1
0
mirror of https://github.com/moparisthebest/xeps synced 2024-11-28 04:02:20 -05:00
This commit is contained in:
stpeter 2011-01-05 11:51:18 -07:00
parent 3bd448c944
commit 7c998460f7

View File

@ -1525,7 +1525,7 @@ PENDING o-----------------------+ |
<p>Mere negotiation of a Jingle session can expose sensitive information about the parties (e.g., IP addresses, or even the full JID of the responder). Care MUST be taken in communicating such information, and end-to-end encryption SHOULD be used if the parties do not trust the intermediate servers or gateways.</p> <p>Mere negotiation of a Jingle session can expose sensitive information about the parties (e.g., IP addresses, or even the full JID of the responder). Care MUST be taken in communicating such information, and end-to-end encryption SHOULD be used if the parties do not trust the intermediate servers or gateways.</p>
</section2> </section2>
<section2 topic='Redirection' anchor='security-redirect'> <section2 topic='Redirection' anchor='security-redirect'>
<p>The 'initiator' and 'responder' attributes can be used to redirect a session from one JID to anther JID (i.e., the 'initiator' or 'responder' attribute might not match the 'from' or 'to' attribute of the sender). An application SHOULD NOT accept the redirection unless the bare JIDs match (i.e., the session is being redirected from one authorized resource to another authorized resource associated with the same account).</p> <p>The 'initiator' and 'responder' attributes can be used to redirect a session from one JID to another JID (i.e., the 'initiator' or 'responder' attribute might not match the 'from' or 'to' attribute of the sender). An application SHOULD NOT accept the redirection unless the bare JIDs match (i.e., the session is being redirected from one authorized resource to another authorized resource associated with the same account).</p>
</section2> </section2>
</section1> </section1>