Network Working Group C. Jennings
Internet-Draft Cisco Systems
Intended status: Informational K. Ono
Expires: July 18, 2011 Columbia University
R. Sparks
B. Hibbard, Ed.
Tekelec
January 14, 2011
Example call flows using Session Initiation Protocol (SIP) security
mechanisms
draft-ietf-sipcore-sec-flows-08
Abstract
This document shows example call flows demonstrating the use of
Transport Layer Security (TLS), and Secure/Multipurpose Internet Mail
Extensions (S/MIME) in Session Initiation Protocol (SIP). It also
provides information that helps implementers build interoperable SIP
software. To help facilitate interoperability testing, it includes
certificates used in the example call flows and processes to create
certificates for testing.
Status of this Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on July 18, 2011.
Copyright Notice
Copyright (c) 2011 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
Jennings, et al. Expires July 18, 2011 [Page 1]
Internet-Draft SIP Secure Call Flows January 2011
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Certificates . . . . . . . . . . . . . . . . . . . . . . . . . 4
2.1. CA Certificates . . . . . . . . . . . . . . . . . . . . . 4
2.2. Host Certificates . . . . . . . . . . . . . . . . . . . . 8
2.3. User Certificates . . . . . . . . . . . . . . . . . . . . 10
3. Callflow with Message Over TLS . . . . . . . . . . . . . . . . 12
3.1. TLS with Server Authentication . . . . . . . . . . . . . . 12
3.2. MESSAGE Transaction Over TLS . . . . . . . . . . . . . . . 13
4. Callflow with S/MIME-secured Message . . . . . . . . . . . . . 15
4.1. MESSAGE Request with Signed Body . . . . . . . . . . . . . 15
4.2. MESSAGE Request with Encrypted Body . . . . . . . . . . . 20
4.3. MESSAGE Request with Encrypted and Signed Body . . . . . . 22
5. Observed Interoperability Issues . . . . . . . . . . . . . . . 29
6. Additional Test Scenarios . . . . . . . . . . . . . . . . . . 31
7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 34
8. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 35
9. Security Considerations . . . . . . . . . . . . . . . . . . . 36
10. Changelog . . . . . . . . . . . . . . . . . . . . . . . . . . 37
11. References . . . . . . . . . . . . . . . . . . . . . . . . . . 40
11.1. Normative References . . . . . . . . . . . . . . . . . . . 40
11.2. Informative References . . . . . . . . . . . . . . . . . . 41
Appendix A. Making Test Certificates . . . . . . . . . . . . . . 43
A.1. makeCA script . . . . . . . . . . . . . . . . . . . . . . 44
A.2. makeCert script . . . . . . . . . . . . . . . . . . . . . 48
Appendix B. Certificates for Testing . . . . . . . . . . . . . . 51
B.1. Certificates Using EKU . . . . . . . . . . . . . . . . . . 51
B.2. Certificates NOT Using EKU . . . . . . . . . . . . . . . . 58
B.3. Certificate Chaining with a Non-Root CA . . . . . . . . . 66
Appendix C. Message Dumps . . . . . . . . . . . . . . . . . . . . 73
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 76
Jennings, et al. Expires July 18, 2011 [Page 2]
Internet-Draft SIP Secure Call Flows January 2011
1. Introduction
This document is informational and is not normative on any aspect of
SIP.
SIP with TLS ([RFC5246]) implementations are becoming very common.
Several implementations of the S/MIME ([RFC5751]) portion of SIP
([RFC3261]) are also becoming available. After several
interoperability events, it is clear that it is difficult to write
these systems without any test vectors or examples of "known good"
messages to test against. Furthermore, testing at the events is
often hindered due to the lack of a commonly trusted certificate
authority to sign the certificates used in the events. This document
addresses both of these issues by providing messages that give
detailed examples that implementers can use for comparison and that
can also be used for testing. In addition, this document provides a
common certificate and private key that can be used to set up a mock
Certificate Authority (CA) that can be used during the SIP
interoperability events. Certificate requests from the users will be
signed by the private key of the mock CA. The document also provides
some hints and clarifications for implementers.
A simple SIP call flow using SIPS URIs and TLS is shown in Section 3.
The certificates for the hosts used are shown in Section 2.2, and the
CA certificates used to sign these are shown in Section 2.1.
The text from Section 4.1 through Section 4.3 shows some simple SIP
call flows using S/MIME to sign and encrypt the body of the message.
The user certificates used in these examples are shown in
Section 2.3. These host certificates are signed with the same mock
CA private key.
Section 5 presents a partial list of items that implementers should
consider in order to implement systems that will interoperate.
Scripts and instructions to make certificates that can be used for
interoperability testing are presented in Appendix A, along with
methods for converting these to various formats. The certificates
used while creating the examples and test messages in this document
are made available in Appendix B.
Binary copies of various messages in this document that can be used
for testing appear in Appendix C.
Jennings, et al. Expires July 18, 2011 [Page 3]
Internet-Draft SIP Secure Call Flows January 2011
2. Certificates
2.1. CA Certificates
The certificate used by the CA to sign the other certificates is
shown below. This is a X509v3 certificate. Note that the X.509v3
Basic Constraints in the certificate allows it to be used as a CA,
certificate authority. This certificate is not used directly in the
TLS call flow; it is used only to verify user and host certificates.
Version: 3 (0x2)
Serial Number:
96:a3:84:17:4e:ef:8a:4c
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=US, ST=California, L=San Jose, O=sipit,
OU=Sipit Test Certificate Authority
Validity
Not Before: Dec 6 22:36:29 2010 GMT
Not After : Nov 12 22:36:29 2110 GMT
Subject: C=US, ST=California, L=San Jose, O=sipit,
OU=Sipit Test Certificate Authority
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (2048 bit)
Modulus (2048 bit):
00:ec:c0:ad:ec:3b:0d:7b:6a:95:24:96:dc:33:c2:
1d:f6:b3:0d:af:ed:5f:73:9c:b5:5f:dc:3a:21:95:
20:81:c1:29:63:a0:34:86:ed:f1:4c:8a:66:90:37:
95:ab:0f:8c:b2:da:55:a9:ca:ca:ae:50:10:eb:34:
28:d7:d8:98:5b:14:ec:fc:c4:55:d4:c6:63:5a:ee:
e8:ec:41:08:d3:be:28:9e:b1:89:4d:d2:6b:57:f6:
aa:77:c9:08:fc:f9:25:a0:a3:e3:cc:bf:f0:c0:f2:
99:59:e5:ef:cf:0a:3a:d7:38:bc:6b:f9:6c:ff:6e:
a0:d0:b2:62:4f:98:72:f0:f0:1d:1d:40:84:50:05:
9b:6e:15:3c:49:b6:9d:58:05:a1:0d:cf:91:ee:ed:
28:0f:0f:e1:0f:71:8a:a6:6e:7c:2a:ad:ae:ae:c4:
8d:8e:2a:2e:8a:a2:ac:67:85:2e:aa:82:0e:4b:38:
b1:e9:f2:84:23:0c:98:e0:57:b8:38:70:f4:89:a9:
94:cb:9a:5e:15:52:ba:45:0a:80:9f:33:82:cf:e2:
f2:eb:8f:f9:61:3c:8a:eb:74:b1:7c:87:f9:0c:2f:
20:ce:0d:be:69:8f:d1:bc:5d:c5:8a:e5:1a:0b:5d:
70:65:c8:02:f3:46:85:25:d3:88:8c:dd:80:55:d9:
69:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:37:8E:47:C7:5A:34:DB:7A:D9:F8:76:B6:75:8E:D0:E4:13:17:45
X509v3 Authority Key Identifier:
Jennings, et al. Expires July 18, 2011 [Page 4]
Internet-Draft SIP Secure Call Flows January 2011
BB:37:8E:47:C7:5A:34:DB:7A:D9:F8:76:B6:75:8E:D0:E4:13:17:45
DirName:/C=US/ST=California/L=San Jose/O=sipit/
OU=Sipit Test Certificate Authority
serial:96:A3:84:17:4E:EF:8A:4C
X509v3 Basic Constraints:
CA:TRUE
Signature Algorithm: sha1WithRSAEncryption
b1:75:d4:56:ab:70:14:a0:ee:67:a3:ec:07:0c:1d:8b:2c:5f:
d7:1c:f3:e3:01:ba:3d:9d:da:47:49:31:d5:81:f5:2d:d2:66:
a5:2c:1f:db:c3:2d:8a:32:6a:ec:22:8b:b1:58:63:57:23:88:
34:9f:6c:df:8c:7b:73:8c:2a:7c:d3:23:02:97:54:76:f3:34:
25:7f:d1:ad:25:87:17:56:30:61:43:f4:16:63:77:0f:7b:a7:
b0:0b:97:1b:05:f2:5c:86:2c:a9:d5:3b:cb:73:92:a2:3c:dc:
7e:12:30:86:9e:f8:57:6c:a2:a4:28:51:e4:f7:f0:ce:29:9c:
82:34:f2:02:3c:43:62:36:94:44:c1:ad:b4:79:f7:6e:f9:e2:
bd:f9:15:cc:e8:de:b0:9d:9c:2f:18:30:a9:eb:3f:d4:56:c9:
61:8d:78:b2:fb:4e:e5:22:1d:00:c4:cf:ce:9c:fe:d6:f1:4f:
01:9d:92:58:e0:78:2a:cb:69:36:18:ac:1b:53:0d:86:b1:91:
34:8b:de:05:5d:22:18:2a:67:e5:ea:f2:77:01:d6:9c:60:17:
06:84:83:6f:b6:88:7e:ce:c8:63:d4:30:6d:90:72:fe:59:f4:
32:04:e6:af:d4:be:99:44:c8:de:3d:01:88:d7:8a:35:30:c2:
2d:77:e9:70
The certificate content shown above and throughout this document was
rendered by the OpenSSL "x509" tool. These dumps are included only
as informative examples. Output may vary among future revisions of
the tool. At the time of this document's publication, there were
some irregularities in the output shown above that are worth noting.
First, the presentation of Distinguished Names (DN) is inconsistent,
e.g. the "Issuer" field appears to be in Lightweight Directory Access
Protocol (LDAP) format, while the "DirName" field in the "X509v3
extensions" portion appears to be in Distributed Computing
Environment (DCE) format. Second, if LDAP format was intended, the
spaces should have been omitted after the delimiting commas, and the
elements should have been presented in order of most-specific to
least-specific. Please refer to Appendix A of [RFC4514]. Using the
"Issuer" DN from above as an example and following guidelines in
[RFC4514], it should have instead appeared as:
Issuer: OU=Sipit Test Certificate Authority,O=sipit,L=San Jose,
ST=California,C=US
The ASN.1 parse of the CA certificate is shown below.
