[Jingle] Negotiation of SRTP in XEP-0167

Justin Karneges justin at affinix.com
Wed May 6 12:47:58 CDT 2009


On Wednesday 06 May 2009 10:37:07 Peter Saint-Andre wrote:
> On 4/23/09 1:04 PM, Peter Saint-Andre wrote:
> ***
>
> When the responder receives a session-initiate message containing an
> <encryption/> element, the responder MUST do one of the following:
>
>    1. Attempt to proceed with an encrypted session by including the
> acceptable credentials (i.e., the relevant <crypto/> element) in its
> session-accept message.
>    2. Attempt to proceed with an unencrypted session by not including
> any <crypto/> element in its session-accept message (it is up to the
> initiator to reject this attempt if desired).
>    3. Reject the initiator's offer by sending a session-terminate
> message with a Jingle reason of <security-error/> (typically with an
> RTP-specific condition of <invalid-crypto/>).
>
> Which of these the responder does is a matter of personal security
> policies or client configuration.
>
> ***

Looks good.


More information about the Jingle mailing list