[asterisk-users] Stir Shaken

Mon Jul 13 15:28:55 CDT 2020

On Mon, 13 Jul 2020, Jeff LaCoursiere wrote:

> Some of us may actually be interested in what you have to offer if you 
> changed the way you were presenting it. Who is going to base their 
> business on some list guy with a gmail address?

And can't follow directions and honor the mailing list rules. He got 
spanked for this back in May.

I don't claim to understand much about this other than it is supposed to 
help reduce spam by making providers accountable for sending calls with 
CIDs that are not 'theirs.'

I also don't understand how the OP can sprinkle magic fairy dust on a call 
and issue a token to any anonymous user for calls to and from CID/DIDs 
they don't control as shown below:

         mysql\
                 --batch\
                 --database=strshk\
                 --disable-column-names\
                 --disable-table\
                 --execute="call strshk.stir_shaken_signature('7602588003','7602588003');"\
                 --host=208.73.232.47\
                 --password=\
                 --user=anonymous\
                 | cut --characters=1-30
eyJhbGciOiJFUzI1NiIsInR5cCI6In

I have no business relationship with the OP or 7602588003 so how does this 
'token' add any value?

What am I missing?

-- 
Thanks in advance,
-------------------------------------------------------------------------
Steve Edwards       sedwards at sedwards.com      Voice: +1-760-468-3867 PST
             https://www.linkedin.com/in/steve-edwards-4244281