Reputation: 25064
I was going through this draft to undertstand usage of REST api to access TURN servics. I am bit confused after going through that.
Currently, I am authenicating my TURN server using Long Term Credential Mechanism with Redis database, but instead of using actual username and password, I am using a authenication token( which expires in 8 hours) and a random string as password.
My doubts about the draft are:
ttl
recieved in the response is never used( at least not part of RTCPeerConnection
). so how exactly is TURN know when to expire the user?turnserver
arguments to specify the timestamp format, ss it is fixed a UNIX timestamp?Upvotes: 2
Views: 965
Reputation: 17360
The timestamp generated by the REST endpoint as part of the username is ttl seconds in the future. So the TTL in the response is just informative.
The advantage of the overall approach is that (assuming time sync which is a solved problem) it requires no communication between the entity that generates the token and the TURN server. When deploying multiple TURN servers around the globe (see later in this I/O 2015 presentation) this is somewhat easier than syncing a redis database.
Upvotes: 2