Skip to content

Commit

Permalink
Merge pull request #327 from onvif/development
Browse files Browse the repository at this point in the history 
23.06 Release
  • Loading branch information
@HansBusch
HansBusch authored Jul 3, 2023
2 parents 9fec77a + af63a32 commit 464b988
Show file tree
Hide file tree
Showing 21 changed files with 3,021 additions and 297 deletions.
369 changes: 344 additions & 25 deletions doc/Analytics.xml
100755 → 100644
View file

Large diffs are not rendered by default.

163 changes: 113 additions & 50 deletions doc/Core.xml
View file

Large diffs are not rendered by default.

78 changes: 54 additions & 24 deletions doc/Media2.xml
View file

Large diffs are not rendered by default.

15 changes: 12 additions & 3 deletions doc/PTZ.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,19 +4,19 @@
<info>
<title>PTZ Service Specification</title>
<titleabbrev>Ptz</titleabbrev>
<releaseinfo>20.12</releaseinfo>
<releaseinfo>23.06</releaseinfo>
<author>
<orgname>ONVIF™</orgname>
<uri>www.onvif.org</uri>
</author>
<pubdate>December, 2020</pubdate>
<pubdate>June, 2023</pubdate>
<mediaobject>
<imageobject>
<imagedata fileref="media/logo.png" contentwidth="60mm" />
</imageobject>
</mediaobject>
<copyright>
<year>2008-2020</year>
<year>2008-2023</year>
<holder>ONVIF™ All rights reserved.</holder>
</copyright>
<legalnotice>
Expand Down Expand Up @@ -155,6 +155,14 @@ Add GeoMove</revremark>
</author>
<revremark>Add MoveAndStartTracking</revremark>
</revision>
<revision>
<revnumber>23.06</revnumber>
<date>Jun-2023</date>
<author>
<personname>Michael Adam</personname>
</author>
<revremark>Add clarification to PTZ spec regarding dynamic space ranges.</revremark>
</revision>
</revhistory>
</info>
<chapter>
Expand Down Expand Up @@ -1373,6 +1381,7 @@ Add GeoMove</revremark>
<section>
<title>Absolute position spaces</title>
<para>The absolute position spaces are used when the client wants to move the camera to a certain position. The absolute movement from current position A to an arbitrarily chosen position B doesn’t have to follow a specific path. Instead, the PTZ device may choose the shortest path in order to reach the target destination.</para>
<para>For devices with dynamic ranges of values (for example, enabling or disabling a "digital zoom" feature will change the total zoom range), it is expected that the generic spaces will be remapped at runtime to match the full range of values.</para>
<section>
<title>Generic pan/tilt position space</title>
<para>The generic pan/tilt position space shall be provided by every PTZ node that supports absolute pan/tilt, since it does not relate to a specific physical range. Instead, the range should be defined as the full range of the PTZ unit normalized to the range -1 to 1 resulting in the following space description:</para>
Expand Down
645 changes: 617 additions & 28 deletions doc/RecordingControl.xml
View file

Large diffs are not rendered by default.

