(This issue is inherited from upstream feature request Siskin IM tigase/siskin-im#218)
Describe the solution you'd like
Snikket iOS supports OMEMO messaging and allows the user to mark another user's OMEMO fingerprint as trusted. This allows the user to know that messages and HTTP attachments are between trusted devices.
However, when jingle A/V calls are performed between two users with trusted OMEMO fingerprints, call setup provides no assurance that the DTLS fingerprints are authenticated by an OMEMO-trusted device.
Describe alternatives you've considered
N/A. The above spec is self-described as an incomplete solution:
... we are still a long road away from having OMEMO 0.5+ in general and any implementational experience with SCE for IQ based protocols in particular. The protocol proposed here is a hack that is hopefully not too dirty.
Therefore it is understandable if it may not be worth the effort, though other non-Conversations forks (like Dino) have implemented this protocol.
(This issue is inherited from upstream feature request Siskin IM tigase/siskin-im#218)
Describe the solution you'd like Snikket iOS supports OMEMO messaging and allows the user to mark another user's OMEMO fingerprint as trusted. This allows the user to know that messages and HTTP attachments are between trusted devices.
However, when jingle A/V calls are performed between two users with trusted OMEMO fingerprints, call setup provides no assurance that the DTLS fingerprints are authenticated by an OMEMO-trusted device.
I have not seen it mentioned searching previous issues, but this issue is to request the feasibility of implementing Conversations' http://gultsch.de/xmpp/drafts/omemo/dlts-srtp-verification.
Describe alternatives you've considered N/A. The above spec is self-described as an incomplete solution:
Therefore it is understandable if it may not be worth the effort, though other non-Conversations forks (like Dino) have implemented this protocol.
Additional context Using: Snikket version 1.2