aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--xep-0065.xml12
-rw-r--r--xep-0278.xml103
-rw-r--r--xep-0319.xml8
3 files changed, 106 insertions, 17 deletions
diff --git a/xep-0065.xml b/xep-0065.xml
index da8162d..0bf7a29 100644
--- a/xep-0065.xml
+++ b/xep-0065.xml
@@ -315,18 +315,6 @@
]]></example>
<p>If the Proxy is unable to act as a StreamHost, the Proxy MUST return an error to the Requester, which SHOULD be &notallowed;.</p>
<example caption='Proxy is Unable to Act as a StreamHost'><![CDATA[
-<iq from='streamer.example.com'
- id='uj2c15z9'
- to='requester@example.com/foo'
- type='error'>
- <error type='auth'>
- <forbidden
- xmlns='urn:ietf:params:xml:ns:xmpp-stanzas'/>
- </error>
-</iq>
-]]></example>
- <p>If the Proxy is unable to act as a StreamHost, the Proxy MUST return an error to the Requester, which SHOULD be &notallowed;.</p>
- <example caption='Proxy is Unable to Act as a StreamHost'><![CDATA[
<iq from='requester@example.com/foo'
id='uj2c15z9'
to='streamer.example.com'
diff --git a/xep-0278.xml b/xep-0278.xml
index f6e9255..1a678e2 100644
--- a/xep-0278.xml
+++ b/xep-0278.xml
@@ -3,6 +3,8 @@
<!ENTITY % ents SYSTEM 'xep.ent'>
<!ENTITY CHANNEL "&lt;channel/&gt;">
<!ENTITY RELAY "&lt;relay/&gt;">
+ <!ENTITY STUN "&lt;stun/&gt;">
+ <!ENTITY TURN "&lt;turn/&gt;">
<!ENTITY SERVICES "&lt;services/&gt;">
<!ENTITY TRACKER "&lt;tracker/&gt;">
%ents;
@@ -14,7 +16,7 @@
<abstract>This documents specifies how Jingle Clients can interact with Jingle Relay Nodes Services and how XMPP entities can provide, search and list available Jingle Relay Nodes.</abstract>
&LEGALNOTICE;
<number>0278</number>
- <status>Deferred</status>
+ <status>Experimental</status>
<type>Standards Track</type>
<sig>Standards</sig>
<approver>Council</approver>
@@ -34,6 +36,12 @@
</author>
<revision>
<version>0.2</version>
+ <date>2017-09-14</date>
+ <initials>tc</initials>
+ <remark><p>Added TURN Credentials Service Support.</p></remark>
+ </revision>
+ <revision>
+ <version>0.2</version>
<date>2011-06-21</date>
<initials>tc</initials>
<remark><p>Added STUN Service Tracking Support. Removed Public IP requirement for Relay Service.</p></remark>
@@ -115,6 +123,7 @@ All signalling, request, response and publishing is done via XMPP, not requiring
<services xmlns='http://jabber.org/protocol/jinglenodes'>
<relay policy='public' address='montague.lit' protocol='udp'/>
<tracker policy='public' address='capulet.lit' protocol='udp'/>
+ <turn policy='public' address='stun.capulet.lit' protocol='udp'/>
<stun policy='public' address='200.111.111.111' port='3857' protocol='udp'/>
</services>
</iq>
@@ -194,6 +203,34 @@ All signalling, request, response and publishing is done via XMPP, not requiring
]]></example>
<p><em>After receiving the &CHANNEL; the requester MUST send his stream to 'host' and 'localport' pair and send a &CANDIDATE; containing the 'host' and 'remoteport' values.</em></p>
</section2>
+ <section2 topic="Jingle Client Consuming TURN Credentials Service" anchor="clientconsumingturncredentials">
+ <p>A Jingle Client can request volative TURN credentials, to be used in cases where connectivity check is a requirement. Like, for example, WebRTC. The concept and mechanism is quite similar to the RFC draft <link url='https://tools.ietf.org/html/draft-uberti-behave-turn-rest-00'>REST API For Access To TURN Services'.</link></p>
+ <p>TURN provides an access control mechanism described in &rfc5389;, where long-term credentials are provided as part of the TURN protocol. Therefore the credentials provided in this Jingle Nodes mechanism are time-limited, but SHOULD be used as long-term credentials, when authentication against a TURN Server.
