[Standards] updated STUN discovery proposal
Sean Egan
seanegan at gmail.com
Thu Apr 19 12:59:00 CDT 2007
On 4/19/07, Greg Hudson <ghudson at mit.edu> wrote:
> On Thu, 2007-04-19 at 10:08 -0700, Sean Egan wrote:
> > I'm mostly fine with as long as we can put a "username" and "password"
> > attribute in there to allow for authentication with the STUN server.
> A STUN server just tells you what your IP address and port are, right?
> Why would you need authentication for that? Denying a request is about
> as expensive as honoring one.
For STUN binding requests, authentication isn't typically necessary
(although supported). It's for STUN *allocate* requests (part of
TURN), in which the STUN server will relay your traffic for you, that
we want to authenticate people.
More information about the Standards
mailing list