1
0
mirror of https://github.com/moparisthebest/xeps synced 2024-11-21 08:45:04 -05:00
git-svn-id: file:///home/ksmith/gitmigration/svn/xmpp/trunk@1465 4b5297f7-1745-476d-ba37-a9c6900126ab
This commit is contained in:
Peter Saint-Andre 2007-12-11 21:52:32 +00:00
parent 9f96e0c99c
commit 4b12413022
2 changed files with 3 additions and 3 deletions

View File

@ -92,8 +92,8 @@
<p>The protocol defined herein enables Jabber entities to negotiate options for specific features. These features could be negotiated between any two endpoints on the Jabber network, such as two clients, a client and a component, two components, a client and a server, or two servers. The protocol is generic enough that it can be used whenever options need to be negotiated between two Jabber entities. For examples, &xep0095;, &xep0096; or &xep0155;.</p>
</section1>
<section1 topic="Protocol Details" anchor='protocol'>
<p>Features are negotiated though the exchange of &IQ; or &MESSAGE; stanzas containing &lt;feature/&gt; child elements qualified by the 'http://jabber.org/protocol/feature-neg' namespace. However, this &lt;feature/&gt; element is simply a wrapper for structured data encapsulated in the &xep0004; protocol. <note>Earlier versions of this document defined a structured data format to handle the feature negotiation workflow; versions later than 0.4 use <cite>Data Forms</cite>, i.e., the 'jabber:x:data' namespace.</note></p>
<p>In order to begin a negotation, the initiator sends an &IQ; stanza of type "get" (or a &MESSAGE; stanza type "normal" - see <cite>Chat Session Negotiation</cite> for examples) to the recipient with a single &lt;feature/&gt; element containing a data form of type "form" which defines the available options for one or more features. Each feature is represented as an x-data "field".</p>
<p>Features are negotiated through the exchange of &IQ; or &MESSAGE; stanzas containing &lt;feature/&gt; child elements qualified by the 'http://jabber.org/protocol/feature-neg' namespace. However, this &lt;feature/&gt; element is simply a wrapper for structured data encapsulated in the &xep0004; protocol. <note>Earlier versions of this document defined a structured data format to handle the feature negotiation workflow; versions later than 0.4 use <cite>Data Forms</cite>, i.e., the 'jabber:x:data' namespace.</note></p>
<p>In order to begin a negotation, the initiator sends an &IQ; stanza of type "get" (or a &MESSAGE; stanza type "normal" - see <cite>Stanza Session Negotiation</cite> for examples) to the recipient with a single &lt;feature/&gt; element containing a data form of type "form" which defines the available options for one or more features. Each feature is represented as an x-data "field".</p>
<p>The recipient SHOULD examine each feature and the values of the options provided. In order to indicate preferred values, the recipient then SHOULD specify one value for each feature and return a data form of type "submit" to the initiator in an &IQ; stanza of type "result" (or a &MESSAGE; stanza type "normal").</p>
<p>The following examples show some likely scenarios for feature negotiation between entities. Further examples can be found in "using protocols", such as <cite>File Transfer</cite>.</p>
<section2 topic="Basic Flow" anchor='protocol-basic'>

View File

@ -368,7 +368,7 @@
<p>Weak pseudo-random number generators (PRNG) enable successful attacks. Implementors MUST use a cryptographically strong PRNG to generate all random numbers (see &rfc1750;).</p>
</section2>
<section2 topic='Storage' anchor='sec-storage'>
<p>If either entity stores a (re-encrypted) transcript of an encrypted session for future consultation then the Perfect Forward Secrecy offered by this protocol is lost. If the negotiated value of the 'otr' <cite>Chat Session Negotiation</cite> field is 'true' the entities MUST NOT store any part of the encrypted session content (not even in encrypted form).</p>
<p>If either entity stores a (re-encrypted) transcript of an encrypted session for future consultation then the Perfect Forward Secrecy offered by this protocol is lost. If the negotiated value of the 'otr' <cite>Stanza Session Negotiation</cite> field is 'true' the entities MUST NOT store any part of the encrypted session content (not even in encrypted form).</p>
</section2>
<section2 topic='Replay Attacks' anchor='sec-replay'>
<p>The block cipher counters maintained implicitly by Alice and Bob (&CsubA; and &CsubB;) prevent stanzas being replayed within any encrypted session. They ensure that the MAC will be different for all stanzas, even if the HMAC key and the content of the stanza are identical.</p>