+ </p>
+ <p>
+ <em>Note: There is no need to run TURN server or support within a Jingle Relay. This mechanism allows decoupled deployment of distributed TURN Servers, without the requirement of database based authentication. </em>
+ </p>
+ <example caption="TURN Credentials request"><![CDATA[
+<iq from='romeo@montague.lit/orchard'
+ id='uw72g176'
+ to='juliet@capulet.lit/balcony'
+ type='get'>
+ <turn xmlns='http://jabber.org/protocol/jinglenodes#turncredentials' protocol='udp'/>
+</iq>
+]]></example>
+ <example caption="TUNR Credentials Returned by the service"><![CDATA[
+<iq from='juliet@capulet.lit/balcony'
+ id='uw72g176'
+ to='romeo@montague.lit/orchard'
+ type='result'>
+ <turn ttl='60000'
+ uri='turn:200.20.2.10:1984?transport=udp'
+ username='1433895918506:romeocapulet'
+ password='1Dj9XZ5fwvKS6YoQZOoORcFnXaI='
+ />
+</iq>
+]]></example>
+ </section2>
</section1>
<section1 topic="Services Definitions" anchor="servicesdefinition">
<section2 topic="Relay Channel Service" anchor="relaychannelservice">
@@ -293,7 +330,7 @@ All signalling, request, response and publishing is done via XMPP, not requiring
</section3>
</section2>
<section2 topic="Services Element" anchor="def-services">
- <p>The &SERVICES; element MAY be empty or contain &RELAY; and/or &TRACKER; elements.</p>
+ <p>The &SERVICES; element MAY be empty or contain &RELAY;, &STUN; and/or &TRACKER; elements.</p>
<p>The attributes of the &RELAY; and &TRACKER; element are as follows.</p>
<table caption="Attributes of Relay and Tracker Elements">
<tr>
@@ -323,6 +360,48 @@ All signalling, request, response and publishing is done via XMPP, not requiring
</tr>
</table>
</section2>
+<section2 topic="TURN Credentials Service Element" anchor="def-turn-credentials">
+ <p>The attributes of the &TURN; element are as follows.</p>
+ <table caption="Attributes of TURN Elements">
+ <tr>
+ <th>Attribute</th>
+ <th>Definition</th>
+ <th>Inclusion</th>
+ </tr>
+ <tr>
+ <td>ttl</td>
+ <td>The duration in seconds for which the provided credentials are valid.</td>
+ <td>REQUIRED</td>
+ </tr>
+ <tr>
+ <td>uri</td>
+ <td>The TURN Server URI.</td>
+ <td>REQUIRED</td>
+ </tr>
+ <tr>
+ <td>username</td>
+ <td>The username to be used on TURN authentication. THe recommended format is a colon-delimited concatenation of expiration timestamp and the requester bare JID.</td>
+ <td>REQUIRED</td>
+ </tr>
+ <tr>
+ <td>password</td>
+ <td>The ppassword to be used on TURN authentication. Is the result of 'base64(hmac(secret_key, username))'. Where 'secret_key' is shared between the TURN server and entity providing the credentials.</td>
+ <td>REQUIRED</td>
+ </tr>
+ </table>
+ <section3 topic="Ttl Attribute" anchor="def-ttlattribute">
+ <p>The duration in seconds for which the provided credentials are valid. The usual and recommended value is 86400 seconds (one day).</p>
+ </section3>
+ <section3 topic="URI Attribute" anchor="def-uriattribute">
+ <p>The TURN Server URI as described in <link url="https://tools.ietf.org/html/draft-petithuguenin-behave-turn-uris-03">I-D.petithuguenin-behave-turn-uris</link></p>
+ </section3>
+ <section3 topic="Username Attribute" anchor="def-ttlattribute">
+ <p>WebRTC's TURN request uses the 'username' value for its USERNAME and PASSWORD attributes, for the input to the MESSAGE-INTEGRITY hash.</p>
+ </section3>
+ <section3 topic="Password Attribute" anchor="def-ttlattribute">
+ <p>Along with 'username', WebRTC's TURN request uses the 'password' value for its USERNAME and PASSWORD attributes, for the input to the MESSAGE-INTEGRITY hash.</p>
+ </section3>
+</section2>
</section1>
