moparisthebest/xeps
1
0
Fork 0
mirror of https://github.com/moparisthebest/xeps synced 2024-11-21 16:55:07 -05:00
Code Issues Releases Wiki Activity

clarified handling of SRTP negotiation

Browse Source 
git-svn-id: file:///home/ksmith/gitmigration/svn/xmpp/trunk@3079 4b5297f7-1745-476d-ba37-a9c6900126ab
This commit is contained in:
Peter Saint-Andre 2009-04-22 20:41:26 +00:00
parent 0348fe003b
commit 0049e182b9
1 changed files with 5 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
xep-0167.xml
View File

@ -589,7 +589,8 @@ delivery-method=inline; configuration=somebase16string;
inline:WVNfX19zZW1jdGwgKCkgewkyMjA7fQp9CnVubGVz|2^20|1:32
session-params:KDR=1;UNENCRYPTED_SRTCP
]]></code>
<p>When the responder receives a session-initiate message containing an &lt;encryption/&gt; element, the responder MUST either (1) accept the offer by denoting one of the &lt;crypto/&gt; elements as acceptable (it does this by mirroring that &lt;crypto/&gt; element in its session acceptance) or (2) reject the offer by sending a session-terminate message with a Jingle reason of &lt;security-error/&gt; (typically with an RTP-specific condition of &lt;invalid-crypto/&gt;).</p>
<p>When the responder receives a session-initiate message containing an &lt;encryption/&gt; element with the 'required' attribute set to TRUE, the responder MUST either (1) accept the offer by denoting one of the &lt;crypto/&gt; elements as acceptable (it does this by mirroring that &lt;crypto/&gt; element in its session acceptance) or (2) reject the offer by sending a session-terminate message with a Jingle reason of &lt;security-error/&gt; (typically with an RTP-specific condition of &lt;invalid-crypto/&gt;).</p>
<p>If the 'required' attribute is set to FALSE (this is the default), depending on personal security policies or client configuration the responder SHOULD accept the offer if possible, but MAY simply proceed without encryption.</p>
<example caption="Responder terminates session because of invalid crypto"><![CDATA[
<iq from='juliet@capulet.lit/balcony'
id='nv71c396'
@ -625,9 +626,9 @@ delivery-method=inline; configuration=somebase16string;
]]></example>
<p>If the initiator requires encryption but the responder does not include an &lt;encryption/&gt; element in its session acceptance, the initiator MUST terminate the session with a Jingle reason of &lt;security-error/&gt; and an RTP-specific condition of &lt;crypto-required/&gt;.</p>
<example caption="Initiator terminates session because crypto is required"><![CDATA[
<iq from='juliet@capulet.lit/balcony'
id='nv71c396'
to='romeo@montague.lit/orchard'
<iq from='romeo@montague.lit/orchard'
id='ik3hs615'
to='juliet@capulet.lit/balcony'
type='set'>
<jingle xmlns='urn:xmpp:jingle:1'
action='session-terminate'