[Standards] Proposed XMPP Extension: STUNServerDiscovery forJingle

Thiago Camargo thiago at jivesoftware.com
Sun Mar 25 17:39:43 UTC 2007


Yes, OpenFire now can act as a STUN Server, but not as a TURN Server. 

"While there are no security problems with Binding requests, publically available 
TURN servers can be used by non-xmpp software as anonymous proxies."

That's exactly what we are trying to prevent using XMPP Server to negotiate Relay Sessions for clients. In other words, clients don't have direct access to request a Relay Session from Relay Server.
User should ask a relay Session from its XMPP Server and receive everything it needs directly from XMPP Server. In this case XMPP Server should authenticate and allocate a relay session in a Relay Server, and send all the information like IP Addresses, port numbers, and password to clients.

Regards,
Thiago
 
-----Original Message-----
From: standards-bounces at xmpp.org [mailto:standards-bounces at xmpp.org] On Behalf Of Matt Tucker
Sent: domingo, 25 de março de 2007 11:44
To: XMPP Extension Discussion List
Subject: RE: [Standards] Proposed XMPP Extension: STUNServerDiscovery forJingle

I didn't propose a public TURN server. Yes, that would be a crazy idea.
:) STUN is a somewhat special case because it requires two public IP
addresses from the server. Openfire can now act as a STUN server, but
the two IP address requirement makes that a bit of a setup burden.

Regards,
Matt

> -----Original Message-----
> From: standards-bounces at xmpp.org 
> [mailto:standards-bounces at xmpp.org] On Behalf Of Evgeniy Khramtsov
> Sent: Sunday, March 25, 2007 1:47 AM
> To: XMPP Extension Discussion List
> Subject: Re: [Standards] Proposed XMPP Extension: STUN 
> ServerDiscovery forJingle
> 
> Matt Tucker wrotes:
> 
> > * Should we run a public STUN server at xmpp.org
> >
> 
> I think this is not a good idea :) While there are no 
> security problems with Binding requests, publically available 
> TURN servers can be used by non-xmpp software as anonymous proxies.
> 



More information about the Standards mailing list