[Jingle] Negotiation of SRTP in XEP-0167

Peter Saint-Andre stpeter at stpeter.im
Wed Apr 22 15:40:34 CDT 2009


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 4/22/09 11:34 AM, Paul Witty wrote:
> XEP-0167 states:
> "When the responder receives a session-initiate message containing an
> <encryption/> element, the responder MUST either (1) accept the offer by
> denoting one of the <crypto/> elements as acceptable (it does this by
> mirroring that <crypto/> element in its session acceptance) or (2)
> reject the offer by sending a session-terminate message with a Jingle
> reason of <security-error/> (typically with an RTP-specific condition of
> <invalid-crypto/>)."
> However, this is only true when encryption is required, as otherwise it
> also has the option of responding without any encryption.

Good point. How is this?

***

When the responder receives a session-initiate message containing an
<encryption/> element with the 'required' attribute set to TRUE, the
responder MUST either (1) accept the offer by denoting one of the
<crypto/> elements as acceptable (it does this by mirroring that
<crypto/> element in its session acceptance) or (2) reject the offer by
sending a session-terminate message with a Jingle reason of
<security-error/> (typically with an RTP-specific condition of
<invalid-crypto/>).

If the 'required' attribute is set to FALSE (this is the default),
depending on personal security policies or client configuration the
responder SHOULD accept the offer if possible, but MAY simply proceed
without encryption.

***

> Additionally, example 7 looks to be a copy of example 6, when it should
> be a message in the other direction (from romeo at montague.lit/orchard to
> juliet at capulet.lit/balcony).

Fixed.

Peter

- --
Peter Saint-Andre
https://stpeter.im/

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAknvgMIACgkQNL8k5A2w/vzUNgCePXbLgmg/wDyXxlBfPn4PpCm3
fKgAoN3fgs+Vcg8/KQIKExECgCnE43m6
=GLa3
-----END PGP SIGNATURE-----


More information about the Jingle mailing list