Add an ONC property for the third-party VPN provider extension ID

components/onc/docs/onc_spec.html

 <!DOCTYPE html>
 <html>
 <head>
   <meta charset="utf-8">
   <link rel="stylesheet" href="onc_spec.css" >
   <script src="onc_spec.js"></script>
   <title>Open Network Configuration Format</title>
 </head>
 <body>
 
@@ skipping 822 matching lines @@
     <dt class="field">L2TP</dt>
     <dd>
       <span class="field_meta">
         (required if <span class="field">Type</span> is
         <span class="value">L2TP-IPsec</span>, otherwise ignored)
         <span class="type">L2TP</span>
       </span>
       L2TP layer settings.
     </dd>
 
     <dt class="field">OpenVPN</dt>

[pneubeck (no reviews), 2015/03/18 19:35:29]

like this field, the description for ThirdPartyVPN is missing.

[bartfab (slow), 2015/03/18 20:02:14]

Done.

     <dd>
       <span class="field_meta">
         (required if <span class="field">Type</span> is
         <span class="value">OpenVPN</span>, otherwise ignored)
         <span class="type">OpenVPN</span>
       </span>
       OpenVPN settings.
     </dd>
 
     <dt class="field">Type</dt>
     <dd>
       <span class="field_meta">
         (required)
         <span class="type">string</span>
       </span>
       <span class="rule">
         <span class="rule_id"></span>
         Allowed values are <span class="value">IPsec</span>,
-        <span class="value">L2TP-IPsec</span>, and
-        <span class="value">OpenVPN</span>.
+        <span class="value">L2TP-IPsec</span>,
+        <span class="value">OpenVPN</span>, and
+        <span class="value">ThirdPartyVPN</span>.

[pneubeck (no reviews), 2015/03/18 19:35:29]

You're right!
The constant is called kThirdPartyVpn
but its value is "ThirdPartyVPN"   !!!

[bartfab (slow), 2015/03/18 20:02:14]

Acknowledged.

       </span>
       Type of the VPN.
     </dd>
   </dl>
 
   <section>
     <h1>IPsec-based VPN types</h1>
     <p>
       The <span class="type">IPsec</span> type contains the following:
     </p>
@@ skipping 699 matching lines @@
 
     <dt class="field">Type</dt>
     <dd>
       <span class="field_meta">
         (optional)
         <span class="type">string</span>
       </span>
       Determines which of the host's X.509 names will be verified. Allowed values are <span class="value">name</span>, <span class="value">name-prefix</span> and <span class="value">subject</span>. See OpenVPN's documentation for "--verify-x509-name" for the meaning of each value. Defaults to OpenVPN's default if not specified. 
     </dd>
   </dl>
+</section>
 
+<section>
+  <h1>Third-party VPN provider based connections and types</h1>
+  <p>
+    <span class="field">VPN.Type</span> must be
+    <span class="value">ThirdPartyVPN</span>.
+  </p>
+
+  <p>
+    <span class="type">ThirdPartyVPN</span> type contains the following:
+  </p>
+
+  <dl class="field_list">
+    <dt class="field">ExtensionID</dt>
+    <dd>
+      <span class="field_meta">
+        (required)
+        <span class="type">string</span>
+      </span>
+      The extension ID of the third-party VPN provider used by this network.
+    </dd>
+  </dl>
 </section>
 
 </section>
 
 <section>
   <h1>Client certificate patterns</h1>
   <p>
     In order to allow clients to securely key their private keys and request
     certificates through PKCS#10 format or through a web flow, we provide
     alternative CertificatePattern types. The
@@ skipping 1450 matching lines @@
     is transmitted or saved to disk should be secure. On client device, when
     user names for connections that are user-specific are persisted to disk,
     they should be stored in a location that is encrypted. Users can also opt in
     these cases to not save their user credentials in the config file and will
     instead be prompted when they are needed.
   </p>
 </section>
 </section>
 </body>
 </html>