0:l=1083 cons: SEQUENCE
4:l= 803 cons: SEQUENCE
Jennings, et al. Expires July 18, 2011 [Page 5]
Internet-Draft SIP Secure Call Flows January 2011
8:l= 3 cons: cont [ 0 ]
10:l= 1 prim: INTEGER :02
13:l= 9 prim: INTEGER :96A384174EEF8A4C
24:l= 13 cons: SEQUENCE
26:l= 9 prim: OBJECT :sha1WithRSAEncryption
37:l= 0 prim: NULL
39:l= 112 cons: SEQUENCE
41:l= 11 cons: SET
43:l= 9 cons: SEQUENCE
45:l= 3 prim: OBJECT :countryName
50:l= 2 prim: PRINTABLESTRING :US
54:l= 19 cons: SET
56:l= 17 cons: SEQUENCE
58:l= 3 prim: OBJECT :stateOrProvinceName
63:l= 10 prim: PRINTABLESTRING :California
75:l= 17 cons: SET
77:l= 15 cons: SEQUENCE
79:l= 3 prim: OBJECT :localityName
84:l= 8 prim: PRINTABLESTRING :San Jose
94:l= 14 cons: SET
96:l= 12 cons: SEQUENCE
98:l= 3 prim: OBJECT :organizationName
103:l= 5 prim: PRINTABLESTRING :sipit
110:l= 41 cons: SET
112:l= 39 cons: SEQUENCE
114:l= 3 prim: OBJECT :organizationalUnitName
119:l= 32 prim: PRINTABLESTRING :Sipit Test Certificate Authority
153:l= 32 cons: SEQUENCE
155:l= 13 prim: UTCTIME :101206223629Z
170:l= 15 prim: GENERALIZEDTIME :21101112223629Z
187:l= 112 cons: SEQUENCE
189:l= 11 cons: SET
191:l= 9 cons: SEQUENCE
193:l= 3 prim: OBJECT :countryName
198:l= 2 prim: PRINTABLESTRING :US
202:l= 19 cons: SET
204:l= 17 cons: SEQUENCE
206:l= 3 prim: OBJECT :stateOrProvinceName
211:l= 10 prim: PRINTABLESTRING :California
223:l= 17 cons: SET
225:l= 15 cons: SEQUENCE
227:l= 3 prim: OBJECT :localityName
232:l= 8 prim: PRINTABLESTRING :San Jose
242:l= 14 cons: SET
244:l= 12 cons: SEQUENCE
246:l= 3 prim: OBJECT :organizationName
251:l= 5 prim: PRINTABLESTRING :sipit
258:l= 41 cons: SET
Jennings, et al. Expires July 18, 2011 [Page 6]
Internet-Draft SIP Secure Call Flows January 2011
260:l= 39 cons: SEQUENCE
262:l= 3 prim: OBJECT :organizationalUnitName
267:l= 32 prim: PRINTABLESTRING :Sipit Test Certificate Authority
301:l= 290 cons: SEQUENCE
305:l= 13 cons: SEQUENCE
307:l= 9 prim: OBJECT :rsaEncryption
318:l= 0 prim: NULL
320:l= 271 prim: BIT STRING
00 30 82 01 0a 02 82 01-01 00 ec c0 ad ec 3b 0d .0............;.
7b 6a 95 24 96 dc 33 c2-1d f6 b3 0d af ed 5f 73 {j.$..3......._s
9c b5 5f dc 3a 21 95 20-81 c1 29 63 a0 34 86 ed .._.:!. ..)c.4..
f1 4c 8a 66 90 37 95 ab-0f 8c b2 da 55 a9 ca ca .L.f.7......U...
ae 50 10 eb 34 28 d7 d8-98 5b 14 ec fc c4 55 d4 .P..4(...[....U.
c6 63 5a ee e8 ec 41 08-d3 be 28 9e b1 89 4d d2 .cZ...A...(...M.
6b 57 f6 aa 77 c9 08 fc-f9 25 a0 a3 e3 cc bf f0 kW..w....%......
c0 f2 99 59 e5 ef cf 0a-3a d7 38 bc 6b f9 6c ff ...Y....:.8.k.l.
6e a0 d0 b2 62 4f 98 72-f0 f0 1d 1d 40 84 50 05 n...bO.r....@.P.
9b 6e 15 3c 49 b6 9d 58-05 a1 0d cf 91 ee ed 28 .n.<I..X.......(
0f 0f e1 0f 71 8a a6 6e-7c 2a ad ae ae c4 8d 8e ....q..n|*......
2a 2e 8a a2 ac 67 85 2e-aa 82 0e 4b 38 b1 e9 f2 *....g.....K8...
84 23 0c 98 e0 57 b8 38-70 f4 89 a9 94 cb 9a 5e .#...W.8p......^
15 52 ba 45 0a 80 9f 33-82 cf e2 f2 eb 8f f9 61 .R.E...3.......a
3c 8a eb 74 b1 7c 87 f9-0c 2f 20 ce 0d be 69 8f <..t.|.../ ...i.
d1 bc 5d c5 8a e5 1a 0b-5d 70 65 c8 02 f3 46 85 ..].....]pe...F.
25 d3 88 8c dd 80 55 d9-69 9b 02 03 01 00 01 %.....U.i......
595:l= 213 cons: cont [ 3 ]
598:l= 210 cons: SEQUENCE
601:l= 29 cons: SEQUENCE
603:l= 3 prim: OBJECT :X509v3 Subject Key Identifier
608:l= 22 prim: OCTET STRING
04 14 bb 37 8e 47 c7 5a-34 db 7a d9 f8 76 b6 75 ...7.G.Z4.z..v.u
8e d0 e4 13 17 45 .....E
632:l= 162 cons: SEQUENCE
635:l= 3 prim: OBJECT :X509v3 Authority Key Identifier
640:l= 154 prim: OCTET STRING
30 81 97 80 14 bb 37 8e-47 c7 5a 34 db 7a d9 f8 0.....7.G.Z4.z..
76 b6 75 8e d0 e4 13 17-45 a1 74 a4 72 30 70 31 v.u.....E.t.r0p1
0b 30 09 06 03 55 04 06-13 02 55 53 31 13 30 11 .0...U....US1.0.
06 03 55 04 08 13 0a 43-61 6c 69 66 6f 72 6e 69 ..U....Californi
61 31 11 30 0f 06 03 55-04 07 13 08 53 61 6e 20 a1.0...U....San
4a 6f 73 65 31 0e 30 0c-06 03 55 04 0a 13 05 73 Jose1.0...U....s
69 70 69 74 31 29 30 27-06 03 55 04 0b 13 20 53 ipit1)0'..U... S
69 70 69 74 20 54 65 73-74 20 43 65 72 74 69 66 ipit Test Certif
69 63 61 74 65 20 41 75-74 68 6f 72 69 74 79 82 icate Authority.
09 00 96 a3 84 17 4e ef-8a 4c ......N..L
797:l= 12 cons: SEQUENCE
799:l= 3 prim: OBJECT :X509v3 Basic Constraints
804:l= 5 prim: OCTET STRING
Jennings, et al. Expires July 18, 2011 [Page 7]
Internet-Draft SIP Secure Call Flows January 2011
30 03 01 01 ff 0....
811:l= 13 cons: SEQUENCE
813:l= 9 prim: OBJECT :sha1WithRSAEncryption
824:l= 0 prim: NULL
826:l= 257 prim: BIT STRING
00 b1 75 d4 56 ab 70 14-a0 ee 67 a3 ec 07 0c 1d ..u.V.p...g.....
8b 2c 5f d7 1c f3 e3 01-ba 3d 9d da 47 49 31 d5 .,_......=..GI1.
81 f5 2d d2 66 a5 2c 1f-db c3 2d 8a 32 6a ec 22 ..-.f.,...-.2j."
8b b1 58 63 57 23 88 34-9f 6c df 8c 7b 73 8c 2a ..XcW#.4.l..{s.*
7c d3 23 02 97 54 76 f3-34 25 7f d1 ad 25 87 17 |.#..Tv.4%...%..
56 30 61 43 f4 16 63 77-0f 7b a7 b0 0b 97 1b 05 V0aC..cw.{......
f2 5c 86 2c a9 d5 3b cb-73 92 a2 3c dc 7e 12 30 .\.,..;.s..<.~.0
86 9e f8 57 6c a2 a4 28-51 e4 f7 f0 ce 29 9c 82 ...Wl..(Q....)..
34 f2 02 3c 43 62 36 94-44 c1 ad b4 79 f7 6e f9 4..<Cb6.D...y.n.
e2 bd f9 15 cc e8 de b0-9d 9c 2f 18 30 a9 eb 3f ........../.0..?
d4 56 c9 61 8d 78 b2 fb-4e e5 22 1d 00 c4 cf ce .V.a.x..N.".....
9c fe d6 f1 4f 01 9d 92-58 e0 78 2a cb 69 36 18 ....O...X.x*.i6.
ac 1b 53 0d 86 b1 91 34-8b de 05 5d 22 18 2a 67 ..S....4...]".*g
e5 ea f2 77 01 d6 9c 60-17 06 84 83 6f b6 88 7e ...w...`....o..~
ce c8 63 d4 30 6d 90 72-fe 59 f4 32 04 e6 af d4 ..c.0m.r.Y.2....
be 99 44 c8 de 3d 01 88-d7 8a 35 30 c2 2d 77 e9 ..D..=....50.-w.
70 p
2.2. Host Certificates
The certificate for the host example.com is shown below. Note that
the Subject Alternative Name is set to example.com and is a DNS type.
The certificates for the other hosts are shown in Appendix B.