57 changes: 39 additions & 18 deletions doc/Security.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,19 +4,19 @@
<info>
<title>Advanced Security Service Specification</title>
<titleabbrev>Security Configuration</titleabbrev>
<releaseinfo>22.12</releaseinfo>
<releaseinfo>23.06</releaseinfo>
<author>
<orgname>ONVIF™</orgname>
<uri>www.onvif.org</uri>
</author>
<pubdate>Dec 2022</pubdate>
<pubdate>June 2023</pubdate>
<mediaobject>
<imageobject>
<imagedata fileref="media/logo.png" contentwidth="60mm"/>
</imageobject>
</mediaobject>
<copyright>
<year>2008-2022</year>
<year>2008-2023</year>
<holder>ONVIF™ All rights reserved.</holder>
</copyright>
<legalnotice>
Expand Down Expand Up @@ -135,6 +135,14 @@ Added certificate-based client authentication</revremark>
</author>
<revremark>Do not require to support multiple identical pathes. Remove CRL requirement on client authentication.</revremark>
</revision>
<revision>
<revnumber>23.06</revnumber>
<date>June-2023</date>
<author>
<personname>Hans Busch</personname>
</author>
<revremark>Remove requirement on passphrase support.</revremark>
</revision>
</revhistory>
</info>
<chapter>
Expand Down Expand Up @@ -2422,7 +2430,9 @@ Added certificate-based client authentication</revremark>
<varlistentry>
<term>request</term>
<listitem>
<para role="param">CertificationPathID - [tas:CertificationPathID] The ID of the certification path to assign to the TLS server.</para>
<para role="param">CertificationPathID - [tas:CertificationPathID] </para>
<para role="text">The ID of the certification path to assign to the TLS
server.</para>
</listitem>
</varlistentry>
<varlistentry>
Expand All @@ -2434,9 +2444,12 @@ Added certificate-based client authentication</revremark>
<varlistentry>
<term>faults</term>
<listitem>
<para role="param">env:Sender - ter:InvalidArgVal - ter:CertificationPathID No certification path is stored in the keystore under the given certification path ID.</para>
<para role="param">env:Sender - ter:InvalidArgVal - ter:NoPrivateKey The key pair that is associated with the first certificate in the certificate chain does not have an associated private key.</para>
<para role="param">env: Receiver - ter: Action - ter:MaximumNumberOfTLSCertificationPathsReached The maximum number of certification paths that may be assigned to the TLS server simultaneously is reached.</para>
<para role="param">env:Sender - ter:InvalidArgVal - ter:CertificationPathID </para>
<para role="text">No certification path is stored in the keystore under the given certification path ID.</para>
<para role="param">env:Sender - ter:InvalidArgVal - ter:NoPrivateKey </para>
<para role="text">The key pair that is associated with the first certificate in the certificate chain does not have an associated private key.</para>
<para role="param">env: Receiver - ter: Action - ter:MaximumNumberOfTLSCertificationPathsReached </para>
<para role="text">The maximum number of certification paths that may be assigned to the TLS server simultaneously is reached.</para>
</listitem>
</varlistentry>
<varlistentry>
Expand Down Expand Up @@ -2633,7 +2646,8 @@ Added certificate-based client authentication</revremark>
<varlistentry>
<term>request</term>
<listitem>
<para role="param">cnMapsToUser - [xs:boolean] A request for the device to enable or disable Common Name Mapping to User.</para>
<para role="param">cnMapsToUser - [xs:boolean]</para>
<para role="text">A request for the device to enable or disable Common Name Mapping to User.</para>
</listitem>
</varlistentry>
<varlistentry>
Expand All @@ -2645,7 +2659,8 @@ Added certificate-based client authentication</revremark>
<varlistentry>
<term>faults</term>
<listitem>
<para role="param">env:Receiver - ter:ActionNotSupported - ter:CnMapsToUserFailed The device does not support TLS client authentication, or TLS client authentication is not configured appropriately.</para>
<para role="param">env:Receiver - ter:ActionNotSupported - ter:CnMapsToUserFailed </para>
<para role="text">The device does not support TLS client authentication, or TLS client authentication is not configured appropriately.</para>
</listitem>
</varlistentry>
<varlistentry>
Expand All @@ -2663,13 +2678,14 @@ Added certificate-based client authentication</revremark>
<varlistentry>
<term>request</term>
<listitem>
<para role="param">This message is empty.</para>
<para role="text">This message is empty.</para>
</listitem>
</varlistentry>
<varlistentry>
<term>response</term>
<listitem>
<para role="text">cnMapsToUser - [xs:boolean] Whether cnMapsToUser is enabled.</para>
<para role="param">cnMapsToUser - [xs:boolean] </para>
<para role="text">Whether cnMapsToUser is enabled.</para>
</listitem>
</varlistentry>
