On Fri, Jan 16, 2009 at 6:01 PM, Justin Karneges <[email protected]> wrote: > On Friday 16 January 2009 15:39:31 Peter Saint-Andre wrote: >> For #1, I think we would define a new application type, such as >> "urn:xmpp:jingle:apps:xtls": > > Yes. > >> [I don't see a need to negotiate DTLS directly via Jingle, but I suppose >> that if we need it we would define a different Jingle application type, >> such as "urn:xmpp:jingle:apps:dtls".] > > To be clear, you're not negotiating TLS directly via Jingle here either. > You're proposing an application type called XTLS, and XTLS would describe > usage of TLS as part of the protocol flow. I make this distinction because > there's an open idea on the table right now about offering TLS at the Jingle > level. More at the end of this mail. > >> So we'd need a way to exchange information about the association via >> Jingle. In DTLS-SRTP you need a separate DTLS-SRTP session for each >> host/port quartet, but you can share the same *DTLS* session for >> multiple DTLS-SRTP sessions. > > Yes, although it's unclear to me how you're suggesting DTLS be used here. As > I understand it, DTLS-SRTP requires an existing DTLS session to operate.
I'm not sure what you mean by "existing". DTLS-SRTP is an inband key management protocol, so you set up a DTLS association inline with the SRTP channel. -Ekr
