XMPP Extensions Editor wrote:
Version 0.5 of XEP-0215 (External Service Discovery) has been released.
Abstract: This document specifies an XMPP protocol extension for discovering
services external to the XMPP network.
Changelog: Added ability to request credentials from a particular service;
incremented the protocol version number to reflect the new feature. (psa)
Diff: http://xmpp.org/extensions/diff/
URL: http://xmpp.org/extensions/xep-0215.html
A suggestion: we need to provide a fallback in the case when a server
doesn't support shared credentials: in that case a client MUST use long
term authentication using its jid/password. This is usefull when there
is single TURN server serving both XMPP and SIP domains or when there is
no way to exchange shared secrets between XMPP and TURN server. In those
cases TURN server may share authentication backend (SQL or whatever)
with XMPP server.
What do you think?
PS. I personally prefer short term credentials because it doesn't
require implementing additional protection from dictionary attacks on
TURN server and protects from using TURN server out of existing XMPP
connection.
--
Regards,
Evgeniy Khramtsov, ProcessOne.
xmpp:[email protected].
