One document matched: draft-petithuguenin-behave-turn-uris-00.xml
<?xml version="1.0" encoding="US-ASCII"?>
<!DOCTYPE rfc SYSTEM "rfc2629.dtd">
<?rfc compact="yes" ?>
<?rfc strict="no" ?>
<?rfc symrefs="yes" ?>
<?rfc toc="yes" ?>
<rfc category="std" docName="draft-petithuguenin-behave-turn-uris-00" ipr="noModificationTrust200902">
<front>
<title abbrev="TURN URIs">Traversal Using Relays around NAT (TURN) Uniform Resource Identifiers</title>
<author fullname="Marc Petit-Huguenin" initials="M.P.H" surname="Petit-Huguenin">
<organization>Unaffiliated</organization>
<address>
<email>petithug@acm.org</email>
</address>
</author>
<author fullname="Suhas Nandakumar" initials="S.N." surname="Nandakumar">
<organization>Cisco Systems</organization>
<address>
<postal>
<street>170 West Tasman Drive</street>
<city>San Jose</city>
<region>CA</region>
<code>95134</code>
<country>US</country>
</postal>
<email>snandaku@cisco.com</email>
</address>
</author>
<author fullname="Gonzalo Salgueiro" initials="G.S." surname="Salgueiro">
<organization>Cisco Systems</organization>
<address>
<postal>
<street>7200-12 Kit Creek Road</street>
<city>Research Triangle Park</city>
<region>NC</region>
<code>27709</code>
<country>US</country>
</postal>
<email>gsalguei@cisco.com</email>
</address>
</author>
<author fullname="Paul E. Jones" initials="P.J." surname="Jones">
<organization>Cisco Systems</organization>
<address>
<postal>
<street>7025 Kit Creek Road</street>
<city>Research Triangle Park</city>
<region>NC</region>
<code>27709</code>
<country>US</country>
</postal>
<email>paulej@packetizer.com</email>
</address>
</author>
<date day="2" month="February" year="2012"/>
<area>TSV</area>
<workgroup>BEHAVE</workgroup>
<abstract>
<t>
This document specifies the syntax of Uniform Resource Identifier (URI) schemes for the Traversal Using Relays around NAT (TURN) protocol.
It defines two URI schemes that can be used to provision the configuration values needed by the resolution mechanism defined in <xref target="RFC5928"/>.
</t>
</abstract>
</front>
<middle>
<section title="Introduction">
<t>This document specifies the syntax and semantics of the Uniform Resource Identifier (URI) scheme for the Traversal Using Relays around NAT (TURN) protocol.</t>
<t>
The TURN protocol is a specification allowing hosts behind NAT to control the operation of a relay server.
The relay server allows hosts to exchange packets with its peers.
The peers themselves may also be behind NATs.
<xref target="RFC5766">RFC 5766</xref> defines the specifics of the TURN protocol.
</t>
<t>
The "turn/turns" URI scheme is used to designate a TURN server (also known as a relay) on Internet hosts accessible using the TURN protocol.
With the advent of standards such as <xref target="WEBRTC"/>, we anticipate a plethora of endpoints and web applications to be able to identify and communicate with such a TURN server to carry out the TURN protocol.
This also implies those endpoints and/or applications to be provisioned with appropriate configuration required to identify the TURN server.
Having an inconsistent syntax has its drawbacks and can result in non-interoperable solutions.
It can result in solutions that are ambiguous and have implementation limitations on the different aspects of the syntax and alike.
The "turn/turns" URI scheme helps alleviate most of these issues by providing a consistent way to describe, configure and exchange the information identifying a TURN server.
This would also prevent the shortcomings inherent with encoding similar information in non-uniform syntaxes such as the ones proposed in <xref target="WEBRTC"/>, for example.
