Clarification about TURN server authentication through REST api

Question

I was going through this draft to undertstand usage of REST api to access TURN servics. I am bit confused after going through that.

Currently, I am authenicating my TURN server using Long Term Credential Mechanism with Redis database, but instead of using actual username and password, I am using a authenication token( which expires in 8 hours) and a random string as password.

My doubts about the draft are:

• the ttl recieved in the response is never used( at least not part of RTCPeerConnection). so how exactly is TURN know when to expire the user?
• I see no option in turnserver arguments to specify the timestamp format, ss it is fixed a UNIX timestamp?
• Does REST api implementation offer any advantage over my implementation( considering the fact the mine doesn't have a dependency on sync between webrtc server and TURN server time)

Answer 1

The timestamp generated by the REST endpoint as part of the username is ttl seconds in the future. So the TTL in the response is just informative.

The advantage of the overall approach is that (assuming time sync which is a solved problem) it requires no communication between the entity that generates the token and the TURN server. When deploying multiple TURN servers around the globe (see later in this I/O 2015 presentation) this is somewhat easier than syncing a redis database.