<varlistentry>
Expand All @@ -2695,7 +2711,9 @@ Added certificate-based client authentication</revremark>
<varlistentry>
<term>request</term>
<listitem>
<para role="param">CertPathValidationPolicyID - [tas:CertPathValidationPolicyID] The ID of the certification path validation policy to assign to the TLS server.</para>
<para role="param">CertPathValidationPolicyID - [tas:CertPathValidationPolicyID] </para>
<para role="text">The ID of the certification path validation policy to assign to
the TLS server.</para>
</listitem>
</varlistentry>
<varlistentry>
Expand All @@ -2707,8 +2725,11 @@ Added certificate-based client authentication</revremark>
<varlistentry>
<term>faults</term>
<listitem>
<para role="param">env:Sender - ter:InvalidArgVal - ter:CertPathValidationPolicyID No certification path validation policy is stored under the requested CertPathValidationPolicyID.</para>
<para role="param">env:Receiver - ter:Action - ter:MaximumNumberOfTLSCertPathValidationPoliciesReached The maximum number of certification path validation policies that may be assigned to the TLS server simultaneously is reached.</para>
<para role="param">env:Sender - ter:InvalidArgVal - ter:CertPathValidationPolicyID </para>
<para role="text">No certification path validation policy is stored under the
requested CertPathValidationPolicyID.</para>
<para role="param">env:Receiver - ter:Action - ter:MaximumNumberOfTLSCertPathValidationPoliciesReached </para>
<para role="text">The maximum number of certification path validation policies that may be assigned to the TLS server simultaneously is reached.</para>
</listitem>
</varlistentry>
<varlistentry>
Expand All @@ -2727,7 +2748,8 @@ Added certificate-based client authentication</revremark>
<varlistentry>
<term>request</term>
<listitem>
<para role="param">CertPathValidationPolicyID - [tas:CertPathValidationPolicyID] The ID of the certification path validation policy to remove from the TLS server.</para>
<para role="param">CertPathValidationPolicyID - [tas:CertPathValidationPolicyID] </para>
<para role="text">The ID of the certification path validation policy to remove from the TLS server.</para>
</listitem>
</varlistentry>
<varlistentry>
Expand All @@ -2739,7 +2761,8 @@ Added certificate-based client authentication</revremark>
<varlistentry>
<term>faults</term>
<listitem>
<para role="param">env:Sender - ter:InvalidArgVal - ter:CertPathValidationPolicyID No certification path validation policy is stored under the requested CertPathValidationPolicyID.</para>
<para role="param">env:Sender - ter:InvalidArgVal - ter:CertPathValidationPolicyID </para>
<para role="text">No certification path validation policy is stored under the requested CertPathValidationPolicyID.</para>
</listitem>
</varlistentry>
<varlistentry>
Expand Down Expand Up @@ -3568,7 +3591,6 @@ Added certificate-based client authentication</revremark>
<para>UploadKeyPairInPKCS8</para>
</listitem>
</itemizedlist>
<para>If true, MaximumNumberOfPassphrases &gt;0 shall hold.</para>
<para>If true, MaximumNumberOfKeys &gt; 0 shall hold.</para>
<para>If true, the list of supported RSA key lengths as indicated by the RSAKeyLenghts capability shall not be empty.</para>
<para>If true, the list of supported password-based encryption algorithms as indicated by the PasswordBasedEncryptionAlgorithms capability shall contain at least the algorithm <phrase>pbeWithSHAAnd3-KeyTripleDES-CBC</phrase>.</para>
Expand Down Expand Up @@ -3603,7 +3625,6 @@ Added certificate-based client authentication</revremark>
<para>DeleteCertificationPath</para>
</listitem>
</itemizedlist>
<para>If true, MaximumNumberOfPassphrases &gt;0 shall hold.</para>
<para>If true, MaximumNumberOfKeys &gt;=2 shall hold.</para>
<para>If true, MaximumNumberOfCertificates &gt;=2 shall hold.</para>
<para>If true, MaximumNumberOfCertificattionPaths &gt;0 shall hold.</para>
Expand Down
31 changes: 20 additions & 11 deletions doc/Streaming.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,19 +4,19 @@
<info>
<title>Streaming Specification</title>
<titleabbrev>Streaming</titleabbrev>
<releaseinfo>22.12</releaseinfo>
<releaseinfo>23.06</releaseinfo>
<author>
<orgname>ONVIF™</orgname>
<uri>www.onvif.org</uri>
</author>
<pubdate>December, 2022</pubdate>
<pubdate>June, 2023</pubdate>
<mediaobject>
<imageobject>
<imagedata fileref="media/logo.png" contentwidth="60mm"/>
</imageobject>
</mediaobject>
<copyright>
<year>2008-2022</year>
<year>2008-2023</year>
<holder>ONVIF™ All rights reserved.</holder>
</copyright>
<legalnotice>
Expand Down Expand Up @@ -201,6 +201,14 @@
</author>
<revremark>Add secure RTSPS streaming.</revremark>
</revision>
<revision>
<revnumber>23.06</revnumber>
