Hi,
On Aug 23, 2008, at 2:28 PM, Jonathan Schleifer wrote:
Am 23.08.2008 um 15:12 schrieb Dirk Meyer:
In that case we need a SOCKS5 proxy or a TURN server. I prefer the
TURN server but we lack ice-tcp support to use it.
I also need the server to help me find a TURN server I can use if I
need one.
Well, I think we shouldn't use Jingle at all for transfering
encrypted messages. It just adds too much complexity IMO and I
don't always want a direct connection. Of course, I could use IBB,
but do we really need Jingle to transfer it in our XMPP stream? The
answer is clearly no. Plus, server admins might block IBB to save
traffic, because they don't want for example Jingle Video traffic
transfered in-band and thus disable Jingle IBB. I'm therefore for
not using Jingle as a transport layer, but have some transport
layer for c2c encryption only.
If you don't use Jingle, you'll have to create yet another
negotiation protocol for encrypted/trusted streams. Also, if you push
the negotiation of encrypted/trusted streams to Jingle, you can use
them for other stuff, like secure file-transfer, secure-
collaboration, etc.
Jingle is a negotiation protocol. If you don't want to use a direct
connection, offer only IBB.
As for anti-IBB servers, well, I can only say that whatever in-band
format you end up with, it will look a lot like IBB in the end. At
least from a stanza-size perspective.
Sure, I understand that IBB can be a problem for some servers, but
that is why current servers have shaping mechanisms.
Arguments about video-over-IBB are not valid in my view. Those who
attempted such idiotic use of in-band resources would be stopped by
the shaping rules. IBB is a must have for fallback purposes, for what
I call "experience reliability": common stuff should always work.
One last point: if a client negotiates a high-bandwidth-protocol over
IBB, I would classify that as a major bug of the client. Common sense
alone should trigger big red flashing lights.
Best regards,
--
Pedro Melo
Blog: http://www.simplicidade.org/notes/
XMPP ID: [EMAIL PROTECTED]
Use XMPP!
