moparisthebest
/
xeps
mirror of https://github.com/moparisthebest/xeps
1
0
Fork 0
Code Issues Releases Wiki Activity

another small text correction

This commit is contained in:
Peter Saint-Andre 2012-12-13 06:42:45 -08:00
parent a82e5efd89
commit ae459a0f7c
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
xep-0262.xml
View File

@ -208,7 +208,7 @@ a=zrtp-hash:1.10 fe30efd02423cb054e50efd0248742ac7a52c8f91bc2df881ae642c371ba46d
<section1 topic='Security Considerations' anchor='security'>
<p>Security considerations for ZRTP itself are provided in <cite>RFC 6189</cite>.</p>
<p>XMPP stanzas such as Jingle session-info messages and service discovery exchanges are not encrypted or signed. As a result, it is possible for an attacker to intercept these stanzas and modify them, thus convincing one party that the other party does not support ZRTP and therefore denying the parties an opportunity to use ZRTP. However, because the zrtp-hash is mostly advisory, the parties could still use ZRTP even if the signalling channel is compromised.</p>
<p>XMPP stanzas such as Jingle invite messages and service discovery exchanges are not encrypted or signed. As a result, it is possible for an attacker to intercept these stanzas and modify them, thus convincing one party that the other party does not support ZRTP and therefore denying the parties an opportunity to use ZRTP. However, because the zrtp-hash is mostly advisory, the parties could still use ZRTP even if the signalling channel is compromised.</p>
</section1>
<section1 topic='IANA Considerations' anchor='iana'>