Version: 3 (0x2)
Serial Number:
96:a3:84:17:4e:ef:8a:4f
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=US, ST=California, L=San Jose, O=sipit,
OU=Sipit Test Certificate Authority
Validity
Not Before: Dec 6 22:43:50 2010 GMT
Not After : Nov 12 22:43:50 2110 GMT
Subject: C=US, ST=California, L=San Jose, O=sipit, CN=example.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (2048 bit)
Modulus (2048 bit):
00:9d:26:25:9d:f2:f8:00:ce:3a:8e:e5:11:f8:6a:
3b:0e:ca:0b:7c:ac:74:cb:5a:79:c7:52:1c:ea:cc:
07:86:b7:93:37:6a:0e:2a:00:e6:47:f9:7a:92:b8:
07:c9:2c:1a:9a:34:a0:e0:63:ad:46:6e:d2:82:cc:
Jennings, et al. Expires July 18, 2011 [Page 8]
Internet-Draft SIP Secure Call Flows January 2011
c4:a2:cd:ce:a6:e2:51:d7:9b:ce:39:a8:55:3d:b1:
4a:df:27:d8:8f:02:33:0a:84:5a:a2:ec:d1:b4:c1:
e0:09:79:9f:05:6a:b8:08:38:82:6b:c2:0e:5d:c7:
4f:c5:21:a2:4f:35:4a:5a:96:3a:d6:f2:a0:53:c8:
fe:d7:ee:ef:1b:27:06:08:fe:24:96:04:23:19:7f:
65:4d:81:43:b0:79:47:43:b7:a3:1f:13:58:8e:c0:
e4:92:a7:3d:44:93:4d:74:df:21:13:94:73:48:f0:
6f:cf:8d:a0:6d:2a:67:8e:82:c7:c7:56:af:15:cc:
2d:c0:0e:bf:49:27:0a:bd:a7:7f:71:d4:5e:2b:6e:
f2:c1:37:16:0b:e4:b9:44:29:91:fa:48:0b:48:e8:
e7:32:d4:96:17:56:b9:9a:ba:1b:c1:0e:5f:78:12:
26:06:b4:1f:73:0d:aa:8d:17:dc:29:89:83:fe:08:
71:88:3d:a1:cd:35:49:01:fe:26:df:c7:2c:a8:44:
d9:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Alternative Name:
DNS:example.com, URI:sip:example.com
X509v3 Basic Constraints:
CA:FALSE
X509v3 Subject Key Identifier:
AB:E9:BC:0D:37:A2:45:90:F2:BB:CB:B1:DB:A1:49:28:81:3C:1A:D2
X509v3 Authority Key Identifier:
BB:37:8E:47:C7:5A:34:DB:7A:D9:F8:76:B6:75:8E:D0:E4:13:17:45
DirName:/C=US/ST=California/L=San Jose/O=sipit/
OU=Sipit Test Certificate Authority
serial:96:A3:84:17:4E:EF:8A:4C
X509v3 Key Usage:
Digital Signature, Non Repudiation, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Server Authentication, 1.3.6.1.5.5.7.3.20
Signature Algorithm: sha1WithRSAEncryption
8e:d9:1f:18:52:53:28:77:b9:0a:26:0b:0d:94:d8:3f:fa:01:
a9:72:f2:02:80:3c:f9:01:5c:0a:84:3b:f3:6d:86:b3:ad:7f:
d3:91:e8:0c:b4:76:2f:ec:f6:5a:9a:16:d5:5e:0e:77:e6:e5:
3b:bb:68:51:2b:d8:bf:68:5c:63:4a:d8:2d:84:6b:af:f5:e2:
ea:8c:75:0b:e5:55:bf:5d:f5:bc:bb:ee:f0:62:bc:de:9a:aa:
c5:ae:53:d4:bd:aa:a5:3b:6f:f3:8d:00:2e:2b:c8:ec:ce:2a:
fc:0d:8e:54:8e:4d:01:ea:c0:0a:44:93:03:2d:8f:95:45:2f:
dd:df:33:df:db:96:1f:26:12:2f:b1:17:d2:f0:ab:31:b9:cb:
c4:c1:ae:e6:53:c1:a0:15:79:5b:a2:9d:af:17:b4:ec:72:c2:
9d:38:79:43:c5:58:6e:b6:8e:44:ba:87:03:24:d8:24:ac:12:
1c:be:16:42:32:4e:1b:a8:c3:7f:a9:70:0b:12:c1:8f:98:2c:
b9:23:03:ee:aa:98:5a:48:8f:c8:34:f9:be:73:e5:5c:ae:6b:
a2:b5:8c:04:0f:7c:b1:d2:86:96:e4:c0:d1:f4:11:73:55:df:
e6:3c:7e:17:c6:95:87:b1:a2:87:50:91:d7:ce:68:24:86:c1:
3d:35:c0:d0
Jennings, et al. Expires July 18, 2011 [Page 9]
Internet-Draft SIP Secure Call Flows January 2011
The example host certificate above, as well as all the others
presented in this document, are signed directly by a root CA. These
certificate chains have a length equal to two: the root CA and the
host certificate. Non-root CAs exist and may also sign certificates.
The certificate chains presented by hosts with certificates signed by
non-root CAs will have a length greater than two. For more details
on how certificate chains are validated, see Sections 6.1 and 6.2 of
[RFC5280].
2.3. User Certificates
User certificates are used by many applications to establish user
identity. The user certificate for fluffy@example.com is shown
below. Note that the Subject Alternative Name has a list of names
with different URL types such as a sip, im, or pres URL. This is
necessary for interoperating with a Common Profile for Instant
Messaging (CPIM) gateway. In this example, example.com is the domain
for fluffy. The message could be coming from any host in
*.example.com, and the AOR in the user certificate would still be the
same. The others are shown in Appendix B.1. These certificates make
use of the Extended Key Usage (EKU) extension discussed in [RFC5924].
Note that the X509v3 Extended Key Usage attribute refers to the SIP
OID introduced in [RFC5924], which is 1.3.6.1.5.5.7.3.20
Version: 3 (0x2)
Serial Number:
96:a3:84:17:4e:ef:8a:4d
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=US, ST=California, L=San Jose, O=sipit,
OU=Sipit Test Certificate Authority
Validity
Not Before: Dec 6 22:43:49 2010 GMT
Not After : Nov 12 22:43:49 2110 GMT
Subject: C=US, ST=California, L=San Jose, O=sipit,
CN=fluffy@example.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (2048 bit)
Modulus (2048 bit):
00:c6:a9:ff:b2:e0:63:18:7a:05:b9:9a:31:c0:33:
bb:d4:05:db:a4:df:32:68:41:7e:e5:6c:13:cd:f2:
18:d3:9b:fa:7f:45:92:66:10:a3:f2:4d:ce:40:dd:
1e:df:13:43:b6:d9:f2:cb:44:a0:85:11:51:d2:b0:
f7:9f:d2:3e:af:cd:7d:cb:ab:c0:f0:00:d0:7e:e0:
45:d5:91:45:7a:25:73:d6:08:80:e6:ca:73:61:e1:
04:d3:11:f5:6f:10:00:a9:5d:a7:ac:da:d9:75:92:
14:07:bd:81:26:79:90:4b:99:aa:d8:54:e5:34:6a:
4f:61:e5:e8:22:47:96:f1:e2:5c:e5:a3:09:43:22:
Jennings, et al. Expires July 18, 2011 [Page 10]
Internet-Draft SIP Secure Call Flows January 2011
7b:a5:46:d8:8f:df:c4:18:ed:75:17:00:68:6e:95:
16:e8:ca:15:4c:25:f6:2c:33:86:0e:7a:0f:9d:9a:
a5:e3:8c:3e:ff:c5:32:08:25:bb:52:08:20:8b:95:
46:c9:52:da:7a:15:46:eb:8b:8e:a2:22:b8:e7:ef:
a0:e5:c2:59:83:c8:8b:f7:33:0e:f7:80:b7:11:27:
ac:3e:2c:37:a2:67:2c:22:3b:55:90:a6:ff:c0:df:
63:d1:20:ec:6c:7c:61:2e:b5:d0:28:d7:09:ed:33:
a6:22:9d:00:de:21:bb:7c:53:d1:9f:af:20:23:f4:
dd:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Alternative Name:
URI:sip:fluffy@example.com, URI:im:fluffy@example.com,
URI:pres:fluffy@example.com
X509v3 Basic Constraints:
CA:FALSE
X509v3 Subject Key Identifier:
13:C1:2F:28:AF:EB:53:7F:1D:4D:66:27:1E:D7:F7:99:56:31:C8:A0
X509v3 Authority Key Identifier:
BB:37:8E:47:C7:5A:34:DB:7A:D9:F8:76:B6:75:8E:D0:E4:13:17:45
DirName:/C=US/ST=California/L=San Jose/O=sipit/
OU=Sipit Test Certificate Authority
serial:96:A3:84:17:4E:EF:8A:4C
X509v3 Key Usage:
Digital Signature, Non Repudiation, Key Encipherment
X509v3 Extended Key Usage:
E-mail Protection, 1.3.6.1.5.5.7.3.20
Signature Algorithm: sha1WithRSAEncryption
5d:d6:f9:23:45:da:7a:51:8b:c6:fe:4b:89:99:81:37:ef:27:
03:aa:e0:ed:8d:ec:d0:bf:6e:4c:0c:63:6a:bb:db:be:9d:6d:
f8:d0:d9:7d:89:78:e3:1f:c6:3b:db:ae:1e:f6:f4:56:00:dd:
f3:0e:2b:f8:70:91:f1:ec:f8:02:06:c1:f3:90:92:b3:25:8d:
54:22:b8:07:4b:a1:ee:5c:5c:17:ac:62:37:28:5f:70:02:b5:
80:09:94:42:cf:e6:f0:70:db:df:d1:94:e1:7d:d5:70:41:1a:
4b:b5:73:ec:4c:78:71:bd:9b:d4:63:d7:57:30:fc:eb:d2:bb:
7d:9c:4e:b9:c2:ea:b6:9b:46:47:46:d0:8d:8e:51:f9:dd:ed:
88:75:2d:18:3b:79:4b:ce:f6:76:7b:f5:2f:71:4b:a4:1d:06:
f8:37:5e:d9:8a:42:5c:76:a3:95:36:f0:9b:ee:5a:55:62:12:
2a:94:4e:fe:37:8b:2e:45:5a:21:1c:47:fd:de:2f:01:3e:77:
b9:24:a6:66:44:95:32:37:2c:4d:90:93:bb:6a:b3:1d:5b:9c:
0c:3b:d6:70:d3:7a:39:46:48:2b:ba:5d:6e:d8:3b:83:cb:cf:
67:5b:0c:2d:2e:4c:ff:12:1e:df:72:75:b3:cf:9d:83:ce:e9:
f4:f4:3c:02
Versions of these certificates that do not make use of EKU are also
included in Appendix B.2
Jennings, et al. Expires July 18, 2011 [Page 11]
Internet-Draft SIP Secure Call Flows January 2011
3. Callflow with Message Over TLS
3.1. TLS with Server Authentication
The flow below shows the edited SSLDump output of the host
example.com forming a TLS [RFC5246] connection to example.net. In
this example mutual authentication is not used. Note that the client
proposed three protocol suites including TLS_RSA_WITH_AES_128_CBC_SHA
defined in [RFC5246]. The certificate returned by the server
contains a Subject Alternative Name that is set to example.net. A
detailed discussion of TLS can be found in SSL and TLS [EKR-TLS].
For more details on the SSLDump tool, see the SSLDump Manual
[ssldump-manpage].
This example does not use the Server Extended Hello (see [RFC5246]).
