Dave Cridland wrote: > On Sun Jan 11 10:19:26 2009, Dirk Meyer wrote: >> > The more I read about Jingle, the more I like, and I think that it is >> > the right tool for the job here. >> >> I also like Jingle, but after some thinking, I prefer the stuff I wrote >> after the comparison. It would be very nice to have a general TLS >> mechanism directy in Jingle. You will not only get secure communication, >> you can also get secure file transfer and other use cases are possible >> as well: secure VNC connections (we all know people we have to help with >> their computer from time to time) or something like "Back to my Mac". >> >> > If security is negotiated as part of Jingle, rather than as part of the > p2p XMPP session, then we have a powerful tool that can be immediately > reused for things like authenticated file transfers - which frankly > seems like a seriously big win.
Agreed. > None of the reasons for using STARTTLS > over TCP seem to apply here. > > Meanwhile, using Jingle to negotiate the p2p XMPP stream seems to > provide us with useful flexibility, as new transports become possible. Right, that's really a one-off to get XMPP encryption going. >> > Moreover, basic Jingle support will be quite useful for other XMPP >> > tools we make in the future I suspect, and encouraging library authors >> > to start adding this is a good thing. E2E encryption is a pretty >> > compelling reason to implement Jingle, where VoIP maybe isn't (unless >> > you're specifically wanting to support voice/video chats). >> >> Agreed. Jingle is much more than VoIP. And most of the complexity in >> Jingle implementations comes from VoIP: choosing RTP parameter, codecs, >> etc. TCP-like streams over Jingle are much simpler. > > Well, this is partly because of how complicated the content-descriptions > are, and partly how complex the transports involved are. In the VOIP > case, you have, effectively, the worst of both worlds. I suspect that if > security (ie, privacy, integrity, and authentication) is added into > Jingle - and I hope it is - then we'll end up with VOIP as the most > complex case of that too. So it seems. /me ponders... Peter -- Peter Saint-Andre https://stpeter.im/
