Peter Saint-Andre wrote:
> On 3/4/09 9:31 AM, Dirk Meyer wrote:
>> At least for e2e streams I need something. For secure audio streams I
>> may not. One idea to make audio streams secure is to start an e2e stream
>> (secure) and negotiate a rtp stream over that connection. In that case
>> you can trust the signaling stream.
>
> Right. So in that case, you would first set up an end-to-end XML stream
> (via draft-meyer-xmpp-e2e-encryption) to establish a secure end-to-end
> XMPP signalling channel. Then once you have that established, you can
> use the secured XMPP channel to exchange the signalling messages needed
> to set up an RTP session (or any other kind of session).
So back to the topic: DTLS-SRP. Do we need it? If we use a secure XML
stream to signal Jingle RTP, we can put the password directly in session
negotiation and no DTLS is needed. Or did I miss something?
Dirk
--
Expert, n.:
Someone who comes from out of town and shows slides.