New TCP connection #1: example.com(58315) <-> example.net(5061)
1 1 0.0004 (0.0004) C>SV3.1(101) Handshake
ClientHello
Version 3.1
random[32]=
4c 09 5b a7 66 77 eb 43 52 30 dd 98 4d 09 23 d3
ff 81 74 ab 04 69 bb 79 8c dc 59 cd c2 1f b7 ec
cipher suites
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
TLS_DHE_RSA_WITH_AES_256_SHA
TLS_RSA_WITH_AES_256_CBC_SHA
TLS_DSS_RSA_WITH_AES_256_SHA
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
TLS_DHE_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_DHE_DSS_WITH_AES_128_CBC_SHA
TLS_ECDHE_RSA_WITH_DES_192_CBC3_SHA
TLS_ECDH_RSA_WITH_DES_192_CBC3_SHA
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
TLS_RSA_WITH_3DES_EDE_CBC_SHA
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
TLS_ECDHE_RSA_WITH_RC4_128_SHA
TLS_ECDH_RSA_WITH_RC4_128_SHA
TLS_RSA_WITH_RC4_128_SHA
TLS_RSA_WITH_RC4_128_MD5
TLS_DHE_RSA_WITH_DES_CBC_SHA
TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA
TLS_RSA_WITH_DES_CBC_SHA
TLS_RSA_EXPORT_WITH_DES40_CBC_SHA
TLS_DHE_DSS_WITH_DES_CBC_SHA
Jennings, et al. Expires July 18, 2011 [Page 12]
Internet-Draft SIP Secure Call Flows January 2011
TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA
TLS_RSA_EXPORT_WITH_RC4_40_MD5
compression methods
NULL
1 2 0.0012 (0.0007) S>CV3.1(48) Handshake
ServerHello
Version 3.1
random[32]=
4c 09 5b a7 30 87 74 c7 16 98 24 d5 af 35 17 a7
ef c3 78 0c 94 d4 94 d2 7b a6 3f 40 04 25 f6 e0
session_id[0]=
cipherSuite TLS_RSA_WITH_AES_256_CBC_SHA
compressionMethod NULL
1 3 0.0012 (0.0000) S>CV3.1(1858) Handshake
Certificate
1 4 0.0012 (0.0000) S>CV3.1(14) Handshake
CertificateRequest
certificate_types rsa_sign
certificate_types dss_sign
certificate_types unknown value
ServerHelloDone
1 5 0.0043 (0.0031) C>SV3.1(7) Handshake
Certificate
1 6 0.0043 (0.0000) C>SV3.1(262) Handshake
ClientKeyExchange
1 7 0.0043 (0.0000) C>SV3.1(1) ChangeCipherSpec
1 8 0.0043 (0.0000) C>SV3.1(48) Handshake
1 9 0.0129 (0.0085) S>CV3.1(170) Handshake
1 10 0.0129 (0.0000) S>CV3.1(1) ChangeCipherSpec
1 11 0.0129 (0.0000) S>CV3.1(48) Handshake
1 12 0.0134 (0.0005) C>SV3.1(32) application_data
1 13 0.0134 (0.0000) C>SV3.1(496) application_data
1 14 0.2150 (0.2016) S>CV3.1(32) application_data
1 15 0.2150 (0.0000) S>CV3.1(336) application_data
1 16 12.2304 (12.0154) S>CV3.1(32) Alert
1 12.2310 (0.0005) S>C TCP FIN
1 17 12.2321 (0.0011) C>SV3.1(32) Alert
3.2. MESSAGE Transaction Over TLS
Once the TLS session is set up, the following MESSAGE request (as
defined in [RFC3428] is sent from fluffy@example.com to
kumiko@example.net. Note that the URI has a SIPS URL and that the
VIA indicates that TLS was used. In order to format this document,
the <allOneLine> convention from [RFC4475] is used to break long
lines. The actual message does not contain the linebreaks contained
within those tags.
Jennings, et al. Expires July 18, 2011 [Page 13]
Internet-Draft SIP Secure Call Flows January 2011
MESSAGE sips:kumiko@example.net:5061 SIP/2.0
<allOneLine>
Via: SIP/2.0/TLS 192.0.2.2:15001;
branch=z9hG4bK-d8754z-3bcb7c685f585679-1---d8754z-;
rport=58315
</allOneLine>
Max-Forwards: 70
To: <sips:kumiko@example.net:5061>
From: <sips:fluffy@example.com:15001>;tag=b5220b64
Call-ID: ZDQ1ZjNhMjQxZjZlYjNkZjUyYjJhMDA5MTAxYjRhMmE.
CSeq: 4308 MESSAGE
<allOneLine>
Accept: multipart/signed, text/plain, application/pkcs7-mime,
application/sdp, multipart/alternative
</allOneLine>
Content-Type: text/plain
Content-Length: 6
Hello!
When a User Agent (UA) goes to send a message to example.com, the UA
can see if it already has a TLS connection to example.com and if it
does, it may send the message over this connection. A UA should have
some scheme for reusing connections as opening a new TLS connection
for every message results in awful performance. Implementers are
encouraged to read [RFC5923] and [RFC3263].
The response is sent from example.net to example.com over the same
TLS connection. It is shown below.
SIP/2.0 200 OK
<allOneLine>
Via: SIP/2.0/TLS 192.0.2.2:15001;
branch=z9hG4bK-d8754z-3bcb7c685f585679-1---d8754z-;
rport=58315
</allOneLine>
To: <sips:kumiko@example.net:5061>;tag=35b8014f
From: <sips:fluffy@example.com:15001>;tag=b5220b64
Call-ID: ZDQ1ZjNhMjQxZjZlYjNkZjUyYjJhMDA5MTAxYjRhMmE.
CSeq: 4308 MESSAGE
Content-Length: 0
Jennings, et al. Expires July 18, 2011 [Page 14]
Internet-Draft SIP Secure Call Flows January 2011
4. Callflow with S/MIME-secured Message
4.1. MESSAGE Request with Signed Body
Below is an example of a signed message. The values on the Content-
Type line (multipart/signed) and on the Content-Disposition line have
been broken across lines to fit on the page, but they are not broken
across lines in actual implementations.
MESSAGE sip:kumiko@example.net SIP/2.0
<allOneLine>
Via: SIP/2.0/TCP 192.0.2.2:15001;
branch=z9hG4bK-d8754z-81e4f73858c3585d-1---d8754z-;
rport=58316
</allOneLine>
Max-Forwards: 70
To: <sip:kumiko@example.net>
From: <sip:fluffy@example.com>;tag=74a11610
Call-ID: MzBlOGM0NzkwOTExM2MyMGMyMzU3OWMzZGU0Y2Y1MTg.
CSeq: 8473 MESSAGE
<allOneLine>
Accept: multipart/signed, text/plain, application/pkcs7-mime,
application/sdp, multipart/alternative
</allOneLine>
<allOneLine>
Content-Type: multipart/signed;boundary=7fbf310bbfc8c71c;
micalg=sha1;protocol="application/pkcs7-signature"
</allOneLine>
Content-Length: 774
--7fbf310bbfc8c71c
Content-Type: text/plain
Content-Transfer-Encoding: binary
Hello!
--7fbf310bbfc8c71c
Content-Type: application/pkcs7-signature;name=smime.p7s
<allOneLine>
Content-Disposition: attachment;handling=required;
filename=smime.p7s
</allOneLine>
Content-Transfer-Encoding: binary
*****************
* BINARY BLOB 1 *
*****************
--7fbf310bbfc8c71c--
Jennings, et al. Expires July 18, 2011 [Page 15]
Internet-Draft SIP Secure Call Flows January 2011
It is important to note that the signature ("BINARY BLOB 1") is
computed over the MIME headers and body, but excludes the multipart
boundary lines. The value on the Message-body line ends with CRLF.
The CRLF is included in the boundary and is not part of the signature
computation. To be clear, the signature is computed over data
starting with the "C" in the "Content-Type" and ending with the "!"
in the "Hello!".
Content-Type: text/plain
Content-Transfer-Encoding: binary
Hello!
Following is the ASN.1 parsing of encrypted contents referred to
above as "BINARY BLOB 1". Note that at address 30, the hash for the
signature is specified as SHA-1. Also note that the sender's
certificate is not attached as it is optional in [RFC5652].
0 472: SEQUENCE {
4 9: OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
15 457: [0] {
19 453: SEQUENCE {
23 1: INTEGER 1
26 11: SET {
28 9: SEQUENCE {
30 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
37 0: NULL
: }
: }
39 11: SEQUENCE {
41 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
: }
52 420: SET {
56 416: SEQUENCE {
60 1: INTEGER 1
63 125: SEQUENCE {
65 112: SEQUENCE {
67 11: SET {
69 9: SEQUENCE {
71 3: OBJECT IDENTIFIER countryName (2 5 4 6)
76 2: PrintableString 'US'
: }
: }
80 19: SET {
82 17: SEQUENCE {
84 3: OBJECT IDENTIFIER
: stateOrProvinceName (2 5 4 8)
89 10: PrintableString 'California'
Jennings, et al. Expires July 18, 2011 [Page 16]
Internet-Draft SIP Secure Call Flows January 2011
: }
: }
101 17: SET {
103 15: SEQUENCE {
105 3: OBJECT IDENTIFIER localityName (2 5 4 7)
110 8: PrintableString 'San Jose'
: }
: }
120 14: SET {
122 12: SEQUENCE {
124 3: OBJECT IDENTIFIER
: organizationName (2 5 4 10)
129 5: PrintableString 'sipit'
: }
: }
136 41: SET {
138 39: SEQUENCE {
140 3: OBJECT IDENTIFIER
: organizationalUnitName (2 5 4 11)
145 32: PrintableString 'Sipit Test Certificate Aut
hority'
: }
: }
: }
179 9: INTEGER 00 96 A3 84 17 4E EF 8A 4D
: }
190 9: SEQUENCE {
192 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
199 0: NULL
: }
201 13: SEQUENCE {
203 9: OBJECT IDENTIFIER
: rsaEncryption (1 2 840 113549 1 1 1)
214 0: NULL
: }
216 256: OCTET STRING
: 0F 8A 9A BE F0 A8 9B 91 3D C1 4A E5 62 C1 FB 5D
: 69 70 4E 36 F8 3C C5 7A D5 06 6A 62 1E 6C 2E 17
: 0D 3C 91 B5 39 C7 81 CF 77 B7 61 3B 2E 97 76 C0
: 3A 97 15 A7 32 3B 3E 79 AB FD 97 E0 2E 41 E7 8B
: F6 20 19 E1 1B B7 73 E2 16 F8 44 01 4D 59 6E DB
: 1B 49 FA 48 7E BE 96 32 4F 92 3E 2B 36 D1 26 2B
: 37 9B 01 CD C7 39 FA A5 29 41 A5 ED BD F3 71 DB
: 82 5A 2D E9 3A D2 E6 BF 10 F3 41 AF 6A 20 82 D4
: 69 50 FB 70 DA 88 A3 C3 91 C5 10 CE 3D 80 55 AE
: 8C 99 1E 54 B6 06 3E CA 64 90 FA E2 4F A6 B0 40
: 3E A1 9D D2 E8 7C BF 40 69 6E 80 AF 73 6E 2C 7F
: DD A3 08 FF 52 F1 41 51 4D 86 34 5A 1C D6 92 3C
Jennings, et al. Expires July 18, 2011 [Page 17]
Internet-Draft SIP Secure Call Flows January 2011
: 87 C8 0A 52 32 8D AA F6 45 1B 5C A0 6A E7 64 1E
: 29 12 84 53 4B 2E 0B 72 0E 5E 5B 9A 4B 4A FE F6
: 64 3E 78 8A 5B 9C 45 C0 62 FF E6 F6 89 25 00 73
: 19 4B E0 08 D2 F5 FE 32 D2 47 EC F1 4D 74 7C 26
: }
: }
: }
: }
: }
SHA-1 parameters may be omitted entirely, instead of being set to
NULL, as mentioned in [RFC3370]. The above dump of Blob 1 has SHA-1
parameters set to NULL. Below are the same contents signed with the
same key, but omitting the NULL according to [RFC3370]. This is the
preferred encoding. This is covered in greater detail in Section 5.
