[Standards] XTLS revisited
dmeyer at tzi.de
Mon Dec 15 20:18:48 UTC 2008
Dave Cridland wrote:
> On Mon Dec 15 17:16:19 2008, Dirk Meyer wrote:
>> Yes. The question is: what do we want? Jingle-based allows direct
>> connections with the cost of many additional roundtrips: while XTLS
>> needs 3 roundtrips, Jingle XML streams need at least 7, maybe more
>> depending on the transport.
> Interesting - yes, you've got one RTT for XTLS negotiation, whereas
> it's 3 or so for Jingle (I thought - given that you're saying 3 vs 7
> I might well have missed one).
Jingle XML Streams do not only use Jingle, they also use a normal stream
setup similar to client/server communication: one roundtrip Jingle, at
least one for the transport (IBB) to open the stream. These are
two. After that we have stream setup, STARTTLS feature negotiation,
TLS itself (2 rt), and a stream restart. Sums up to 7. XTLS needs one rt
for itself + 2 for TLS.
> And I agree that's an issue we should be addressing, since it'll
> affect not only encryption, but file transfer, too.
No, if we would use TLS directly on Jingle it would be less.
> Am I the only one who has alarm bells ringing when we're told that
> our flagship protocol for negotiating end-to-end streams isn't
> suitable for negotiating end-to-end streams?
Not suitable for e2e XML streams. For other use cases incl. TLS over
Jingle without the stream stuff it is simpler. BTW, adding TLS for any
Jingle stream would be also nice to have.
> I'm sure what *ought* to be better.
Someday I'll find that peer and reset his connection!
More information about the Standards