[Jingle] SRTP

Peter Saint-Andre stpeter at stpeter.im
Sun Jul 27 20:39:34 CDT 2008


Robert McQueen wrote:
> Johansson Olle E wrote:
>> There is a huge difference between TLS in XMPP, which is hop to hop
>> protection,
>> and end-to-end security. I want to emphasize the peer2peer part of your
>> statement
>> here :-)
> 
> Yeah, XTLS is the current suggested way for a simpler implementation of
> end to end security in XMPP. The idea is that you use Jingle to signal a
> peer to peer XMPP connection (XEP-0247), and then establish TLS over
> that connection with <starttls>. We discussed this a bit over dinner at
> the XMPP summit, I think Peter will follow up with more of the ideas.

Right. But probably not on this list, since that's a security topic, not 
(directly) a Jingle topic. :)

>> I am not fully sure, but I think that there are modes of the MIKEY key
>> exchange
>> used for SRTP key exchange in SIP/SDP that doesn't require E2E protection.
>> They may rely on pre-shared keys though.
>>
>> Check RFC 4567 "Key Management Extensions for Session Description
>> Protocol (SDP) and Real Time Streaming Protocol (RTSP)" and
>> RFC3830. Both are, well, not judged as easy-reading material. :-)
> 
> I'm happy to leave this to other people to wrangle with. Mostly we just
> need to be able to put some node in our RTP description which encodes
> the same information SDP does when SRTP is in use. I think Diana has the
> definition of that.

OK, cool. :)

/psa

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 7338 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mail.jabber.org/pipermail/jingle/attachments/20080727/b68a08de/attachment.bin 


More information about the Jingle mailing list