0 468: SEQUENCE {
4 9: OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
15 453: [0] {
19 449: SEQUENCE {
23 1: INTEGER 1
26 9: SET {
28 7: SEQUENCE {
30 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
: }
: }
37 11: SEQUENCE {
39 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
: }
50 418: SET {
54 414: SEQUENCE {
58 1: INTEGER 1
61 125: SEQUENCE {
63 112: SEQUENCE {
65 11: SET {
67 9: SEQUENCE {
69 3: OBJECT IDENTIFIER countryName (2 5 4 6)
74 2: PrintableString 'US'
: }
: }
78 19: SET {
80 17: SEQUENCE {
82 3: OBJECT IDENTIFIER
: stateOrProvinceName (2 5 4 8)
87 10: PrintableString 'California'
: }
: }
Jennings, et al. Expires July 18, 2011 [Page 18]
Internet-Draft SIP Secure Call Flows January 2011
99 17: SET {
101 15: SEQUENCE {
103 3: OBJECT IDENTIFIER localityName (2 5 4 7)
108 8: PrintableString 'San Jose'
: }
: }
118 14: SET {
120 12: SEQUENCE {
122 3: OBJECT IDENTIFIER
: organizationName (2 5 4 10)
127 5: PrintableString 'sipit'
: }
: }
134 41: SET {
136 39: SEQUENCE {
138 3: OBJECT IDENTIFIER
: organizationalUnitName (2 5 4 11)
143 32: PrintableString 'Sipit Test Certificate Aut
hority'
: }
: }
: }
177 9: INTEGER 00 96 A3 84 17 4E EF 8A 4D
: }
188 7: SEQUENCE {
190 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
: }
197 13: SEQUENCE {
199 9: OBJECT IDENTIFIER
: rsaEncryption (1 2 840 113549 1 1 1)
210 0: NULL
: }
212 256: OCTET STRING
: 0F 8A 9A BE F0 A8 9B 91 3D C1 4A E5 62 C1 FB 5D
: 69 70 4E 36 F8 3C C5 7A D5 06 6A 62 1E 6C 2E 17
: 0D 3C 91 B5 39 C7 81 CF 77 B7 61 3B 2E 97 76 C0
: 3A 97 15 A7 32 3B 3E 79 AB FD 97 E0 2E 41 E7 8B
: F6 20 19 E1 1B B7 73 E2 16 F8 44 01 4D 59 6E DB
: 1B 49 FA 48 7E BE 96 32 4F 92 3E 2B 36 D1 26 2B
: 37 9B 01 CD C7 39 FA A5 29 41 A5 ED BD F3 71 DB
: 82 5A 2D E9 3A D2 E6 BF 10 F3 41 AF 6A 20 82 D4
: 69 50 FB 70 DA 88 A3 C3 91 C5 10 CE 3D 80 55 AE
: 8C 99 1E 54 B6 06 3E CA 64 90 FA E2 4F A6 B0 40
: 3E A1 9D D2 E8 7C BF 40 69 6E 80 AF 73 6E 2C 7F
: DD A3 08 FF 52 F1 41 51 4D 86 34 5A 1C D6 92 3C
: 87 C8 0A 52 32 8D AA F6 45 1B 5C A0 6A E7 64 1E
: 29 12 84 53 4B 2E 0B 72 0E 5E 5B 9A 4B 4A FE F6
: 64 3E 78 8A 5B 9C 45 C0 62 FF E6 F6 89 25 00 73
Jennings, et al. Expires July 18, 2011 [Page 19]
Internet-Draft SIP Secure Call Flows January 2011
: 19 4B E0 08 D2 F5 FE 32 D2 47 EC F1 4D 74 7C 26
: }
: }
: }
: }
: }
4.2. MESSAGE Request with Encrypted Body
Below is an example of an encrypted text/plain message that says
"Hello!". The binary encrypted contents have been replaced with the
block "BINARY BLOB 2".
MESSAGE sip:kumiko@example.net SIP/2.0
<allOneLine>
Via: SIP/2.0/TCP 192.0.2.2:15001;
branch=z9hG4bK-d8754z-609333791d00044c-1---d8754z-;
rport=58318
</allOneLine>
Max-Forwards: 70
To: <sip:kumiko@example.net>
From: <sip:fluffy@example.com>;tag=625ceb5b
Call-ID: NDY4ZjJjMDllZTA4OTNlYjNhYjQ3NmE1YjIzODk5NGM.
CSeq: 3260 MESSAGE
<allOneLine>
Accept: multipart/signed, text/plain, application/pkcs7-mime,
application/sdp, multipart/alternative
</allOneLine>
<allOneLine>
Content-Disposition: attachment;handling=required;
filename=smime.p7
</allOneLine>
Content-Transfer-Encoding: binary
<allOneLine>
Content-Type: application/pkcs7-mime;smime-type=enveloped-data;
name=smime.p7m
</allOneLine>
Content-Length: 565
*****************
* BINARY BLOB 2 *
*****************
Following is the ASN.1 parsing of "BINARY BLOB 2". Note that at
address 454, the encryption is set to aes128-CBC.
0 561: SEQUENCE {
Jennings, et al. Expires July 18, 2011 [Page 20]
Internet-Draft SIP Secure Call Flows January 2011
4 9: OBJECT IDENTIFIER envelopedData (1 2 840 113549 1 7 3)
15 546: [0] {
19 542: SEQUENCE {
23 1: INTEGER 0
26 409: SET {
30 405: SEQUENCE {
34 1: INTEGER 0
37 125: SEQUENCE {
39 112: SEQUENCE {
41 11: SET {
43 9: SEQUENCE {
45 3: OBJECT IDENTIFIER countryName (2 5 4 6)
50 2: PrintableString 'US'
: }
: }
54 19: SET {
56 17: SEQUENCE {
58 3: OBJECT IDENTIFIER
: stateOrProvinceName (2 5 4 8)
63 10: PrintableString 'California'
: }
: }
75 17: SET {
77 15: SEQUENCE {
79 3: OBJECT IDENTIFIER localityName (2 5 4 7)
84 8: PrintableString 'San Jose'
: }
: }
94 14: SET {
96 12: SEQUENCE {
98 3: OBJECT IDENTIFIER
: organizationName (2 5 4 10)
103 5: PrintableString 'sipit'
: }
: }
110 41: SET {
112 39: SEQUENCE {
114 3: OBJECT IDENTIFIER
: organizationalUnitName (2 5 4 11)
119 32: PrintableString 'Sipit Test Certificate Aut
hority'
: }
: }
: }
153 9: INTEGER 00 96 A3 84 17 4E EF 8A 4E
: }
164 13: SEQUENCE {
166 9: OBJECT IDENTIFIER
Jennings, et al. Expires July 18, 2011 [Page 21]
Internet-Draft SIP Secure Call Flows January 2011
: rsaEncryption (1 2 840 113549 1 1 1)
177 0: NULL
: }
179 256: OCTET STRING
: 13 04 66 18 17 D5 24 A6 2C 67 91 92 A0 1F FC B6
: 22 71 09 E7 C0 D9 B3 FB 0D C0 27 CC E4 E0 A1 FF
: FC CC AF B4 81 16 B2 D7 C3 53 78 49 59 DD DD 84
: DB BC E4 D5 E0 D9 D0 C0 E5 E1 5E 98 3C 2E 20 7B
: BC 3A 00 3B AC 88 71 91 46 F2 94 47 D0 D9 05 F6
: 1B F3 EA 79 B7 69 21 97 DD E0 64 5D A8 30 56 BE
: BF 40 97 73 58 67 65 BE F6 53 C9 C0 D2 B3 61 07
: 97 42 CB 68 37 97 E4 C3 AB 10 09 66 53 E9 72 C7
: A4 66 0C 09 06 12 E1 49 67 B9 40 D6 0B BA 52 7D
: C3 9E B7 30 51 4B 41 CB 5F AF EC A8 A0 AA 69 FF
: 30 06 8B A4 23 E5 F7 05 05 86 F5 CE AD 7B FF BA
: 5D 46 4C 2E FE 6D 7C E2 21 7A 75 37 10 7E 0D 4D
: 82 9E 44 B1 34 AB D0 59 A8 F8 14 6A BD 3D 65 3E
: 6B 37 2E F8 54 7B 47 49 2F 55 7B E8 76 2E BD 8E
: 3F 1E D9 86 95 1A 05 EC 1A 62 96 0F 56 95 9B 26
: CD E2 8A D6 81 EF 1C 92 D1 F2 81 34 83 8C 3F EF
: }
: }
439 124: SEQUENCE {
441 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
452 29: SEQUENCE {
454 9: OBJECT IDENTIFIER
: aes128-CBC (2 16 840 1 101 3 4 1 2)
465 16: OCTET STRING
: F9 4F C2 92 49 32 EB A9 E0 A5 AC AB EF 01 5D A5
: }
483 80: [0]
: 95 F0 53 3D 18 09 77 30 D2 AC 2B 1E 0A 51 E9 EB
: E4 32 8B CA 69 8D BA E5 46 63 9C 99 35 20 70 D3
: EE 7A 21 4B C3 E9 53 E5 B0 7D 26 9A 6A 5C 11 6F
: 59 72 B3 91 1E 98 95 F6 69 89 41 E6 22 5B 2F EB
: F5 9C 71 29 BB 1E 01 97 9E 96 EB 39 8A A2 C6 FC
: }
: }
: }
: }
4.3. MESSAGE Request with Encrypted and Signed Body
In the example below, some of the header values have been split
across mutliple lines. Where the lines have been broken, the
<allOneLine> convention has been used. This was only done to make it
fit in the RFC format. Specifically, the application/pkcs7-mime
Jennings, et al. Expires July 18, 2011 [Page 22]
Internet-Draft SIP Secure Call Flows January 2011
Content-Type line is one line with no whitespace between the "mime;"
and the "smime-type". The values are split across lines for
formatting, but are not split in the real message. The binary
encrypted content has been replaced with "BINARY BLOB 3", and the
binary signed content has been replaced with "BINARY BLOB 4".
Jennings, et al. Expires July 18, 2011 [Page 23]
Internet-Draft SIP Secure Call Flows January 2011
MESSAGE sip:kumiko@example.net SIP/2.0
<allOneLine>
Via: SIP/2.0/TCP 192.0.2.2:15001;
branch=z9hG4bK-d8754z-69c41c074ef38f70-1---d8754z-;
rport=58319
</allOneLine>
Max-Forwards: 70
To: <sip:kumiko@example.net>
From: <sip:fluffy@example.com>;tag=85475653
Call-ID: NmVjYjE0NzNhNjczMDEyZGM3YWM5NmRjYWQxY2JlYTI.
CSeq: 5449 MESSAGE
<allOneLine>
Accept: multipart/signed, text/plain, application/pkcs7-mime,
application/sdp, multipart/alternative
</allOneLine>
<allOneLine>
Content-Type: multipart/signed;boundary=30145b1e6548046b;
micalg=sha1;protocol="application/pkcs7-signature"
</allOneLine>
Content-Length: 1455
--30145b1e6548046b
<allOneLine>
Content-Type: application/pkcs7-mime;smime-type=enveloped-data;
name=smime.p7m
</allOneLine>
<allOneLine>
Content-Disposition: attachment;handling=required;
filename=smime.p7
</allOneLine>
Content-Transfer-Encoding: binary
*****************
* BINARY BLOB 3 *
*****************
--30145b1e6548046b
Content-Type: application/pkcs7-signature;name=smime.p7s
<allOneLine>
Content-Disposition: attachment;handling=required;
filename=smime.p7s
</allOneLine>
Content-Transfer-Encoding: binary
*****************
* BINARY BLOB 4 *
*****************
--30145b1e6548046b--
Jennings, et al. Expires July 18, 2011 [Page 24]
Internet-Draft SIP Secure Call Flows January 2011
Below is the ASN.1 parsing of "BINARY BLOB 3".
