Peter Saint-Andre wrote:
> 1. The a=fingerprint line specifies the hashing algorithm used, whereas
> the XTLS <fingerprint/> element does not. We could easily add an 'algo'
> attribute to the <fingerprint/> element.
I also got feedback that we missed that. We should add it in -01
> 2. The XTLS <security/> element enables a party to provide a hint about
> which TLS methods might be used (e.g., "x509" or "srp"), whereas no SDP
> methods are defined for that functionality. I could work with the
> authors of DTLS-SRTP to include something along these lines.
How do they solve the problem of bootstrapping trust? We could force
x509 if we talk to SIP clients, e.g. a SIP client will always support
this methid and has no fallback. I know, that sucks.
Dirk
--
Hanson's Treatment of Time:
There are never enough hours in a day, but always too many days
before Saturday.
