RFC Errata
RFC 5389, "Session Traversal Utilities for NAT (STUN)", October 2008
Note: This RFC has been obsoleted by RFC 8489
Note: This RFC has been updated by RFC 7350, RFC 8553
Source of RFC: behave (tsv)
Errata ID: 3327
Status: Rejected
Type: Technical
Publication Format(s) : TEXT
Reported By: Todd Herman
Date Reported: 2012-08-20
Rejected by: Wes Eddy
Date Rejected: 2012-09-06
Section 15.3 says:
The USERNAME attribute is used for message integrity. It identifies the username and password combination used in the message-integrity check.
Notes:
There is no explanation or description as to where this "password" comes from. The statement indicates that the password is also part of the username field but that may not actually be true according to additional research I conducted and other portions of the specification.
If the password is part of this field than it should be explicitly noted how the two values are concatenated. If this is not accurate, than the "and password combination" portion should be removed.
--VERIFIER NOTES--
Based on BEHAVE mailing list discussion, other sections of the document (e.g. section 10) make this pretty clear, and there does not seem to be any need for a change or correction to the document.