[Jingle] SRTP
Peter Saint-Andre
stpeter at stpeter.im
Sun Jul 27 20:39:34 CDT 2008
Robert McQueen wrote:
> Johansson Olle E wrote:
>> There is a huge difference between TLS in XMPP, which is hop to hop
>> protection,
>> and end-to-end security. I want to emphasize the peer2peer part of your
>> statement
>> here :-)
>
> Yeah, XTLS is the current suggested way for a simpler implementation of
> end to end security in XMPP. The idea is that you use Jingle to signal a
> peer to peer XMPP connection (XEP-0247), and then establish TLS over
> that connection with <starttls>. We discussed this a bit over dinner at
> the XMPP summit, I think Peter will follow up with more of the ideas.
Right. But probably not on this list, since that's a security topic, not
(directly) a Jingle topic. :)
>> I am not fully sure, but I think that there are modes of the MIKEY key
>> exchange
>> used for SRTP key exchange in SIP/SDP that doesn't require E2E protection.
>> They may rely on pre-shared keys though.
>>
>> Check RFC 4567 "Key Management Extensions for Session Description
>> Protocol (SDP) and Real Time Streaming Protocol (RTSP)" and
>> RFC3830. Both are, well, not judged as easy-reading material. :-)
>
> I'm happy to leave this to other people to wrangle with. Mostly we just
> need to be able to put some node in our RTP description which encodes
> the same information SDP does when SRTP is in use. I think Diana has the
> definition of that.
OK, cool. :)
/psa
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 7338 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mail.jabber.org/pipermail/jingle/attachments/20080727/b68a08de/attachment.bin
More information about the Jingle
mailing list