[Freeswitch-users] Authorizations when using DNS SRV bug?
Carlos S. Antunes
csa at nowthor.com
Thu Aug 20 15:18:22 PDT 2009
Raymond Chandler wrote:
>
> On Aug 20, 2009, at 5:25 PM, Carlos S. Antunes wrote:
>
>> Raymond Chandler wrote:
>>> On Aug 20, 2009, at 5:03 PM, Carlos S. Antunes wrote:
>>>> Hmm, where does it say that, after the lookup, one cannot use the same
>>>> IP address as before? :)
>>>
>>> Section 4 of RFC3263 as quoted in my first email....
>>>
>>> "The procedures here MUST be done exactly once per transaction,
>>> where transaction is as defined in [1].
>>> "
>>>
>>
>> Raymond, sure. But do the "procedures here" preclude one from
>> choosing the same host given that both the priorities and weights are
>> the same for all the hosts?
>
>
> well, not exactly, in fact... every so often, you will end up choosing
> the same 1 out of 4 hosts twice in a row at random
Exactly! :)
> but the procedures basically say to choose one at random
Right, but isn't the generator pseudo-random, instead? (If one takes
"random" literally, pseudo-random would violate the spec!) What prevents
one from using the "right" pseudo-random generator?
>
> That said, I'm really just about done with this thread since I don't
> personally agree with the spec in this case anyway since stale nonce
> checking makes sense to avoid replay attacks, etc. Although, I
> haven't looked at the specs to see if checking for stale nonces breaks
> any specs... that might be an interesting search ;-)
>
I am going to try to find an appropriate IETF mailing list to ask some
questions about this random SRV stuff and will repost here once I have
some additional info.
Thanks for trying to keep me honest, though! :)
Carlos Antunes
Nowthor Corporation
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20090820/857a3c56/attachment-0002.html
More information about the FreeSWITCH-users
mailing list