Turn server documentation - edge case involving Kurento and lt-cred-mech #138
Conversation
|
If you don't want this PR to be merged yet, please turn it into a draft pull request . |
Our friends from Kurento say:
|
Note that now I've refreshed the different mechanisms available in Coturn and concluded that I was a bit mistaken by saying "more advanced credential mechanisms", because what I really meant was "non-static password for the long-term credential mechanism": Kurento/bugtracker#461 (comment) The other alternative credential mechanism offered by Coturn, the "REST-based authentication secret" ( |
|
Hi! I found this while searching for some other Coturn-related matters, so I thought I'd make a quick comment that might help you resolve this. This PR's change says:
Kurento does not require the "lt-cred-mech" authentication mechanism; it provides Client API methods to allow the Application dynamically managing the credentials, obtain a TURN user and password, and apply them to each individual WebRtcEndpoint. All this confusion was caused by very poorly worded docs, in part derived from the people who originally wrote the docs not totally understanding how Coturn works, and me not being up to speed in that matter too after a while later. Kurento docs now are much clearer in stating that the static config shown is just an example, and in production deployments a dynamic method is probably better for security: https://doc-kurento.readthedocs.io/en/latest/user/faq.html#how-to-install-coturn This probably also helps solving any confusion that there might be in bigbluebutton/bbb-install#157 |
|
Closing this issue as according to the Kurento documentatino they recommend using |
I suggest not accepting this PR until a few people have checked and commented. There is considerable confusion and I am not 100% certain I have this right.