<section1 topic="Determining Support" anchor="support">
<p>To advertise its support for the Jingle Nodes support, when replying to &xep0030; information requests an entity MUST return URNs for any version of this protocol that the entity supports -- e.g., "http://jabber.org/protocol/jinglenodes" for this version&VNOTE;.</p>
@@ -342,8 +421,9 @@ All signalling, request, response and publishing is done via XMPP, not requiring
to='romeo@montague.lit/orchard'
type='result'>
<query xmlns='http://jabber.org/protocol/disco#info'>
- <feature var='http://jabber.org/protocol/jinglenodes'/>
- <feature var='http://jabber.org/protocol/jinglenodes#channel'/>
+ <feature var='http://jabber.org/protocol/jinglenodes'/>
+ <feature var='http://jabber.org/protocol/jinglenodes#channel'/>
+ <feature var='http://jabber.org/protocol/jinglenodes#turncredentials'/>
</query>
</iq>
]]></example>
@@ -356,6 +436,10 @@ All signalling, request, response and publishing is done via XMPP, not requiring
<em>Note: This use case is also similar to a Jingle to SIP Interoperability Service.</em>
</p>
</section2>
+ <section2 topic="Jingle Client that uses WebRTC with TURN required" anchor="webrtcturn">
+ <p>A Jingle Client that uses WebRTC, therefore requiring a TURN Server and its credentials to successfully alocate channels. This specification describes a simple way of discovering TURN Services and retrieving credentials to successfully allocate channels.
+ This also simplifies deployment and distribution of TURN servers, since its stateless authentication does not require connectivity to database authoriztion services.</p>
+ </section2>
<section2 topic="Jingle Client with ICE-UDP Transport with STUN support but no TURN support" anchor="iceudpnoturn">
<p>A Jingle Client with STUN support but no TURN support can use Relay Node Services as the fallback candidate instead of a TURN candidate. For instance, after a connectivity check proccess, none of the direct candidates worked. The Client can use the Relay Node Candidate as the fallback candidate(the lowest priority candidate).</p>
</section2>
@@ -420,6 +504,13 @@ All signalling, request, response and publishing is done via XMPP, not requiring
<xs:attribute name='expire' type='xs:string' use='required'/>
</xs:element>
+ <xs:element name='turn'>
+ <xs:attribute name='ttl' type='xs:string' use='required'/>
+ <xs:attribute name='uri' type='xs:string' use='required'/>
+ <xs:attribute name='username' type='xs:string' use='required'/>
+ <xs:attribute name='password' type='xs:string' use='required'/>
+ </xs:element>
+
<xs:element name='services'>
<xs:complexType>
<xs:sequence>
@@ -435,6 +526,10 @@ All signalling, request, response and publishing is done via XMPP, not requiring
type='serviceElementType'
minOccurs='0'
maxOccurs='unbounded'/>
+ <xs:element name='turn'
+ type='serviceElementType'
+ minOccurs='0'
+ maxOccurs='unbounded'/>
</xs:sequence>
</xs:complexType>
</xs:element>
diff --git a/xep-0319.xml b/xep-0319.xml
index 9fd5cfd..870fc54 100644
--- a/xep-0319.xml
+++ b/xep-0319.xml
@@ -25,6 +25,12 @@
<shortname>idle</shortname>
&tobias;
<revision>
+ <version>1.0.2</version>
+ <date>2017-07-17</date>
+ <initials>egp</initials>
+ <remark><p>Make the schema more precise about a date being a xs:dateTime.</p></remark>
+ </revision>
+ <revision>
<version>1.0.1</version>
<date>2017-05-30</date>
<initials>egp</initials>
@@ -104,7 +110,7 @@
<xs:element name="idle">
<xs:complexType>
- <xs:attribute name="since" use="required" type="xs:string"/>
+ <xs:attribute name="since" use="required" type="xs:dateTime"/>
</xs:complexType>
</xs:element>