On Sun Jan 11 10:19:26 2009, Dirk Meyer wrote:
> The more I read about Jingle, the more I like, and I think that
it is
> the right tool for the job here.
I also like Jingle, but after some thinking, I prefer the stuff I
wrote
after the comparison. It would be very nice to have a general TLS
mechanism directy in Jingle. You will not only get secure
communication,
you can also get secure file transfer and other use cases are
possible
as well: secure VNC connections (we all know people we have to help
with
their computer from time to time) or something like "Back to my
Mac".
If security is negotiated as part of Jingle, rather than as part of
the p2p XMPP session, then we have a powerful tool that can be
immediately reused for things like authenticated file transfers -
which frankly seems like a seriously big win. None of the reasons for
using STARTTLS over TCP seem to apply here.
Meanwhile, using Jingle to negotiate the p2p XMPP stream seems to
provide us with useful flexibility, as new transports become possible.
> Moreover, basic Jingle support will be quite useful for other XMPP
> tools we make in the future I suspect, and encouraging library
authors
> to start adding this is a good thing. E2E encryption is a pretty
> compelling reason to implement Jingle, where VoIP maybe isn't
(unless
> you're specifically wanting to support voice/video chats).
Agreed. Jingle is much more than VoIP. And most of the complexity in
Jingle implementations comes from VoIP: choosing RTP parameter,
codecs,
etc. TCP-like streams over Jingle are much simpler.
Well, this is partly because of how complicated the
content-descriptions are, and partly how complex the transports
involved are. In the VOIP case, you have, effectively, the worst of
both worlds. I suspect that if security (ie, privacy, integrity, and
authentication) is added into Jingle - and I hope it is - then we'll
end up with VOIP as the most complex case of that too.
Dave.
--
Dave Cridland - mailto:[email protected] - xmpp:[email protected]
- acap://acap.dave.cridland.net/byowner/user/dwd/bookmarks/
- http://dave.cridland.net/
Infotrope Polymer - ACAP, IMAP, ESMTP, and Lemonade
