[Freeswitch-users] Authorizations when using DNS SRV bug?

Carlos S. Antunes csa at nowthor.com
Thu Aug 20 15:18:22 PDT 2009

Raymond Chandler wrote:
> On Aug 20, 2009, at 5:25 PM, Carlos S. Antunes wrote:
>> Raymond Chandler wrote:
>>> On Aug 20, 2009, at 5:03 PM, Carlos S. Antunes wrote:
>>>> Hmm, where does it say that, after the lookup, one cannot use the same
>>>> IP address as before? :)
>>> Section 4 of RFC3263 as quoted in my first email....
>>> "The procedures here MUST be done exactly once per transaction, 
>>> where transaction is as defined in [1]. 
>>> "
>> Raymond, sure. But do the "procedures here" preclude one from 
>> choosing the same host given that both the priorities and weights are 
>> the same for all the hosts?
> well, not exactly, in fact... every so often, you will end up choosing 
> the same 1 out of 4 hosts twice in a row at random

Exactly! :)

> but the procedures basically say to choose one at random

Right, but isn't the generator pseudo-random, instead? (If one takes 
"random" literally, pseudo-random would violate the spec!) What prevents 
one from using the "right" pseudo-random generator?

> That said, I'm really just about done with this thread since I don't 
> personally agree with the spec in this case anyway since stale nonce 
> checking makes sense to avoid replay attacks, etc.  Although, I 
> haven't looked at the specs to see if checking for stale nonces breaks 
> any specs... that might be an interesting search ;-)

I am going to try to find an appropriate IETF mailing list to ask some 
questions about this random SRV stuff and will repost here once I have 
some additional info.

Thanks for trying to keep me honest, though! :)

Carlos Antunes
Nowthor Corporation

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20090820/857a3c56/attachment-0002.html 

More information about the FreeSWITCH-users mailing list