0 561: SEQUENCE {
4 9: OBJECT IDENTIFIER envelopedData (1 2 840 113549 1 7 3)
15 546: [0] {
19 542: SEQUENCE {
23 1: INTEGER 0
26 409: SET {
30 405: SEQUENCE {
34 1: INTEGER 0
37 125: SEQUENCE {
39 112: SEQUENCE {
41 11: SET {
43 9: SEQUENCE {
45 3: OBJECT IDENTIFIER countryName (2 5 4 6)
50 2: PrintableString 'US'
: }
: }
54 19: SET {
56 17: SEQUENCE {
58 3: OBJECT IDENTIFIER
: stateOrProvinceName (2 5 4 8)
63 10: PrintableString 'California'
: }
: }
75 17: SET {
77 15: SEQUENCE {
79 3: OBJECT IDENTIFIER localityName (2 5 4 7)
84 8: PrintableString 'San Jose'
: }
: }
94 14: SET {
96 12: SEQUENCE {
98 3: OBJECT IDENTIFIER
: organizationName (2 5 4 10)
103 5: PrintableString 'sipit'
: }
: }
110 41: SET {
112 39: SEQUENCE {
114 3: OBJECT IDENTIFIER
: organizationalUnitName (2 5 4 11)
119 32: PrintableString 'Sipit Test Certificate Aut
hority'
: }
: }
: }
153 9: INTEGER 00 96 A3 84 17 4E EF 8A 4E
Jennings, et al. Expires July 18, 2011 [Page 25]
Internet-Draft SIP Secure Call Flows January 2011
: }
164 13: SEQUENCE {
166 9: OBJECT IDENTIFIER
: rsaEncryption (1 2 840 113549 1 1 1)
177 0: NULL
: }
179 256: OCTET STRING
: 74 D6 C9 2B 48 63 97 2B 56 C2 76 FF 0C D1 C4 EB
: D9 F1 DE 46 F5 0E 37 81 60 F8 03 11 39 99 60 F5
: 9F 20 F8 41 53 96 C7 50 4C FF 6D 99 A0 E8 B6 B8
: AB 97 CD 6F A7 19 58 A9 D0 2C F2 C4 B9 89 29 C0
: 66 F5 FF 80 51 CC 24 75 60 A8 D4 5D B5 4C 6D 2B
: DE C5 A5 A8 A5 FA 7D 21 10 A5 E7 0C 98 67 66 48
: 07 EF DD 8F 68 2A 11 6D 46 4E B6 A1 A0 68 EE 51
: 6D 81 57 E9 27 98 75 B3 E5 08 CC A6 DA 7C 77 D4
: DC 16 78 61 C7 A6 B1 CF 96 36 C9 D8 27 AC 1F D3
: A0 AF 1F B1 65 1B C8 EF BA 9C C8 AD 4B E6 AA FC
: 53 03 8C C2 02 1F BF 20 AE 6F E7 3B 37 6D 98 A3
: 13 D1 F4 A3 F4 9A BE E0 B6 75 F5 B6 5B 86 A0 E1
: F6 8E 93 4B 49 01 62 41 87 7B 12 B1 45 83 C6 61
: 44 A5 E8 D1 CD A6 2B 17 B5 C8 25 D3 9C C2 B8 8B
: 62 16 2C F4 50 72 F6 C3 4F 2B 33 30 59 97 BF 22
: 54 36 23 4F 10 06 61 D0 B6 F8 6F 20 BF 88 08 0B
: }
: }
439 124: SEQUENCE {
441 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
452 29: SEQUENCE {
454 9: OBJECT IDENTIFIER
: aes128-CBC (2 16 840 1 101 3 4 1 2)
465 16: OCTET STRING
: 71 3B EA E0 5D FE D0 5E 6D EA AC 0B B9 6B 3A 99
: }
483 80: [0]
: 41 E7 5A B1 AC F0 A6 BC 9F 52 4F 83 D5 C5 6C 23
: 49 17 20 78 9D C9 73 CB CC 48 8A 61 EB 46 2D D4
: 4A 03 6A 4A 31 E9 F7 52 5B 01 A6 34 38 B9 67 DD
: BD 78 53 59 63 5A 45 2E 02 51 18 B0 F2 43 77 4F
: 89 4E EA 21 E7 FC FF 7C FD 82 41 26 C6 D5 35 29
: }
: }
: }
: }
Below is the ASN.1 parsing of "BINARY BLOB 4".
0 472: SEQUENCE {
Jennings, et al. Expires July 18, 2011 [Page 26]
Internet-Draft SIP Secure Call Flows January 2011
4 9: OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
15 457: [0] {
19 453: SEQUENCE {
23 1: INTEGER 1
26 11: SET {
28 9: SEQUENCE {
30 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
37 0: NULL
: }
: }
39 11: SEQUENCE {
41 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
: }
52 420: SET {
56 416: SEQUENCE {
60 1: INTEGER 1
63 125: SEQUENCE {
65 112: SEQUENCE {
67 11: SET {
69 9: SEQUENCE {
71 3: OBJECT IDENTIFIER countryName (2 5 4 6)
76 2: PrintableString 'US'
: }
: }
80 19: SET {
82 17: SEQUENCE {
84 3: OBJECT IDENTIFIER
: stateOrProvinceName (2 5 4 8)
89 10: PrintableString 'California'
: }
: }
101 17: SET {
103 15: SEQUENCE {
105 3: OBJECT IDENTIFIER localityName (2 5 4 7)
110 8: PrintableString 'San Jose'
: }
: }
120 14: SET {
122 12: SEQUENCE {
124 3: OBJECT IDENTIFIER
: organizationName (2 5 4 10)
129 5: PrintableString 'sipit'
: }
: }
136 41: SET {
138 39: SEQUENCE {
140 3: OBJECT IDENTIFIER
: organizationalUnitName (2 5 4 11)
Jennings, et al. Expires July 18, 2011 [Page 27]
Internet-Draft SIP Secure Call Flows January 2011
145 32: PrintableString 'Sipit Test Certificate Aut
hority'
: }
: }
: }
179 9: INTEGER 00 96 A3 84 17 4E EF 8A 4D
: }
190 9: SEQUENCE {
192 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
199 0: NULL
: }
201 13: SEQUENCE {
203 9: OBJECT IDENTIFIER
: rsaEncryption (1 2 840 113549 1 1 1)
214 0: NULL
: }
216 256: OCTET STRING
: 7E A7 3D FD 62 05 89 BD 84 04 E7 6C E1 9C 12 90
: D5 23 55 65 54 D8 57 30 60 93 14 8A F0 99 E5 B7
: 81 2B 99 14 4A B0 05 A4 DB 5A FD F2 2B E2 F3 43
: 7E 29 37 F3 08 76 95 1C 43 B0 98 E6 09 81 28 95
: FB DF FD CD AF 70 DA 07 21 67 99 11 C4 B9 D6 01
: 9A 6C CC 58 9F 2D A6 44 D3 72 D3 5C 96 3B E1 E2
: F4 90 31 66 A3 B7 66 1B FD 2E 29 58 1D 18 15 BA
: ED 26 D4 B1 A5 F8 67 F4 34 32 45 EA AB 22 AD B7
: 66 BC 3D 2A 07 1C EF 83 67 94 B3 DE A5 FA F5 51
: FD 8B C5 F0 86 06 C4 ED FB FB E1 32 F3 4B C2 41
: FC 8F FD CD 9E FF 9B 1D 09 8C E4 F9 45 0F 65 DC
: C6 83 A3 96 8E 8B 68 E4 B3 3F 33 EC 1C 06 EB 36
: 21 23 4C 47 AB 2C A1 EB 1A 37 01 78 9E 97 5D A8
: FF 7F B6 B2 33 A8 02 01 E3 C5 ED E8 28 0C 6A D9
: A0 7B EA 47 56 3E 9B 24 9C 14 71 40 8F A4 5C 6A
: 34 47 28 DE C4 6B 7C F1 05 5D 2E 31 29 4C 67 E4
: }
: }
: }
: }
: }
Jennings, et al. Expires July 18, 2011 [Page 28]
Internet-Draft SIP Secure Call Flows January 2011
5. Observed Interoperability Issues
This section describes some common interoperability problems. These
were observed by the authors at SIPit interoperability events.
Implementers should be careful to verify that their systems do not
introduce these common problems, and, when possible, make their
clients forgiving in what they receive. Implementations should take
extra care to produce reasonable error messages when interacting with
software that has these problems.
Some SIP clients incorrectly only do SSLv3 and do not support TLS.
See Section 26.2.1 of [RFC3261].
Many SIP clients were found to accept expired certificates with no
warning or error. See Section 4.1.2.5 of [RFC5280].
When used with SIP, TLS and S/MIME provide the identity of the peer
that a client is communicating with in the Subject Alternative Name
in the certificate. The software checks that this name corresponds
to the identity the server is trying to contact. Normative text
describing path validation can be found in Section 7 of [RFC5922] and
Section 6 of [RFC5280]. If a client is trying to set up a TLS
connection to good.example.com and it gets a TLS connection set up
with a server that presents a valid certificate but with the name
evil.example.com, it will typically generate an error or warning of
some type. Similarly with S/MIME, if a user is trying to communicate
with sip:fluffy@example.com, one of the items in the Subject
Alternate Name set in the certificate will need to match according to
the certificate validation rules in Section 23 of [RFC3261] and
Section 6 of [RFC5280].
Some implementations used binary MIME encodings while others used
base64. It is advisable that implementations send only binary and
are prepared to receive either. See Section 3.2 of [RFC5621].
In several places in this document, the messages contain the encoding
for the SHA-1 digest algorithm identifier. The preferred form for
encoding as set out in Section 2 of [RFC3370] is the form in which
the optional AlgorithmIdentifier parameter field is omitted.
However, [RFC3370] also says the recipients need to be able to
receive the form in which the AlgorithmIdentifier parameter field is
present and set to NULL. Examples of the form using NULL can be
found in Section 4.2 of [RFC4134]. Receivers really do need to be
able to receive the form that includes the NULL because the NULL
form, while not preferred, is what was observed as being generated by
most implementations. Implementers should also note that if the
algorithm is MD5 instead of SHA-1, then the form that omits the
AlgorithmIdentifier parameters field is not allowed and the sender
Jennings, et al. Expires July 18, 2011 [Page 29]
Internet-Draft SIP Secure Call Flows January 2011
has to use the form where the NULL is included.
The preferred encryption algorithm for S/MIME in SIP is AES as
defined in [RFC3853].
Observed S/MIME interoperability has been better when UAs did not
attach the senders' certificates. Attaching the certificates
significantly increases the size of the messages, which should be
considered when sending over UDP. Furthermore, the receiver cannot
rely on the sender to always send the certificate, so it does not
turn out to be useful in most situations.
Please note that the certificate path validation algorithm described
in Section 6 of [RFC5280] is a complex algorithm for which all of the
details matter. There are numerous ways in which failing to
precisely implement the algorithm as specified in Section 6 of
[RFC5280] can create a security flaw, a simple example of which is
the failure to check the expiration date that is already mentioned
above. It is important for developers to ensure that this validation
is performed and that the results are verified by their applications
or any libraries that they use.
Jennings, et al. Expires July 18, 2011 [Page 30]
Internet-Draft SIP Secure Call Flows January 2011
6. Additional Test Scenarios
This section provides a non-exhaustive list of tests that
implementations should perform while developing systems that use
S/MIME and TLS for SIP.
