-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 8/25/09 3:47 AM, Evgeniy Khramtsov wrote: > Evgeniy Khramtsov wrote: >> Hello. >> >> I'm thinking of XEP-0215 implementation. In fact, the XEP is very >> simple to implement (at least on server), but that leads to >> configuration overkill. I imagine a system administrator maintaining a >> server with N nodes in a cluster and H virtual hosts. He wants to >> configure a stun, stuns, turn and turns server in external discovery. >> In that case he need to create N*3*H*3*H records in the configuration >> file: a stun and turn takes 3 sections per virtual host (udp, tcp and >> tls) each and requires to configure it on every node. If N=2 and H=2 >> (a cluster of 2 nodes and 2 virtual hosts) he needs to create 72 >> records! Of course a server software may provide a technique to reduce >> the overhead, but that may cause a configuration file complexity. >> >> Personally, I'm interesting in a short-term credentials allocation for >> a TURN server. I think DNS is the right place to discover stun/turn >> services since corresponding specifications provide SRV records for that.
I agree. That's the whole point of SRV records, after all! Right now XEP-0215 is strictly a fallback, as is the jingleinfo protocol used in Google Talk: http://code.google.com/apis/talk/jep_extensions/jingleinfo.html > I think we can move the secret allocation part in a separate request. > Example: > > <iq type='get' > from='[email protected]/globe' > to='shakespeare.lit' > id='all1'> > <secret xmlns='urn:xmpp:extdisco:0' type='turn'/> > </iq> > > <iq type='result' > from='shakespeare.lit' > to='[email protected]/globe' > id='all1'> > <secret xmlns='urn:xmpp:extdisco:0' type='turn' username='jl2er' > password='iowerf324'/> > > > Or something like that. What do you think? Or something like that, yes. I think the requesting entity would need to specify the host for which it wants a secret: <iq type='get' from='[email protected]/globe' to='shakespeare.lit' id='all1'> <cred xmlns='urn:xmpp:extdisco:0' host='relay.shakespeare.lit' type='turn'/> </iq> <iq type='result' from='shakespeare.lit' to='[email protected]/globe' id='all1'> <cred xmlns='urn:xmpp:extdisco:0' host='relay.shakespeare.lit' password='jj929jkj5sadjfj93v3n' type='turn' username='nb78932lkjlskjfdb7g8'/> </iq> Peter - -- Peter Saint-Andre https://stpeter.im/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkqpsrwACgkQNL8k5A2w/vwtoQCg3MB+NcbraxOawn82YxX0bF3e r/kAnAqq3bl4NKyViEhG+6f0mfI55SQ7 =klD/ -----END PGP SIGNATURE-----
