Bonjour Simon, On 28/07/2014 03:09, Simon Perreault wrote: > Le 2014-07-26 11:00, Brian E Carpenter a écrit : >> Problem 6 (Hosting multiple realms on a single IP address is >> challenging...) >> doesn't really seem to be a problem with authentication as such, so while >> it's clearly a problem, is it in scope? It isn't quite clear to me that >> there's a security threat there. > > IMHO the draft is not limited to *security* problems, but any kind of > problem caused by STUN's current authentication mechanism. Problem 6 is > indeed a "missing functionality" problem.
Sure. In the introduction, the draft says This note focuses on listing the problems with current STUN authentication for TURN so that it can serve as the basis for stronger authentication mechanisms. That made me think that the scope was intended to be security issues, that's all. Not a big deal, but you could clarify the scope, e.g. This note focuses on listing security and practical problems with current STUN authentication for TURN so that it can serve as the basis for stronger authentication mechanisms. Brian _______________________________________________ Gen-art mailing list [email protected] https://www.ietf.org/mailman/listinfo/gen-art