Much of the required behavior for inspecting certificates when using
S/MIME and TLS with SIP is currently underspecified. The non-
normative recommendations in this document capture the current
folklore around that required behavior, guided by both related
normative works such as [RFC4474] (particulary, Section 13.4 Domain
Names and Subordination) and informative works such as [RFC2818]
Section 3.1. To summarize, test plans should:
o For S/MIME secured bodies, assure that the peer's URI (address-of-
record, as per [RFC3261] Section 23.3) appears in the
subjectAltName of the peer's certifcate as a
uniformResourceIdentifier field.
o For TLS, assure that the peer's hostname appears as described in
[RFC5922]. Also:
* assure an exact match in a dNSName entry in the subjectAltName
if there are any dNSNames in the subjectAltName. Wildcard
matching is not allowed against these dNSName entries. See
Section 7.1 of [RFC5922].
* assure that the most specific CommonName in the Subject field
matches if there are no dNSName entries in the subjectAltName
at all (which is not the same as there being no matching
dNSName entries). This match can be either exact, or against
an entry that uses the wildcard matching character '*'
The peer's hostname is discovered from the initial DNS query in
the server location process [RFC3263].
o IP addresses can appear in subjectAltName ([RFC5280]) of the
peer's certificate, e.g. "IP:192.168.0.1". Note that if IP
addresses are used in subjectAltName, there are important
ramifications regarding the use of Record-Route headers that also
need to be considered. See Section 7.5 of [RFC5922]. Use of IP
addresses instead of domain names is inadvisable.
For each of these tests, an implementation will proceed past the
verification point only if the certificate is "good". S/MIME
protected requests presenting bad certificate data will be rejected.
S/MIME protected responses presenting bad certificate information
will be ignored. TLS connections involving bad certificate data will
Jennings, et al. Expires July 18, 2011 [Page 31]
Internet-Draft SIP Secure Call Flows January 2011
not be completed.
1. S/MIME : Good peer certificate
2. S/MIME : Bad peer certificate (peer URI does not appear in
subjAltName)
3. S/MIME : Bad peer certificate (valid authority chain does not
end at a trusted CA)
4. S/MIME : Bad peer certificate (incomplete authority chain)
5. S/MIME : Bad peer certificate (the current time does not fall
within the period of validity)
6. S/MIME : Bad peer certificate (certificate or cert in authority
chain has been revoked)
7. S/MIME : Bad peer certificate ("Digital Signature" is not
specified as an X509v3 Key Usage)
8. TLS : Good peer certificate (hostname appears in dNSName in
subjAltName)
9. TLS : Good peer certificate (no dNSNames in subjAltName,
hostname appears in CN of Subject)
10. TLS : Good peer certificate (CN of Subject empty, and
subjectAltName extension contains an iPAddress stored in the
octet string in network byte order form as specified in RFC 791
[RFC0791])
11. TLS : Bad peer certificate (no match in dNSNames or in the
Subject CN)
12. TLS : Bad peer certificate (valid authority chain does not end
at a trusted CA)
13. TLS : Bad peer certificate (incomplete authority chain)
14. TLS : Bad peer certificate (the current time does not fall
within the period of validity)
15. TLS : Bad peer certificate (certificate or cert in authority
chain has been revoked)
16. TLS : Bad peer certificate ("TLS Web Server Authentication" is
not specified as an X509v3 Key Usage)
Jennings, et al. Expires July 18, 2011 [Page 32]
Internet-Draft SIP Secure Call Flows January 2011
17. TLS : Bad peer certificate (Neither "SIP Domain" nor "Any
Extended Key Usage" specified as an X509v3 Extended Key Usage,
and X509v3 Extended Key Usage is present)
Jennings, et al. Expires July 18, 2011 [Page 33]
Internet-Draft SIP Secure Call Flows January 2011
7. IANA Considerations
No IANA actions are required.
Jennings, et al. Expires July 18, 2011 [Page 34]
Internet-Draft SIP Secure Call Flows January 2011
8. Acknowledgments
Many thanks to the developers of all the open source software used to
create these call flows. This includes the underlying crypto and TLS
software used from openssl.org, the SIP stack from
www.resiprocate.org, and the SIMPLE IMPP agent from www.sipimp.org.
The TLS flow dumps were done with SSLDump from
http://www.rtfm.com/ssldump. The book "SSL and TLS" [EKR-TLS] was a
huge help in developing the code for these flows. It's sad there is
no second edition.
Thanks to Jim Schaad, Russ Housley, Eric Rescorla, Dan Wing, Tat
Chan, and Lyndsay Campbell who all helped find and correct mistakes
in this document.
Vijay Gurbani and Alan Jeffrey contributed much of the additional
test scenario content.
Jennings, et al. Expires July 18, 2011 [Page 35]
Internet-Draft SIP Secure Call Flows January 2011
9. Security Considerations
Implementers must never use any of the certificates provided in this
document in anything but a test environment. Installing the CA root
certificates used in this document as a trusted root in operational
software would completely destroy the security of the system while
giving the user the impression that the system was operating
securely.
This document recommends some things that implementers might test or
verify to improve the security of their implementations. It is
impossible to make a comprehensive list of these, and this document
only suggests some of the most common mistakes that have been seen at
the SIPit interoperability events. Just because an implementation
does everything this document recommends does not make it secure.
This document does not show any messages to check certificate
revocation status (see Sections 3.3 and 6.3 of [RFC5280]) as that is
not part of the SIP call flow. The expectation is that revocation
status is checked regularly to protect against the possibility of
certificate compromise or repudiation. For more information on how
certificate revocation status can be checked, see [RFC2560] (Online
Certificate Status Protocol) and [RFC5055] (Server-Based Certificate
Validation Protocol).
Jennings, et al. Expires July 18, 2011 [Page 36]
Internet-Draft SIP Secure Call Flows January 2011
10. Changelog
(RFC Editor: remove this section)
-02 to -03
* Re-worded "should" and "must" so that the document doesn't
sound like it is making normative statements. Actual normative
behavior is referred to in the respective RFCs.
* Section 5: re-worded paragraphs 4 and 5 regarding
subjectAltName, and added references.
* Section 6: added references, clarified use of IP addresses, and
clarified which From/To URI is used for comparison (from
section 23.2). Added an EKU test case.
* Section 9: added text about certificate revocation checking.
* Appendix B.3: new section to present certificate chains longer
than 2 (non-root CA).
* Made examples consistently use <allOneLine> convention.
* CSeq looks more random.
* Serial numbers in certs are non-zero.
* All flows re-generated using new certs. IP addresses conform
to RFC 5737.
* Updated references.
-01 to -02
* Draft is now informational, not standards track. Normative-
sounding language and references to RFC 2119 removed.
* Add TODO: change "hello" to "Hello!" in example flows for
consistency.
* Add TODO: Fix subjectAltName DNS:com to DNS:example.com and
DNS:net to DNS:example.net.
* Add TODO: use allOneLine convention from RFC4475.
* Section 3: updated open issue regarding contact headers in
MESSAGE.
Jennings, et al. Expires July 18, 2011 [Page 37]
Internet-Draft SIP Secure Call Flows January 2011
* Section 3.2: added some text about RFC 3263 and connection
reuse and closed open issue.
* Section 5: clarified text about sender attaching certs, closed
issue.
* Section 5: clarified text about observed problems, closed
issue.
* Section 5: closed issue about clients vs. servers vs. proxies.
* Section 6: updated section text and open issue where IP address
is in subjectAltName.
* Section 6: added normative references and closed "folklore"
issue.
* Section 6: added cases about cert usage and broken chains,
updated OPEN ISSUE: we need a SIP EKU example.
* References: updated references to drafts and re-categorized
informative vs. normative.
* Section 9: added some text about revocation status and closed
issue.
* Appendix B: open issue: do we need non-root-CA certs and host
certs signed by them for help in testing cases in Section 6?
* Miscellaneous minor editorial changes.
-00 to -01
* Addition of OPEN ISSUES.
* Numerous minor edits from mailing list feedback.
to -00
* Changed RFC 3369 references to RFC 3852.
* Changed draft-ietf-sip-identity references to RFC 4474.
* Added an ASN.1 dump of CMS signed content where SHA-1
parameters are omitted instead of being set to ASN.1 NULL.
* Accept headers added to messages.
Jennings, et al. Expires July 18, 2011 [Page 38]
Internet-Draft SIP Secure Call Flows January 2011
* User and domain certificates are generated with EKU as
specified in Draft SIP EKU.
* Message content that is shown is computed using certificates
generated with EKU.
* Message dump archive returned.
* Message archive contains messages formed with and without EKU
certificates.
prior to -00
* Incorporated the Test cases from Vijay Gurbani's and Alan
Jeffrey's Use of TLS in SIP draft
* Began to capture the folklore around where identities are
carried in certificates for use with SIP
* Removed the message dump archive pending verification (will
return in -02)
Jennings, et al. Expires July 18, 2011 [Page 39]
Internet-Draft SIP Secure Call Flows January 2011
11. References
11.1. Normative References
[RFC0791] Postel, J., "Internet Protocol", STD 5, RFC 791,
September 1981.
[RFC2560] Myers, M., Ankney, R., Malpani, A., Galperin, S., and C.
Adams, "X.509 Internet Public Key Infrastructure Online
Certificate Status Protocol - OCSP", RFC 2560, June 1999.
[RFC3261] Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston,
A., Peterson, J., Sparks, R., Handley, M., and E.
Schooler, "SIP: Session Initiation Protocol", RFC 3261,
June 2002.
[RFC3263] Rosenberg, J. and H. Schulzrinne, "Session Initiation
Protocol (SIP): Locating SIP Servers", RFC 3263,
June 2002.
[RFC3370] Housley, R., "Cryptographic Message Syntax (CMS)
Algorithms", RFC 3370, August 2002.
[RFC3428] Campbell, B., Rosenberg, J., Schulzrinne, H., Huitema, C.,
and D. Gurle, "Session Initiation Protocol (SIP) Extension
for Instant Messaging", RFC 3428, December 2002.
[RFC3853] Peterson, J., "S/MIME Advanced Encryption Standard (AES)
Requirement for the Session Initiation Protocol (SIP)",
RFC 3853, July 2004.
[RFC4474] Peterson, J. and C. Jennings, "Enhancements for
Authenticated Identity Management in the Session
Initiation Protocol (SIP)", RFC 4474, August 2006.
[RFC5055] Freeman, T., Housley, R., Malpani, A., Cooper, D., and W.
Polk, "Server-Based Certificate Validation Protocol
(SCVP)", RFC 5055, December 2007.
[RFC5246] Dierks, T. and E. Rescorla, "The Transport Layer Security
(TLS) Protocol Version 1.2", RFC 5246, August 2008.
[RFC5280] Cooper, D., Santesson, S., Farrell, S., Boeyen, S.,
Housley, R., and W. Polk, "Internet X.509 Public Key
Infrastructure Certificate and Certificate Revocation List
(CRL) Profile", RFC 5280, May 2008.
[RFC5621] Camarillo, G., "Message Body Handling in the Session
Jennings, et al. Expires July 18, 2011 [Page 40]
Internet-Draft SIP Secure Call Flows January 2011
Initiation Protocol (SIP)", RFC 5621, September 2009.
