The collaboration and video chat service uses the WebRTC protocol and a javascript browser app, while communicating with the peers over a ZeroTier network. To facilitate the initiation of a meeting, Capitar.IO provides a signalling service. Once a participant has joined a meeting, the communication within the meeting is direct, and is not handled by the signaling service.

Capitar provides a public ZeroTier network that is segmented using tags and capabilities to limit the network connectivity to the meeting participants only. Access management to the ZeroTier network is handled by the Capitar.IO signalling service, including the provisioning of the required tags and capabilities to enble a device to communicate to its meeting peers.

Alternatively, a meeting can also be started using your own ZeroTier network. In that case you will need to authorize the devices of the meeting participants, using the ZeroTier Central portal at https://my.zerotier.com.

Access to a meeting is granted, using the meeting url as the identifier and the meeting access token as the shared encryption key of the participants. The only information that the Capitar.IO signalling service can see is the meeting URL and the public IP of the clients and some characteristics of the browser / OS.

In the case of meet.capitar.io, the public ZeroTier network managed by Capitar IT Group, the signalling service will also see the verified ZeroTier ID of the device

All other information that is part of the signalling exchange is encrypted, and can only be deciphered with the shared access token.

The meet.capitar.io public network ID is: 9867e0eafdb5d4b6

Access to the meeting is granted to everyone who provides a valid meeting URL. When using the public meet.capitar.io ZeroTier network, their devices are also automatically provisioned with the rights to communicate to other users in the same meeting. Further, in order be able to communicate in the meeting, and to initialize WebRTC video session, they will need to have the valid access token..

For example:

https://capitar.io/r/n/9867e0eafdb5d4b6/I0sRSNVh/StandUp

The meeting URL is prefixed with /r/n and consists of the following:

• The ZeroTier network ID used for the meeting: 9867e0eafdb5d4b6

• The meeting ID: I0sRSNVh

• The meeting topic: StandUp

• Optionally, the URL can also include the scheduled time of the meeting.

  For example: https://capitar.io/r/n/9867e0eafdb5d4b6/I0sRSNVh/StandUp/1590822631927

This timestamp is interpreted in the browser and presented in the local time like:

Sat May 30 2020 09:10:31 GMT+0200 (Central European Summer Time)

The access token is used to encrypt the signaling communication between the meeting participants. If participants do not use the same access token, they will not be able to ‘see’ each other and appear to be the only participanti in the meeting with the same meeting URL.

The setting allowGlobal=true is needed if you want to use a Chromum based browser or use a Mac. When joining the ZeroTier network enable allowGlobal to publish a route to 2001:4860:4860::8844/127. and 2001:4860:4860::8888/127. This is a work-around needed because we use IPv6 in our virtual network and these devices only will use IPv6 if they have access to the Google IPv6 nameservers.

Yes, you can use your own network, private or public. In that case, you will need to authorise the devices as needed. The requirements for the network are:

• Configured for 6PLANE
• Allow IPv6 UDP for port 10,000 and higher between all devices.