<date>Jun-2023</date>
<author>
<personname>Hans Busch</personname>
</author>
<revremark>Update description and figure to remove emphasis on SET_PARAMETER.</revremark>
</revision>
</revhistory>
</info>
<chapter>
Expand Down Expand Up @@ -1146,19 +1154,20 @@
<listitem><para>In all RTSP SETUP responses, a server should include the Timeout value according to [RFC 2326]
Section 12.37.</para></listitem>
<listitem><para>A server shall interpret any RTSP request other than TEARDOWN as a keep-alive.</para></listitem>
<listitem><para>Clients should use SET_PARAMETER as keep-alive method for the RTSP session.</para></listitem>
<listitem><para>A server shall interpret any RTCP receiver report for a unicast stream as keep-alive for the
RTSP session.</para></listitem>
<listitem><para>If an RTSP session times out, a server should close related RTP streams as long as they are
not shared with other active RTSP sessions.</para></listitem>
</itemizedlist>
<para>Note: for timeout handling see also the following sections of RFC 7826:</para>
<itemizedlist>
<listitem><para>Section 10.5. Showing Liveness</para></listitem>
<listitem><para>Annex C.1.6.2. RTSP Session Keep-Alive</para></listitem>
</itemizedlist>
<figure>
<title>Keep Alive</title>
<para>Note: for timeout handling see also the following sections of RFC 7826:</para>
<itemizedlist>
<listitem><para>Section 10.5. Showing Liveness</para></listitem>
<listitem><para>Annex C.1.6.2. RTSP Session Keep-Alive</para></listitem>
</itemizedlist>
<para><xref linkend="keepAlive"/> depicts the timing requirement for a client to signal being alive. For improved server performance a client should send RTCP receiver reports which in turn do not require to send additional
RTSP commands for keeping the session alive.</para>
<figure xml:id="keepAlive">
<title>Keep Alive</title>
<mediaobject>
<imageobject>
<imagedata fileref="media/Streaming/image5.svg" contentwidth="152.4mm" />
Expand Down
34 changes: 31 additions & 3 deletions doc/Uplink.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,19 +4,19 @@
<info>
<title>Uplink Specification</title>
<titleabbrev>Uplink</titleabbrev>
<releaseinfo>22.06</releaseinfo>
<releaseinfo>23.06</releaseinfo>
<author>
<orgname>ONVIF™</orgname>
<uri>www.onvif.org</uri>
</author>
<pubdate> June, 2022</pubdate>
<pubdate> June, 2023</pubdate>
<mediaobject>
<imageobject>
<imagedata fileref="media/logo.png" contentwidth="60mm" />
</imageobject>
</mediaobject>
<copyright>
<year>2008-2020</year>
<year>2008-2023</year>
<holder>ONVIF™ All rights reserved.</holder>
</copyright>
<legalnotice>
Expand All @@ -41,6 +41,14 @@
</author>
<revremark>Add section on media streaming</revremark>
</revision>
<revision>
<revnumber>23.06</revnumber>
<date>June 2023</date>
<author>
<personname>Hans Busch</personname>
</author>
<revremark>Clarify authentication within the established tunnel.</revremark>
</revision>
</revhistory>
</info>
<chapter>
Expand Down Expand Up @@ -197,6 +205,8 @@
<para>The remote client shall authenticate itself using a valid server certificate. The service shall verify the validity of the remote certificate according to RFC 6125. </para>
<para>The service shall authenticate itself at the remote client using TLS client authentication according to RFC 5246 or subsequent specifications.</para>
<para>To uniquely identify local service on remote client, it is recommended to have a unique client certificate installed on each local service. For example, CN field or Serial number of installed certificate could be used to uniquely identify the local service.</para>
<para>The device shall assign any tunneled HTTP or RTSP request the UserLevel that is
configured for the configuration without the need of further authentication request headers. </para>
</section>
<section>
<title>HTTP/2 Frames</title>
Expand Down Expand Up @@ -273,6 +283,12 @@
<para role="text">List of configurations.</para>
</listitem>
</varlistentry>
<varlistentry>
<term>access class</term>
<listitem>
<para role="access">READ_SYSTEM</para>
</listitem>
</varlistentry>
</variablelist>
</section>
<section>
Expand All @@ -292,6 +308,12 @@
<para role="text">This message is empty</para>
</listitem>
</varlistentry>
<varlistentry>
<term>access class</term>
<listitem>
<para role="access">WRITE_SYSTEM</para>
</listitem>
</varlistentry>
</variablelist>
</section>
<section>
Expand All @@ -311,6 +333,12 @@
<para role="text">This message is empty</para>
</listitem>
</varlistentry>
<varlistentry>
<term>access class</term>
<listitem>
<para role="access">WRITE_SYSTEM</para>
</listitem>
</varlistentry>
</variablelist>
</section>
<section>
Expand Down
Loading

0 comments on commit 464b988

Please sign in to comment.