[ RFC Index | RFC Search | Usenet FAQs | Web FAQs | Documents | Cities ]
    Search the Archives
Display RFC by number
    

RFC 3489: Hi, Iam currently Implementing rfc3489. As stated in...

<< Back to: RFC 3489

 
Reader comments:
 

Comment by SaravananS
Submitted on 9/20/2005
Related RFC: RFC 3489
Rating: Rate this comment: Vote
Hi, Iam currently Implementing rfc3489.  As stated in rfc3489, for authentication, the STUN client will send the shared secret request over TCP and the STUN server will give temporary USERNAME and PASSWORD.  But what is the use of PASSWORD Attribute?What is the use of TLS?The Server sends USERNAME and PASSWORD attributes in Shared Secret Response,       USERNAME =<prefix,rounded-time,clientIP,hmac>    PASSWORD =<hmac(USERNAME,anotherprivatekey>Since all attributes are optional in STUN Client Side.  What is the use of getting Username and password.We can extract USERNAME without the knowledge of PASSWORD attribute in Client Side.  The what is the use of hmacing USERNAME in PASSWORD attribute.As my suggestion, section8.2 is not clear in RFC 3489

 
 
FAQS.ORG makes no guarantees as to the accuracy of the posts. Each post is the personal opinion of the poster. These posts are not intended to substitute for medical, tax, legal, investment, accounting, or other professional advice. FAQS.ORG does not endorse any opinion or any product or service mentioned mentioned in these posts.

<< Back to: RFC 3489
© 2008 FAQS.ORG. All rights reserved.