifiers, so there is currently no compatible way to integrate compression with unknown peers. It is therefore currently not recommended to integrate compression into applications. Applications for non-public use may agree on certain compression methods. Using different compression methods with the same identifier will lead to connection failure.