Justin Karneges wrote: > On Wednesday 14 January 2009 15:44:51 Dirk Meyer wrote: >> Peter Saint-Andre wrote: >> > 1. Initiator sends Jingle session-initiate with offer, including hints >> > about TLS methods and fingerprints >> > >> > 2. Initiator and responder agree on transport and negotiate IBB or >> > SOCKS5 (or future ICE-TCP) connection >> >> I agree up to this point. >> >> > 3. Parties start XML stream over negotiated transport (e.g., >> > encapsulated in IBB packets) >> > >> > 4. Parties upgrade stream using STARTTLS >> > >> > 5. If STARTTLS succeeds, the e2e stream is now secured >> >> Why not skip all this and fire up the TLS lib afer (2)? We know that we >> want to use TLS, there is no point in doing all this. > > Especially if TLS is done as part of Jingle. Funny, we'd get TLS for free > with Jingle and we'd get TLS for free with XMPP. Which one to use? :)
I prefer Jingle. We can use it for non-XMPP use cases outside c2c XML streams. > I don't have a problem with either approach, and we may even want to allow > both to be possible (but not at the same time). It would be bad if one client supports Jingle, the other XMPP and they could not open a secure stream because of that. > - If Jingle TLS is used, then hints/fingerprints (if any) must be offered at > the Jingle level. > - If Jingle TLS is not used, but XMPP STARTTLS is, then hints/fingerprints > (if > any) must be offered at the *application* level. That is, inside > <description/>. Agreed. Dirk -- It is impossible to make anything foolproof because fools are so ingenious.