</t>
<t>
<xref target="RFC5928"/> defines a resolution mechanism to convert a secure flag, a host name or IP address, an eventually empty port, and an eventually empty transport to a list of IP address, port, and TURN transport tuples.</t>
<t>To simplify the provisioning of TURN clients, this document defines a TURN and a TURNS URI scheme that can carry the four components needed for the resolution mechanism.</t>
<t>A <xref target="REF-IMPL">reference implementation</xref> is available.</t>
</section>
<section title="Terminology">
<t>The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in <xref target="RFC2119"/>.</t>
<t>
"SHOULD", "SHOULD NOT", "RECOMMENDED", and "NOT RECOMMENDED" are appropriate when valid exceptions to a general requirement are known to exist or appear to exist, and it is infeasible or impractical to enumerate all of them.
However, they should not be interpreted as permitting implementors to fail to implement the general requirement when such failure would result in interoperability failure.
</t>
</section>
<section anchor="syntax" title="Syntax of a TURN or TURNS URI">
<section anchor="URI_Scheme_Syntax" title="URI Scheme Syntax">
<t>The "turn" URI takes the following form (the syntax below is non-normative):</t>
<t>
<list>
<t>turn:<userinfo>@<host>:<port></t>
<t>turns:<userinfo>@<host>:<port></t>
</list>
</t>
<t>Note that <userinfo> with the "@" (at) sign character, as well as the <port> part and the preceding ":" (colon) character, is OPTIONAL.</t>
<t>A TURN/TURNS URI has the following formal ABNF syntax <xref target="RFC5234"/>:</t>
<figure>
<artwork type="abnf"><![CDATA[
turnURI = scheme ":" [ userinfo "@" ] turn-host
[ ":" turn-port ] [ "?transport=" transport ]
scheme = "turn" / "turns"
userinfo = user [ ":" password ]
user = 1*(%x21-24 / %x26-39 / %x3B-3F / %x41-7F
/ escaped)
; The symbols "%", ":", "@", and symbols
; with a character value below 0x21 may
; be represented as escaped sequences.
password = 1*(%x21-24 / %x26-3F / %x41-7F / escaped)
; The symbols "%", "@", and symbols with
; a character value below 0x21 may be
; represented as escaped sequences.
transport = "udp" / "tcp" / transport-ext
transport-ext = 1*unreserved
turn-host = IP-literal / IPv4address / reg-name
turn-port = *DIGIT
IP-literal = "[" ( IPv6address / IPvFuture ) "]"
IPvFuture = "v" 1*HEXDIG "." 1*( unreserved / sub-delims / ":" )
IPv6address = 6( h16 ":" ) ls32
/ "::" 5( h16 ":" ) ls32
/ [ h16 ] "::" 4( h16 ":" ) ls32
/ [ *1( h16 ":" ) h16 ] "::" 3( h16 ":" ) ls32
/ [ *2( h16 ":" ) h16 ] "::" 2( h16 ":" ) ls32
/ [ *3( h16 ":" ) h16 ] "::" h16 ":" ls32
/ [ *4( h16 ":" ) h16 ] "::" ls32
/ [ *5( h16 ":" ) h16 ] "::" h16
/ [ *6( h16 ":" ) h16 ] "::"
h16 = 1*4HEXDIG
ls32 = ( h16 ":" h16 ) / IPv4address
IPv4address = dec-octet "." dec-octet "." dec-octet "." dec-octet
dec-octet = DIGIT ; 0-9
/ %x31-39 DIGIT ; 10-99
/ "1" 2DIGIT ; 100-199
/ "2" %x30-34 DIGIT ; 200-249
/ "25" %x30-35 ; 250-255
reg-name = *( unreserved / pct-encoded / sub-delims )
escaped = "%" HEXDIG HEXDIG
]]></artwork>
</figure>
<t><unreserved>, <sub-delims>, and <pct-encoded> are specified in <xref target="RFC3986"/>.</t>
<t>
The <host>, <port> and <transport> components are passed without modification to the <xref target="RFC5928"/> algorithm.
<secure> is set to false if <scheme> is equal to "turn" and set to true if <scheme> is equal to "turns" and passed to the <xref target="RFC5928"/> algorithm with the other components.
The core rules <ALPHA>, <DIGIT> and <HEXDIGIT> are used as described in Appendix B of RFC 5234 <xref target="RFC5234"/>.
</t>
<t>The eventual <user> and <password> components are used as input for the <xref target="RFC5766">TURN</xref> protocol itself.</t>
</section>
<section anchor="URI_Scheme_Semantics" title="URI Scheme Semantics">
<t>
The TURN protocol supports sending messages over UDP, TCP or TLS-over-TCP.
The "turns" URI scheme SHALL be used when TURN is run over TLS-over-TCP (or in the future DTLS-over-UDP) and the "turn" scheme SHALL be used otherwise.
</t>
<t>The required <host> part of the "turn" URI denotes the TURN server host.</t>
<t>The <userinfo> part identifies the credentials required for the long-term credential mechanism as described in the section 10.2 of RFC 5389 <xref target="RFC5389"/>.</t>
<t>
The <port> part, if present, denotes the port on which the TURN server is awaiting connection requests.
If it is absent, the default port SHALL be 3478 for both UDP and TCP.
The default port for TURN over TLS SHALL be 5349.
</t>
<t>
The <userinfo> part specifies the username and password.
Both the <user> and <password> values are UTF-8 encoded and escaped as per section 2.5 of <xref target="RFC3986">RFC 3986</xref>.
</t>
</section>
</section>
<section anchor="security" title="Security Considerations">
<t>Security considerations for the resolution mechanism are discussed in <xref target="RFC5928"/>.</t>
<t>As described in Section 3.2.1 of <xref target="RFC3986">STD 66</xref>, having authentication information (specifically passwords) in a URI means that the URI must be handled carefully:
</t>
<t>
<list style="hanging">
<t>The passing of authentication information in clear text has proven to be a security risk in almost every case where it has been used.</t>
</list>
</t>
<t>
Section 3.2.1 contains advice on handling URI that contain passwords in the userinfo portion.
Implementations of this specification MUST implement that advice.
</t>
<t>
Specifically if a URI that contains credentials leaks, then it would allow an attacker to use the TURN server which is referenced by the URI.
Such an attack has two major impacts.
First, it uses up the operator's bandwidth.
Second, if the operator bills the user for TURN server usage, then it may expose the user to costs incurred by the attacker.
However, the attacker never obtains the user's private information, nor does this attack allow for traffic amplification.
</t>
<t>
The expected use environment mitigates to some degree concerns about TURN URIs compared to other URIs, such as HTTPS.
First, users do not dereference TURN URIs directly.
Instead, they are passed to the TURN stack.
Thus, concerns about confusion or leakage due to the URI being displayed to the user are significantly reduced; indeed the URI need never be available to the user at all.
</t>
<t>
One of the primary use cases for a TURN URI with credentials is WebRTC.
In this case, a web server will be offering a calling service and may have an associated TURN server it can use.
In this case, the browser will need to use the TURN server and the browser has no long term or preexisting relationship with the TURN server.
The web server needs to provide some credential to the client which it can use to access the TURN server.
Since TURN authentication is via username and password, this implies that the credential is a username/password pair.
While this must be transmitted securely (i.e., over HTTPS), the security properties are the same whether the password is carried separately or is part of the URL.
Moreover, because the web server and TURN servers can cooperate, a new password can be issued for every call, making short-term credentials feasible and thus significantly mitigating the risk.
</t>
<t>
If a TURN URI is transferred between hosts, it MUST be done over a protocol that provides confidentiality such as HTTPS [RFC2818].
It is RECOMMENDED that the credential only be valid for a single call and preferably for no more than one day.
That "preferably" is bad.
</t>
</section>
<section title="IANA Considerations">
<t>This section contains the registration information for the "turn" and "turns" URI Schemes (in accordance with <xref target="RFC4395"/>).</t>
<section title="TURN URI Registration">
<t>URI scheme name: turn</t>
<t>Status: permanent</t>
<t>URI scheme syntax: See <xref target="syntax"/>.</t>
<t>URI scheme semantics: See <xref target="RFC5928"/>.</t>
<t>Encoding considerations: There are no encoding considerations beyond those in <xref target="RFC3986"/>.</t>
<t>Applications/protocols that use this URI scheme name:</t>
<t>
<list>
<t>The "turn" URI scheme is intended to be used by applications that might need access to a TURN server.</t>
</list>
</t>
<t>Interoperability considerations: N/A</t>
<t>Security considerations: See <xref target="security"/>.</t>
<t>Contact: Marc Petit-Huguenin <petithug@acm.org></t>
<t>Author/Change controller: The IESG</t>
<t>References: RFC&rfc.number;</t>
<t>[[NOTE TO RFC EDITOR: Please change &rfc.number; to the number assigned to this specification, and remove this paragraph on publication.]]</t>
</section>
<section title="TURNS URI Registration">
<t>URI scheme name: turns</t>
<t>Status: permanent</t>
<t>URI scheme syntax: See <xref target="syntax"/>.</t>
<t>URI scheme semantics: See <xref target="RFC5928"/>.</t>
<t>Encoding considerations: There are no encoding considerations beyond those in <xref target="RFC3986"/>.</t>
<t>Applications/protocols that use this URI scheme name:</t>
<t>
<list>
<t>The "turns" URI scheme is intended to be used by applications that might need access to a TURN server over a secure connection.</t>
</list>
</t>
<t>Interoperability considerations: N/A</t>
<t>Security considerations: See <xref target="security"/>.</t>
<t>Contact: Marc Petit-Huguenin <petithug@acm.org></t>
<t>Author/Change controller: The IESG</t>
<t>References: RFC&rfc.number;</t>
<t>[[NOTE TO RFC EDITOR: Please change &rfc.number; to the number assigned to this specification, and remove this paragraph on publication.]]</t>
</section>
</section>
<section title="Acknowledgements">
<t>Thanks to Margaret Wasserman, Magnus Westerlund, Juergen Schoenwaelder, Sean Turner, Ted Hardie, Dave Thaler, Alfred E. Heggestad, Eilon Yardeni, Dan Wing, Alfred Hoenes, and Jim Kleck for their comments, suggestions and questions that helped to improve the draft-petithuguenin-behave-turn-uri-bis document.</t>
<t>Many thanks to Cullen Jennings for his detailed review and thoughtful comments on the draft-nandakumar-rtcweb-turn-uri document.</t>
<t>The <turn-port> and <turn-host> ABNF productions have been copied from the <port> and <host> ABNF productions from <xref target="RFC3986"/>.</t>
<t>This document was written with the xml2rfc tool described in <xref target="RFC2629"/>.</t>
</section>
</middle>
<back>
<references title="Normative References">
<reference anchor="RFC2119">
<front>
<title abbrev="RFC Key Words">Key words for use in RFCs to Indicate Requirement Levels</title>
<author fullname="Scott Bradner" initials="S." surname="Bradner">
<organization>Harvard University</organization>
<address>
<postal>
<street>1350 Mass. Ave.</street>
<street>Cambridge</street>
<street>MA 02138</street>
</postal>
<phone>- +1 617 495 3864</phone>
<email>sob@harvard.edu</email>
</address>
</author>
<date month="March" year="1997"/>
<area>General</area>
<keyword>keyword</keyword>
<abstract>
<t>
In many standards track documents several words are used to signify
the requirements in the specification. These words are often
capitalized. This document defines these words as they should be
interpreted in IETF documents. Authors who follow these guidelines
should incorporate this phrase near the beginning of their document:
<list>
<t>
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL
NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in
RFC 2119.
</t>
</list>
</t>
<t>
Note that the force of these words is modified by the requirement
level of the document in which they are used.
</t>
</abstract>
</front>
<seriesInfo name="BCP" value="14"/>
<seriesInfo name="RFC" value="2119"/>
<format octets="4723" target="http://www.rfc-editor.org/rfc/rfc2119.txt" type="TXT"/>
<format octets="17491" target="http://xml.resource.org/public/rfc/html/rfc2119.html" type="HTML"/>
<format octets="5777" target="http://xml.resource.org/public/rfc/xml/rfc2119.xml" type="XML"/>
</reference>
<reference anchor="RFC3986">
<front>
<title abbrev="URI Generic Syntax">Uniform Resource Identifier (URI): Generic Syntax</title>
<author fullname="Tim Berners-Lee" initials="T." surname="Berners-Lee">
<organization abbrev="W3C/MIT">World Wide Web Consortium</organization>
<address>
<postal>
<street>Massachusetts Institute of Technology</street>
<street>77 Massachusetts Avenue</street>
<city>Cambridge</city>
<region>MA</region>
<code>02139</code>
<country>USA</country>
</postal>
<phone>+1-617-253-5702</phone>
<facsimile>+1-617-258-5999</facsimile>
<email>timbl@w3.org</email>
<uri>http://www.w3.org/People/Berners-Lee/</uri>
</address>
</author>
<author fullname="Roy T. Fielding" initials="R." surname="Fielding">
<organization abbrev="Day Software">Day Software</organization>
<address>
<postal>
<street>5251 California Ave., Suite 110</street>
<city>Irvine</city>
<region>CA</region>
<code>92617</code>
<country>USA</country>
</postal>
<phone>+1-949-679-2960</phone>
<facsimile>+1-949-679-2972</facsimile>
<email>fielding@gbiv.com</email>
<uri>http://roy.gbiv.com/</uri>
</address>
</author>
<author fullname="Larry Masinter" initials="L." surname="Masinter">
<organization abbrev="Adobe Systems">Adobe Systems Incorporated</organization>
<address>
<postal>
<street>345 Park Ave</street>
<city>San Jose</city>
<region>CA</region>
<code>95110</code>
<country>USA</country>
</postal>
<phone>+1-408-536-3024</phone>
<email>LMM@acm.org</email>
<uri>http://larry.masinter.net/</uri>
</address>
</author>
<date month="January" year="2005"/>
<area>Applications</area>
<keyword>uniform resource identifier</keyword>
<keyword>URI</keyword>
<keyword>URL</keyword>
<keyword>URN</keyword>
<keyword>WWW</keyword>
<keyword>resource</keyword>
<abstract>
<t>
A Uniform Resource Identifier (URI) is a compact sequence of characters
that identifies an abstract or physical resource. This specification
defines the generic URI syntax and a process for resolving URI references
that might be in relative form, along with guidelines and security
considerations for the use of URIs on the Internet.
The URI syntax defines a grammar that is a superset of all valid URIs,
allowing an implementation to parse the common components of a URI
reference without knowing the scheme-specific requirements of every
possible identifier. This specification does not define a generative
grammar for URIs; that task is performed by the individual
specifications of each URI scheme.
</t>
</abstract>
</front>
<seriesInfo name="STD" value="66"/>
<seriesInfo name="RFC" value="3986"/>
<format octets="141811" target="http://www.rfc-editor.org/rfc/rfc3986.txt" type="TXT"/>
<format octets="213584" target="http://xml.resource.org/public/rfc/html/rfc3986.html" type="HTML"/>
<format octets="163534" target="http://xml.resource.org/public/rfc/xml/rfc3986.xml" type="XML"/>
</reference>
<reference anchor="RFC5234">
<front>
<title>Augmented BNF for Syntax Specifications: ABNF</title>
<author fullname="D. Crocker" initials="D." surname="Crocker">
<organization/>
</author>
<author fullname="P. Overell" initials="P." surname="Overell">
<organization/>
</author>
<date month="January" year="2008"/>
<abstract>
<t>Internet technical specifications often need to define a formal syntax. Over the years, a modified version of Backus-Naur Form (BNF), called Augmented BNF (ABNF), has been popular among many Internet specifications. The current specification documents ABNF. It balances compactness and simplicity with reasonable representational power. The differences between standard BNF and ABNF involve naming rules, repetition, alternatives, order-independence, and value ranges. This specification also supplies additional rule definitions and encoding for a core lexical analyzer of the type common to several Internet specifications. [STANDARDS-TRACK]</t>
</abstract>
</front>
<seriesInfo name="STD" value="68"/>
<seriesInfo name="RFC" value="5234"/>
<format octets="26359" target="http://www.rfc-editor.org/rfc/rfc5234.txt" type="TXT"/>
</reference>
<reference anchor="RFC5766">
<front>
<title>Traversal Using Relays around NAT (TURN): Relay Extensions to Session Traversal Utilities for NAT (STUN)</title>
<author fullname="R. Mahy" initials="R." surname="Mahy">
<organization/>
</author>
<author fullname="P. Matthews" initials="P." surname="Matthews">
<organization/>
</author>
<author fullname="J. Rosenberg" initials="J." surname="Rosenberg">
<organization/>
</author>
<date month="April" year="2010"/>
<abstract>
<t>If a host is located behind a NAT, then in certain situations it can be impossible for that host to communicate directly with other hosts (peers). In these situations, it is necessary for the host to use the services of an intermediate node that acts as a communication relay. This specification defines a protocol, called TURN (Traversal Using Relays around NAT), that allows the host to control the operation of the relay and to exchange packets with its peers using the relay. TURN differs from some other relay control protocols in that it allows a client to communicate with multiple peers using a single relay address. [STANDARDS-TRACK]</t>
</abstract>
</front>
<seriesInfo name="RFC" value="5766"/>
<format octets="172112" target="http://www.rfc-editor.org/rfc/rfc5766.txt" type="TXT"/>
</reference>
<reference anchor="RFC5928">
<front>
<title>Traversal Using Relays around NAT (TURN) Resolution Mechanism</title>
<author fullname="M. Petit-Huguenin" initials="M." surname="Petit-Huguenin">
<organization/>
</author>
<date month="August" year="2010"/>
<abstract>
<t>This document defines a resolution mechanism to generate a list of server transport addresses that can be tried to create a Traversal Using Relays around NAT (TURN) allocation. [STANDARDS-TRACK]</t>
</abstract>
</front>
<seriesInfo name="RFC" value="5928"/>
<format octets="23993" target="http://www.rfc-editor.org/rfc/rfc5928.txt" type="TXT"/>
</reference>
</references>
<references title="Informative References">
<reference anchor="RFC2629">
<front>
<title>Writing I-Ds and RFCs using XML</title>
<author fullname="Marshall T. Rose" initials="M.T." surname="Rose">
<organization>Invisible Worlds, Inc.</organization>
<address>
<postal>
<street>660 York Street</street>
<city>San Francisco</city>
<region>CA</region>
<code>94110</code>
<country>US</country>
</postal>
<phone>+1 415 695 3975</phone>
<email>mrose@not.invisible.net</email>
<uri>http://invisible.net/</uri>
</address>
</author>
<date month="June" year="1999"/>
<area>General</area>
<keyword>RFC</keyword>
<keyword>Request for Comments</keyword>
<keyword>I-D</keyword>
<keyword>Internet-Draft</keyword>
<keyword>XML</keyword>
<keyword>Extensible Markup Language</keyword>
<abstract>
<t>This memo presents a technique for using XML
(Extensible Markup Language)
as a source format for documents in the Internet-Drafts (I-Ds) and
Request for Comments (RFC) series.</t>
</abstract>
</front>
<seriesInfo name="RFC" value="2629"/>
<format octets="48677" target="http://www.rfc-editor.org/rfc/rfc2629.txt" type="TXT"/>
<format octets="71741" target="http://xml.resource.org/public/rfc/html/rfc2629.html" type="HTML"/>
<format octets="53481" target="http://xml.resource.org/public/rfc/xml/rfc2629.xml" type="XML"/>
</reference>
<reference anchor="RFC4395">
<front>
<title>Guidelines and Registration Procedures for New URI Schemes</title>
<author fullname="T. Hansen" initials="T." surname="Hansen">
<organization/>
</author>
<author fullname="T. Hardie" initials="T." surname="Hardie">
<organization/>
</author>
<author fullname="L. Masinter" initials="L." surname="Masinter">
<organization/>
</author>
<date month="February" year="2006"/>
<abstract>
<t>This document provides guidelines and recommendations for the definition of Uniform Resource Identifier (URI) schemes. It also updates the process and IANA registry for URI schemes. It obsoletes both RFC 2717 and RFC 2718. This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements.</t>
</abstract>
</front>
<seriesInfo name="BCP" value="35"/>
<seriesInfo name="RFC" value="4395"/>
<format octets="31933" target="http://www.rfc-editor.org/rfc/rfc4395.txt" type="TXT"/>
</reference>
<reference anchor="RFC5389">
<front>
<title>Session Traversal Utilities for NAT (STUN)</title>
<author fullname="J. Rosenberg" initials="J." surname="Rosenberg">
<organization/>
</author>
<author fullname="R. Mahy" initials="R." surname="Mahy">
<organization/>
</author>
<author fullname="P. Matthews" initials="P." surname="Matthews">
<organization/>
</author>
<author fullname="D. Wing" initials="D." surname="Wing">
<organization/>
</author>
<date month="October" year="2008"/>
<abstract>
<t>Session Traversal Utilities for NAT (STUN) is a protocol that serves as a tool for other protocols in dealing with Network Address Translator (NAT) traversal. It can be used by an endpoint to determine the IP address and port allocated to it by a NAT. It can also be used to check connectivity between two endpoints, and as a keep-alive protocol to maintain NAT bindings. STUN works with many existing NATs, and does not require any special behavior from them.</t><t> STUN is not a NAT traversal solution by itself. Rather, it is a tool to be used in the context of a NAT traversal solution. This is an important change from the previous version of this specification (RFC 3489), which presented STUN as a complete solution.</t><t> This document obsoletes RFC 3489. [STANDARDS-TRACK]</t>
</abstract>
</front>
<seriesInfo name="RFC" value="5389"/>
<format octets="125650" target="http://www.rfc-editor.org/rfc/rfc5389.txt" type="TXT"/>
</reference>
<reference anchor="RFC5769">
<front>
<title>Test Vectors for Session Traversal Utilities for NAT (STUN)</title>
<author fullname="R. Denis-Courmont" initials="R." surname="Denis-Courmont">
<organization/>
</author>
<date month="April" year="2010"/>
<abstract>
<t>The Session Traversal Utilities for NAT (STUN) protocol defines several STUN attributes. The content of some of these -- FINGERPRINT, MESSAGE-INTEGRITY, and XOR-MAPPED-ADDRESS -- involve binary-logical operations (hashing, xor). This document provides test vectors for those attributes. This document is not an Internet Standards Track specification; it is published for informational purposes.</t>
</abstract>
</front>
<seriesInfo name="RFC" value="5769"/>
<format octets="15407" target="http://www.rfc-editor.org/rfc/rfc5769.txt" type="TXT"/>
</reference>
<reference anchor="WEBRTC">
<front>
<title>WebRTC 1.0: Real-time Communication Between Browsers</title>
<author fullname="W3C" initials="" surname="W3C">
<organization/>
</author>
</front>
<annotation>
<eref target="http://dev.w3.org/2011/webrtc/editor/webrtc.html"/>.</annotation>
</reference>
<reference anchor="REF-IMPL">
<front>
<title>Reference Implementation of TURN resolver and TURN URI parser</title>
<author fullname="Marc Petit-Huguenin" initials="MPH" surname="Petit-Huguenin">
<organization/>
</author>
</front>
<annotation>
<eref target="http://debian.implementers.org/stable/source/turnuri.tar.gz"/>.</annotation>
</reference>
</references>
<section title="Examples">
<t>
<xref target="examples1"/> shows how the <secure>, <port> and <transport> components are populated from various URIs.
For all these examples, the <host> component is populated with "example.org".
</t>
<texttable anchor="examples1">
<ttcol>URI</ttcol>
<ttcol><secure></ttcol>
<ttcol><port></ttcol>
<ttcol><transport></ttcol>
<c>turn:example.org</c> <c>false</c> <c/> <c/>
<c>turn:user:pwd@example.org</c> <c>false</c> <c/> <c/>
<c>turns:example.org</c> <c>true</c> <c/> <c/>
<c>turns:user:pwd@example.org</c> <c>true</c> <c/> <c/>
<c>turn:example.org:8000</c> <c>false</c> <c>8000</c> <c/>
<c>turn:example.org?transport=udp</c> <c>false</c> <c/> <c>UDP</c>
<c>turn:example.org?transport=tcp</c> <c>false</c> <c/> <c>TCP</c>
<c>turns:example.org?transport=tcp</c> <c>true</c> <c/> <c>TLS</c>
</texttable>
<t>
<xref target="examples2"/> shows how the <username>, <password> and <host> components are populated from various URIs.
For all the examples, the secure component is populated with false and the port and transport components are empty.
</t>
<texttable anchor="examples2">
<ttcol>URI</ttcol>
<ttcol><username></ttcol>
<ttcol><password></ttcol>
<ttcol><host></ttcol>
<c>turn:example.org</c>
<c/>
<c/>
<c>example.org</c>
<c>turn:192.0.2.1</c>
<c/>
<c/>
<c>192.0.2.1</c>
<c>turn:[2001:DB8::1]</c>
<c/>
<c/>
<c>2001:DB8::1</c>
<c>turn:user@example.org</c>
<c>user</c>
<c/>
<c>example.org</c>
<c>turn:user:pwd@example.org</c>
<c>user</c>
<c>pwd</c>
<c>example.org</c>
</texttable>
<t>The following example produces the username and password used as example in section 2.4 of <xref target="RFC5769"/>:</t>
<t>turn:%E3%83%9E%E3%83%88%E3%83%AA%E3%83%83%E3%82%AF%E3%82%B9:The%C2%ADM%C2%AAtr%E2%85%A8@example.org</t>
</section>
<section title="Release notes">
<t>This section must be removed before publication as an RFC.</t>
<section title="Merge of draft-nandakumar-rtcweb-turn-uri-00 and draft-petithuguenin-behave-turn-uri-bis-05">
<t>
<list style="symbols">
<t>Changed author list.</t>
<t>Draft is now standard track.</t>
<t>Merged abstract, introduction, acknowledgement and security sections.</t>
<t>Added two introductory paragraphs to the beginning iof the introduction.</t>
<t>Took Section 3 and divided it into Section 3.1 URI Scheme Syntax and Section 3.2 URI Scheme Semantics.</t>
<t>Explained that most components are passed as is to RFC 5928.</t>
<t>Added username and password in ABNF.</t>
<t>Added RFC 5389 as reference.</t>
<t>Added examples.</t>
<t>Updated design notes.</t>
<t>Various minor nits and grammatical issues fixed.</t>
</list>
</t>
</section>
<section title="Modifications between petithuguenin-05 and petithuguenin-04">
<t>
<list style="symbols">
<t>Nits.</t>
<t>Fixed schemes registration.</t>
</list>
</t>
</section>
<section title="Modifications between petithuguenin-04 and petithuguenin-03">
<t>
<list style="symbols">
<t>Fixed references code link.</t>
</list>
</t>
</section>
<section title="Modifications between petithuguenin-03 and petithuguenin-02">
<t>
<list style="symbols">
<t>Updated RFC references.</t>
</list>
</t>
</section>
<section title="Modifications between petithuguenin-02 and petithuguenin-01">
<t>
<list style="symbols">
<t>Nits.</t>
</list>
</t>
</section>
<section title="Modifications between petithuguenin-01 and petithuguenin-00">
<t>
<list style="symbols">
<t>Shorten I-D references.</t>
</list>
</t>
</section>
<section title="Design Notes">
<t>
<list style="symbols">
<t>As discussed in Dublin, there is no generic parameters in the URI to prevent compatibity issues.</t>
</list>
</t>
</section>
</section>
</back>
</rfc>
| PAFTECH AB 2003-2026 | 2026-04-24 01:56:15 |