<div dir="ltr"><div class="gmail_default" style="color:#660000">So as opposed to spoofing, there is also the case that someone having a copy of Asteirsk in a virtual machine clones it, and ends up with two instances reporting the same random ID. With the spoofing detection mechanism (using tokens to get an ID from the server), the effect of this case is minimized as each one will end up getting a new ID after token timeout.</div><div class="gmail_default" style="color:#660000"><br></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Tue, May 12, 2015 at 12:59 PM, Tzafrir Cohen <span dir="ltr"><<a href="mailto:tzafrir.cohen@xorcom.com" target="_blank">tzafrir.cohen@xorcom.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Quoting the spec:<br>
<br>
| Spoofing<br>
|<br>
| In order to limit spoofing, the server will return a token for all<br>
| accepted requests to a server. Any subsequent requests to that resource<br>
| must present the token in the request. If a subsequent request fails to<br>
| provide the token, the request is rejected. Tokens expire after 48<br>
| hours, at which point, a request does not have to provide a token. If a<br>
| request does provide a token that is expired - and no token is required<br>
| at that point - the request should be accepted and a new token granted.<br>
| Once a request is made without a token (and no token is expected), a new<br>
| token is issued for subsequent requests.<br>
|<br>
| So long as Asterisk's transmission of data occurs faster than once every<br>
| 48 hours, a malicious entity will not be able to spoof a resource. If a<br>
| system is down then a remote system can 'take over' a system, and the<br>
| legitimate system's attempts will be rejected. If that occurs... oh<br>
| well. It is anonymous data.<br>
<br>
I'm not sure I understand the need for the token. The Debian<br>
popularity-contest (popcon, [1]) only identifies systems by a single<br>
random token (MY_HOSTID in /etc/popularity-contest.conf). It supports<br>
sending information by mail as well (thus: completely<br>
non-interactively). I don't see what the extra temporary token buys<br>
here.<br>
<br>
Just send a report that includes the (random) server ID. Nobody should<br>
be able to copy those (as they are only sent encrypted over the<br>
internet). And in any event, why would anybody want to spoof that (as<br>
opposed to merely add records to skew the stats, which is possible<br>
either way just as easily).<br>
<br>
What am I missing here?<br>
<br>
[1] <a href="https://packages.debian.org/sid/popularity-contest" target="_blank">https://packages.debian.org/sid/popularity-contest</a><br>
<div class="HOEnZb"><div class="h5"><br>
--<br>
Tzafrir Cohen<br>
icq#16849755 <a href="mailto:jabber%3Atzafrir.cohen@xorcom.com">jabber:tzafrir.cohen@xorcom.com</a><br>
+972-50-7952406 mailto:<a href="mailto:tzafrir.cohen@xorcom.com">tzafrir.cohen@xorcom.com</a><br>
<a href="http://www.xorcom.com" target="_blank">http://www.xorcom.com</a><br>
<br>
--<br>
_____________________________________________________________________<br>
-- Bandwidth and Colocation Provided by <a href="http://www.api-digital.com" target="_blank">http://www.api-digital.com</a> --<br>
<br>
asterisk-dev mailing list<br>
To UNSUBSCRIBE or update options visit:<br>
<a href="http://lists.digium.com/mailman/listinfo/asterisk-dev" target="_blank">http://lists.digium.com/mailman/listinfo/asterisk-dev</a><br>
</div></div></blockquote></div><br><br clear="all"><div><br></div>-- <br><div class="gmail_signature"><div dir="ltr"><img alt="Digium logo" src="https://my.digium.com/images/graphics/digium_RGB_signature.gif" width="288" height="50" style="color:rgb(0,0,0);font-family:Arial,Helvetica,sans-serif;font-size:12px"><div>Scott Griepentrog<br>Digium, Inc · Software Developer<br>445 Jan Davis Drive NW · Huntsville, AL 35806 · US<br>direct/fax: +1 256 428 6239 · mobile: +1 256 580 6090<br>Check us out at: <a href="http://digium.com" target="_blank">http://digium.com</a> · <a href="http://asterisk.org" target="_blank">http://asterisk.org</a><br></div></div></div>
</div>