[Standards] xep-0177 - question about DTLS

Mikael Magnusson mikma264 at gmail.com
Wed Feb 7 18:23:42 UTC 2007

Robin Redeker wrote:

> http://www.xmpp.org/extensions/xep-0177.html
> A question arised when i read section 4.1 (End-to-End Data Encryption):
>    In order to secure the data stream, implementations SHOULD use
>    encryption methods appropriate to the transport method; in the case
>    of UDP, that would include Datagram Transport Layer Security (DTLS)
>    as specified in RFC 4347
> Who is the server and who is the client in those connections?
> Is the server side the initiating entity? And does that mean
> that all clients which are able to init such a transfer have
> to know about DTLS?

Maybe XEP-0117 over DTLS needs something similar to the 'setup' 
attribute used in draft-fischl-mmusic-sdp-dtls-01?

BTW, do you know any fully working open source DTLS library? The DTLS 
implementation in OpenSSL is buggy. I reported a bug in November 2005 
and supplied a patch[1], but it hasn't been fixed yet AFAIK.


[1] http://rt.openssl.org/Ticket/Display.html?id=1245

More information about the Standards mailing list