From: "Michael Ströder" <michael@stroeder.com>
To: galene@lists.galene.org
Subject: [Galene] Re: coturn config
Date: Thu, 7 Jan 2021 13:07:06 +0100 [thread overview]
Message-ID: <43734076-b64d-a4ad-bd44-2e3266aa8d07@stroeder.com> (raw)
In-Reply-To: <87r1n4uv0r.wl-jch@irif.fr>
On 1/1/21 11:55 PM, Juliusz Chroboczek wrote:
>> ...And it turns out that I completely misunderstood how this is supposed
>> to work: there's not supposed to be any communication between the WebRTC
>> server and Coturn. Rather, there's a configured shared secret that the
>> WebRTC server can use to generate as many ephemeral credentials as it
>> wants.
>
> I just pushed an implementation.
> [..]
> In other words, I've kept the standard configuration syntax, just added
> a non-standard value for "credentialType".
>
> Your turnserver.conf should look like this:
>
> use-auth-secret
> static-auth-secret=secret
> realm=trun.example.org
>
> I've done some testing, but I didn't test that it will properly rotate the
> key — please let me know if it survives 24h.
I'm already using this (with git revision d2f7010) since 2+ days. No
issues so far.
How to ensure that it survived key rotation?
Does key rotation affect existing TURN sessions?
Maybe some logging would be good.
Ciao, Michael.
next prev parent reply other threads:[~2021-01-07 12:07 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-12-27 16:57 [Galene] " Cell
2020-12-27 17:55 ` [Galene] " Toke Høiland-Jørgensen
2020-12-27 18:02 ` Cell
2020-12-27 18:06 ` Cell
2020-12-27 18:16 ` Toke Høiland-Jørgensen
2020-12-27 19:04 ` Juliusz Chroboczek
2020-12-27 19:27 ` Juliusz Chroboczek
2020-12-27 20:32 ` Toke Høiland-Jørgensen
2020-12-27 23:28 ` Juliusz Chroboczek
2020-12-28 1:38 ` Toke Høiland-Jørgensen
2020-12-28 18:49 ` Juliusz Chroboczek
2020-12-28 19:59 ` Toke Høiland-Jørgensen
2020-12-29 1:56 ` Juliusz Chroboczek
2020-12-29 2:09 ` Toke Høiland-Jørgensen
2020-12-29 8:35 ` Michael Ströder
2021-01-01 22:55 ` Juliusz Chroboczek
2021-01-01 23:43 ` Gabriel Kerneis
2021-01-02 0:02 ` Juliusz Chroboczek
2021-01-07 12:07 ` Michael Ströder [this message]
2021-01-07 12:14 ` Toke Høiland-Jørgensen
2021-01-07 12:31 ` [Galene] logging (was: coturn config) Michael Ströder
2021-01-07 13:27 ` [Galene] Re: coturn config Juliusz Chroboczek
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://lists.galene.org/postorius/lists/galene.lists.galene.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=43734076-b64d-a4ad-bd44-2e3266aa8d07@stroeder.com \
--to=michael@stroeder.com \
--cc=galene@lists.galene.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox