specs icon indicating copy to clipboard operation
specs copied to clipboard
verified publisher icon onvif

Updated entry point for device service over Uplink

Open bsriramprasad opened this issue 1 year ago • 4 comments

Ref: https://github.com/onvif/wg_profile_cloud/issues/9

Entry point for device service needs to have HTTPS url scheme to access device over Uplink and the PR updates core spec to clarify such requirement.

Note

  • Since Core spec never refers to other service specs, Uplink spec reference is NOT included in list of references

Should we use a different term for Uplink but convey same meaning like 'access device over reverse tunnel'? Suggestions welcome.

bsriramprasad avatar Oct 08 '24 11:10 bsriramprasad

only local paths are used

Not sure if I get your comment fully, as I understand the scheme + "onvif/device_service" is what's standardized while the "onvif_host" in the entry point syntax is left to implementation? so in that sense mentioning about local paths could be hard to harmonise?

bsriramprasad avatar Oct 09 '24 07:10 bsriramprasad

only local paths are used

Not sure if I get your comment fully, as I understand the scheme + "onvif/device_service" is what's standardized while the "onvif_host" in the entry point syntax is left to implementation? so in that sense mentioning about local paths could be hard to harmonise?

I agree with @HansBusch. Since it’s HTTP/2, the full URL with http or https is not relevant. Only the path “/onvif/device_service” is important.

sujithhanwha avatar Oct 10 '24 00:10 sujithhanwha

only local paths are used

Not sure if I get your comment fully, as I understand the scheme + "onvif/device_service" is what's standardized while the "onvif_host" in the entry point syntax is left to implementation? so in that sense mentioning about local paths could be hard to harmonise?

I agree with @HansBusch. Since it’s HTTP/2, the full URL with http or https is not relevant. Only the path “/onvif/device_service” is important.

I think there is a conceptual mistake here. While it is true that with uplink we must use encryption, the URI used to connect to the cloud is not the entry point of of any service. It's just one end of a reverse proxy. Eventually the tunnel is reverted and commands are sent towards the other direction.

Therefore, for me this PR should be rejected.

ocampana-videotec avatar Oct 23 '24 19:10 ocampana-videotec

10/24 VEWG Telco

  • Agreed to remove the transport + "onvif_host" for defining onvif entry point

bsriramprasad avatar Oct 24 '24 13:10 bsriramprasad

@HansBusch You have a change requested for this PR. Is it still required?

kieran242 avatar Oct 29 '24 12:10 kieran242