[Standards] LAST CALL: XEP-0353 (Jingle Message Initiation)

Andrew Nenakhov andrew.nenakhov at redsolution.com
Thu Aug 29 11:24:34 UTC 2019


I might be late to the party. This email was sent by me on August 03 after
changing my email address and resubscribing to this list, but it seems that
I wasn't put through. My points against XEP-0353 in current form still
stand. I obviously missed all conversations here in August, so I might need
to catch up on this though.

сб, 3 авг. 2019 г. в 21:04, Andrew Nenakhov <andrew.nenakhov at redsolution.com
>:

> вт, 30 июл. 2019 г. в 23:42, Jonas Schäfer <jonas at wielicki.name>:
>
>> 1. Is this specification needed to fill gaps in the XMPP protocol
>> stack or to clarify an existing protocol?
>>
>
> Yes.
>
>
>>
>> 2. Does the specification solve the problem stated in the introduction
>> and requirements?
>>
>
> Partially. This specification is not suitable to work with clients that
> rely on push notifications and fetching messages from an archive.
>
> 3. Do you plan to implement this specification in your code? If not,
>> why not?
>>
>
> We have implemented this specification on iOS client, and discovered that
> it is unsuitable in real life scenarios. We have updated it with additional
> callback routine, the changes and stanza format is described here:
>
> https://docs.google.com/document/d/1geR2-VlKkjwqFftstV7O1cYfGqKQy-eEUepgRrge0ow/edit
>
> This modified solution does the job. We have also created a test bot for
> testing automated VoIP calling, bot's address is devbot at dev.xabber.com
> (calling bot works well, receiving calls from bot has some bugs at the
> moment). One may perform calls using preview version
> <https://github.com/redsolution/xabber-ios/wiki/preview> of Xabber for
> iOS (it's under construction at the moment and has quite a number of bugs,
> but VoIP is mostly working by now).
>
> 4. Do you have any security concerns related to this specification?
>>
>
> Yes. Security considerations does not cover the issue of private
> information exposure (IP address) to remote party when taking part in a
> jingle session. This is covered in XEP-0166 Security Considerations though,
> but I think it should make sense that taking part in jingle session not
> only results in a presence leak, but also in disclosure of IP.
>
> 5. Is the specification accurate and clearly written?
>>
>
> Quite clearly.
>
>
-- 
Andrew Nenakhov
CEO, redsolution, OÜ
https://redsolution.com <http://www.redsolution.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.jabber.org/pipermail/standards/attachments/20190829/07529f8a/attachment.html>


More information about the Standards mailing list