mirror of https://github.com/moparisthebest/xeps
Add section on starting / stopping OTR sessions
This commit is contained in:
parent
cefba6e02c
commit
e1e908464f
44
xep-0364.xml
44
xep-0364.xml
|
@ -223,6 +223,50 @@
|
||||||
</p>
|
</p>
|
||||||
</section2>
|
</section2>
|
||||||
</section1>
|
</section1>
|
||||||
|
<section1 topic='OTR Sessions'>
|
||||||
|
<section2 topic='Starting an OTR session'>
|
||||||
|
<p>
|
||||||
|
Most clients today provide options to automatically start an OTR
|
||||||
|
session, to manually construct a session at the users request, or to
|
||||||
|
always require the use of an OTR session even if the remote client does
|
||||||
|
not support OTR.
|
||||||
|
</p>
|
||||||
|
<p>
|
||||||
|
In the interest of user experience, it is NOT RECOMMENDED to start an
|
||||||
|
OTR session with a previously unseen resource or one for which we do not
|
||||||
|
have OTR keys cached without first discovering if the remote end
|
||||||
|
supports OTR using one of the mechanisms described in the "Discovery"
|
||||||
|
section of this document except in security critical contexts where user
|
||||||
|
experience is not a concern.
|
||||||
|
</p>
|
||||||
|
<p>
|
||||||
|
Instead, it is RECOMMENDED to always allow the user to manually start an
|
||||||
|
OTR session and to indicate that OTR is known to be available when OTR
|
||||||
|
support is discovered by any of the aforementioned mechanisms.
|
||||||
|
</p>
|
||||||
|
</section2>
|
||||||
|
<section2 topic='Ending an OTR session'>
|
||||||
|
<p>
|
||||||
|
It is RECOMMENDED that the lifetime of OTR sessions be limited to the
|
||||||
|
lifetime of the XMPP session in which the OTR session was established.
|
||||||
|
If a resource associated with either end of the OTR session goes offline
|
||||||
|
(a closing stream tag is received, or a fatal stream error occurs), it
|
||||||
|
is RECOMMENDED that the other end terminate the OTR session.
|
||||||
|
</p>
|
||||||
|
<p>
|
||||||
|
When an XMPP session that is hosting an OTR session ends, it is
|
||||||
|
RECOMMENDED that XMPP session be completely torn down before the
|
||||||
|
associated OTR session is ended. For instance, when receiving a closing
|
||||||
|
stream tag, clients should send their own closing stream tag (as
|
||||||
|
specified in &rfc6120;), close the underlying TCP connection (or
|
||||||
|
connections), and then terminate the OTR session in that order. This
|
||||||
|
prevents a race condition in some clients that attempt to automatically
|
||||||
|
establish an OTR session where the OTR session is torn down and then
|
||||||
|
re-established by an incomming message before the XMPP session can be
|
||||||
|
closed.
|
||||||
|
</p>
|
||||||
|
</section2>
|
||||||
|
</section1>
|
||||||
<section1 topic='Use in XMPP URIs'>
|
<section1 topic='Use in XMPP URIs'>
|
||||||
<p>
|
<p>
|
||||||
&rfc5122; defines a Uniform Resource Identifier (URI) and
|
&rfc5122; defines a Uniform Resource Identifier (URI) and
|
||||||
|
|
Loading…
Reference in New Issue