W3C home > Mailing lists > Public > public-webrtc@w3.org > January 2014

Re: RTCIceServer and username

From: Harald Alvestrand <harald@alvestrand.no>
Date: Mon, 06 Jan 2014 22:55:40 +0100
Message-ID: <52CB265C.8020605@alvestrand.no>
To: public-webrtc@w3.org
On 01/06/2014 05:06 PM, Eric Rescorla wrote:
> http://dev.w3.org/2011/webrtc/editor/webrtc.html#dictionary-rtcconfiguration-members
> has:
>
> dictionary RTCIceServer {
>      (DOMString or sequence<DOMString>) urls;
>      DOMString?                         username = null;
>      DOMString?                         credential;
> };
>
> AFAICT, username isn't really optional for TURN servers (RFC 5766 says):
>
>     [RFC5389] specifies an authentication mechanism called the long-term
>     credential mechanism.  TURN servers and clients MUST implement this
>     mechanism.  The server MUST demand that all requests from the client
>     be authenticated using this mechanism, or that a equally strong or
>     stronger mechanism for client authentication is used.
>
> (and username and credential should have the same status in any case).
>
> I suspect we either need two classes (one for TURN and one for STUN)
> or explanatory text saying that you need to provide this for TURN.

Explanatory text seems like the right path to me. Since it contains 
URLs, the syntax doesn't constrain it to be TURN or STUN, and the quoted 
text does seem to make it possible that there will be other ways to do 
this authentication.
Received on Monday, 6 January 2014 21:56:07 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 15:19:37 UTC