[Standards] LAST CALL: XEP-0353 (Jingle Message Initiation)
andrew.nenakhov at redsolution.com
Thu Aug 29 11:24:34 UTC 2019
I might be late to the party. This email was sent by me on August 03 after
changing my email address and resubscribing to this list, but it seems that
I wasn't put through. My points against XEP-0353 in current form still
stand. I obviously missed all conversations here in August, so I might need
to catch up on this though.
сб, 3 авг. 2019 г. в 21:04, Andrew Nenakhov <andrew.nenakhov at redsolution.com
> вт, 30 июл. 2019 г. в 23:42, Jonas Schäfer <jonas at wielicki.name>:
>> 1. Is this specification needed to fill gaps in the XMPP protocol
>> stack or to clarify an existing protocol?
>> 2. Does the specification solve the problem stated in the introduction
>> and requirements?
> Partially. This specification is not suitable to work with clients that
> rely on push notifications and fetching messages from an archive.
> 3. Do you plan to implement this specification in your code? If not,
>> why not?
> We have implemented this specification on iOS client, and discovered that
> it is unsuitable in real life scenarios. We have updated it with additional
> callback routine, the changes and stanza format is described here:
> This modified solution does the job. We have also created a test bot for
> testing automated VoIP calling, bot's address is devbot at dev.xabber.com
> (calling bot works well, receiving calls from bot has some bugs at the
> moment). One may perform calls using preview version
> <https://github.com/redsolution/xabber-ios/wiki/preview> of Xabber for
> iOS (it's under construction at the moment and has quite a number of bugs,
> but VoIP is mostly working by now).
> 4. Do you have any security concerns related to this specification?
> Yes. Security considerations does not cover the issue of private
> information exposure (IP address) to remote party when taking part in a
> jingle session. This is covered in XEP-0166 Security Considerations though,
> but I think it should make sense that taking part in jingle session not
> only results in a presence leak, but also in disclosure of IP.
> 5. Is the specification accurate and clearly written?
> Quite clearly.
CEO, redsolution, OÜ
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Standards