[Security] XEP-0166, XEP-0167, XTLS - crypto and other stories.
justin at affinix.com
Fri Dec 19 21:50:09 CST 2008
On Friday 19 December 2008 11:47:15 Dirk Meyer wrote:
> Justin Karneges wrote:
> > I think you can use a crypto layer in any application unless the
> > application says otherwise (e.g. if the application has its own mechanism
> > instead).
> Sorry, my fault. I mean you can not use _every_ crypto layer in any
> application, just like you can not use every transport. E.g. file
> transfer and SRTP is not possible, similar to file transfer and ICE-UDP.
My suggestion is that SRTP shouldn't count as a "Jingle crypto layer". SRTP
would be an application detail of Jingle RTP. There would only be two Jingle
crypto layers: TLS and DTLS.
This keeps the definition of a Jingle crypto layer simple: it's one that is
compatible with the underlying transport, and that works for any application
compatible with that transport. In other words, the usage of the crypto
layer does not modify the properties of the transport.
If we consider SRTP to be a "Jingle crypto layer" then we have to make our
definition more complex by defining compatible application types or
introducing new transport types. For example: ICE-UDP produces an unreliable
transport, Jingle SRTP consumes a reliable or unreliable transport and
produces an RTP transport, Jingle RTP consumes a reliable, unreliable, or RTP
transport. Mess. :)
My proposal does the least rocking of the boat.
More information about the Security