[Standards] Proposed XMPP Extension: STUNServerDiscovery forJingle
robert.mcqueen at collabora.co.uk
Wed Mar 28 14:23:12 UTC 2007
Peter Saint-Andre wrote:
>> Alternative proposal:
>> - client acquires short-term credentials with XMPP means (plus maybe
>> also the IP address and port of the relay)
> Presumably the XMPP server and the TURN server need to have a shared
> secret or some way of negotiating credential requests.
This doesn't mean the secret needs to be shared on an ongoing basis, the
XMPP server can have something like a private key and sign a timestamp
with it, creating a ticket which the relay server can verify offline
using a public key, without further reference to the XMPP server. My
understanding is that the Google relay stuff works along these lines.
>> To me, this is as simple as the mechanism you described, but
>> with the added bonus that the service provider can use an
>> off-the-shelf TURN server.
> Off-the-shelf is a plus. We don't want to be off in our little XMPP
> ghetto here.
More information about the Standards