[RFC5652] Housley, R., "Cryptographic Message Syntax (CMS)", STD 70,
RFC 5652, September 2009.
[RFC5751] Ramsdell, B. and S. Turner, "Secure/Multipurpose Internet
Mail Extensions (S/MIME) Version 3.2 Message
Specification", RFC 5751, January 2010.
[RFC5922] Gurbani, V., Lawrence, S., and A. Jeffrey, "Domain
Certificates in the Session Initiation Protocol (SIP)",
RFC 5922, June 2010.
[RFC5923] Gurbani, V., Mahy, R., and B. Tate, "Connection Reuse in
the Session Initiation Protocol (SIP)", RFC 5923,
June 2010.
[RFC5924] Lawrence, S. and V. Gurbani, "Extended Key Usage (EKU) for
Session Initiation Protocol (SIP) X.509 Certificates",
RFC 5924, June 2010.
[X.509] International Telecommunications Union, "Information
technology - Open Systems Interconnection - The Directory:
Public-key and attribute certificate frameworks", ITU-
T Recommendation X.509 (2005), ISO/IEC 9594-8:2005.
[X.683] International Telecommunications Union, "Information
technology - Abstract Syntax Notation One (ASN.1):
Parameterization of ASN.1 specifications", ITU-
T Recommendation X.683 (2002), ISO/IEC 8824-4:2002, 2002.
11.2. Informative References
[EKR-TLS] Rescorla, E., "SSL and TLS - Designing and Building Secure
Systems", 2001.
[RFC2818] Rescorla, E., "HTTP Over TLS", RFC 2818, May 2000.
[RFC4134] Hoffman, P., "Examples of S/MIME Messages", RFC 4134,
July 2005.
[RFC4475] Sparks, R., Hawrylyshen, A., Johnston, A., Rosenberg, J.,
and H. Schulzrinne, "Session Initiation Protocol (SIP)
Torture Test Messages", RFC 4475, May 2006.
[RFC4514] Zeilenga, K., "Lightweight Directory Access Protocol
(LDAP): String Representation of Distinguished Names",
RFC 4514, June 2006.
Jennings, et al. Expires July 18, 2011 [Page 41]
Internet-Draft SIP Secure Call Flows January 2011
[ssldump-manpage]
Rescorla, E., "SSLDump manpage".
Jennings, et al. Expires July 18, 2011 [Page 42]
Internet-Draft SIP Secure Call Flows January 2011
Appendix A. Making Test Certificates
These scripts allow you to make certificates for test purposes. The
certificates will all share a common CA root so that everyone running
these scripts can have interoperable certificates. WARNING - these
certificates are totally insecure and are for test purposes only.
All the CA created by this script share the same private key to
facilitate interoperability testing, but this totally breaks the
security since the private key of the CA is well known.
The instructions assume a Unix-like environment with openssl
installed, but openssl does work in Windows too. OpenSSL version
0.9.8j was used to generate the certificates used in this document.
Make sure you have openssl installed by trying to run "openssl". Run
the makeCA script found in Appendix A.1; this creates a subdirectory
called demoCA. If the makeCA script cannot find where your openssl
is installed you will have to set an environment variable called
OPENSSLDIR to whatever directory contains the file openssl.cnf. You
can find this with a "locate openssl.cnf". You are now ready to make
certificates.
To create certs for use with TLS, run the makeCert script found in
Appendix A.2 with the fully qualified domain name of the proxy you
are making the certificate for. For example, "makeCert
host.example.net". This will generate a private key and a
certificate. The private key will be left in a file named
domain_key_example.net.pem in pem format. The certificate will be in
domain_cert_example.net.pem. Some programs expect both the
certificate and private key combined together in a PKCS12 format
file. This is created by the script and left in a file named
example.net.p12. Some programs expect this file to have a .pfx
extension instead of .p12 - just rename the file if needed. A file
with a certificate signing request, called example.net.csr, is also
created and can be used to get the certificate signed by another CA.
A second argument indicating the number of days for which the
certificate should be valid can be passed to the makeCert script. It
is possible to make an expired certificate using the command
"makeCert host.example.net 0".
Anywhere that a password is used to protect a certificate, the
password is set to the string "password".
The root certificate for the CA is in the file
root_cert_fluffyCA.pem.
For things that need DER format certificates, a certificate can be
converted from PEM to DER with "openssl x509 -in cert.pem -inform PEM
Jennings, et al. Expires July 18, 2011 [Page 43]
Internet-Draft SIP Secure Call Flows January 2011
-out cert.der -outform DER".
Some programs expect certificates in PKCS#7 format (with a file
extension of .p7c). You can convert these from PEM format to PKCS#7
with "openssl crl2pkcs7 -nocrl -certfile cert.pem -certfile demoCA/
cacert.pem -outform DER -out cert.p7c"
IE (version 8), Outlook Express (version 6), and Firefox (version
3.5) can import and export .p12 files and .p7c files. You can
convert a pkcs7 certificate to PEM format with "openssl pkcs7 -in
cert.p7c -inform DER -outform PEM -out cert.pem".
The private key can be converted to pkcs8 format with "openssl pkcs8
-in a_key.pem -topk8 -outform DER -out a_key.p8c"
In general, a TLS client will just need the root certificate of the
CA. A TLS server will need its private key and its certificate.
These could be in two PEM files, a single file with both certificate
and private key PEM sections, or a single .p12 file. An S/MIME
program will need its private key and certificate, the root
certificate of the CA, and the certificate for every other user it
communicates with.
A.1. makeCA script
#!/bin/sh
set -x
rm -rf demoCA
mkdir demoCA
mkdir demoCA/certs
mkdir demoCA/crl
mkdir demoCA/newcerts
mkdir demoCA/private
# This is done to generate the exact serial number used for the RFC
echo "4902110184015C" > demoCA/serial
touch demoCA/index.txt
# You may need to modify this for where your default file is
# you can find where yours in by typing "openssl ca"
for D in /etc/ssl /usr/local/ssl /sw/etc/ssl /sw/share/ssl; do
CONF=${OPENSSLDIR:=$D}/openssl.cnf
[ -f ${CONF} ] && break
done
CONF=${OPENSSLDIR}/openssl.cnf
Jennings, et al. Expires July 18, 2011 [Page 44]
Internet-Draft SIP Secure Call Flows January 2011
if [ ! -f $CONF ]; then
echo "Can not find file $CONF - set your OPENSSLDIR variable"
exit
fi
cp $CONF openssl.cnf
cat >> openssl.cnf <<EOF
[ sipdomain_cert ]
subjectAltName=\${ENV::ALTNAME}
basicConstraints=CA:FALSE
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid,issuer:always
keyUsage = nonRepudiation,digitalSignature,keyEncipherment
extendedKeyUsage=serverAuth,1.3.6.1.5.5.7.3.20
[ sipdomain_req ]
basicConstraints = CA:FALSE
subjectAltName=\${ENV::ALTNAME}
subjectKeyIdentifier=hash
[ sipuser_cert ]
subjectAltName=\${ENV::ALTNAME}
basicConstraints=CA:FALSE
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid,issuer:always
keyUsage = nonRepudiation,digitalSignature,keyEncipherment
extendedKeyUsage=emailProtection,1.3.6.1.5.5.7.3.20
[ sipuser_req ]
basicConstraints = CA:FALSE
subjectAltName=\${ENV::ALTNAME}
subjectKeyIdentifier=hash
[ sipdomain_noeku_cert ]
subjectAltName=\${ENV::ALTNAME}
basicConstraints=CA:FALSE
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid,issuer:always
keyUsage = nonRepudiation,digitalSignature,keyEncipherment
[ sipdomain_noeku_req ]
basicConstraints = CA:FALSE
subjectAltName=\${ENV::ALTNAME}
subjectKeyIdentifier=hash
[ sipuser_noeku_cert ]
subjectAltName=\${ENV::ALTNAME}
basicConstraints=CA:FALSE
Jennings, et al. Expires July 18, 2011 [Page 45]
Internet-Draft SIP Secure Call Flows January 2011
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid,issuer:always
keyUsage = nonRepudiation,digitalSignature,keyEncipherment
[ sipuser_noeku_req ]
basicConstraints = CA:FALSE
subjectAltName=\${ENV::ALTNAME}
subjectKeyIdentifier=hash
EOF
cat > demoCA/private/cakey.pem <<EOF
-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIFDjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIiJYqQKtuiS0CAggA
MBQGCCqGSIb3DQMHBAiNK9djStGRcgSCBMhyfVjcNeZk9J4Mi/aWvy//9v/Htx9q
V0F6S2qdXhuSHzcJPAAoCKAvXuySszn1GSdeMcRy927nFoAf2EROawpJ5bVMe5YQ
/lkmfo/+whlsizpX9yF84NeJ71vCOXIvvhUhD9vTUzhdmV/pM3Mtb/W4f35iEgoO
y8EnSO3zs4+b2A07eoPspudj7exYgB7BFkUCnPaPF92O8GAFkcCnNRm43Dy+T22p
m1inp5QLi5ODTbIKy+5Uaki7OP9bRmrxotDOWbXlHulYH9NOMQN1BbozJ3/PJe3U
Zn2g3KHYlEUlPoYV/GLBI064dYirMCG1uKTZpCGunGOQjj5EWzWbDYIUpAnxDboN
yKBpnMQxjsBz8/lP36HcPuVw2prTbTOCyaVjOip7p11Oq2XPHkqhWHJ6ZMypDG/3
Y/qbkROZAB3FemkfPBwjisJMQSlVIUW/PoU9Jtl2sOQ45KB3ZLEzUuOM94hc1Zmd
6VP1Iaj8irQ5Jsn8MrmIXy3566It/MX/hl395I2T0misVxoqpY5KpRsVGoj0D4bx
fcitKQrReWOU1+rNGCpHoRNj+1Iv3cTn2QiBMHGB7QI17qKlTmITCRa7SdpdWvE7
ZCM1IaNuK5PgiVQymuodvWygA4oX/mmcWKRBze6rl5sUGHzHKijdp+276ochDrzZ
goyB5zqK3epF4NWeKYkm/pOOa8htzQ2rl8Fyly0jE4Diw9XciPe5KW5qjr1tOJfF
ryborU1L1pLKvgt0nsKuXIDdqmD6xhCkssE6fcC+svS/91Q5cZB8Aiu9lmB6DRuy
gtUDjafgeLXuZviyh9GyMtlVRKL61zzlpAkav84p27q1XmpmMkN7V5fbDQE+xl7k
RLXKw5lWTgj/435YM4anAPJaF/cl8EdxgK2r6sy5FBqE2uM6d2N9ghbnAPF1HlSa
wg7s+vm54MHTdIj3LWYq3hnuVU0dn5/IJvKBbadj9DdXUAio2d3GrNVkUZLNSQtm
cCGVEIvzSO2DcDZhmBM0Ub6uWPmxfXShNWJ5L7ZrW41o19ejEUcVnP7arEIdvxsZ
fBqSXMZXw2WW+nU18qlXexkI77A4sLZIOHjRKzsS2QpV6OTzMfP/EHLluLYK+C3t
8cds9cBfd2PNyv9PlZySjSBCOCkzN7udmcldyeyflBmbNoBvbu1ti7fv3/ZQWelX
K45EW+FbnSCUfrmeanrWFSs2wgxHeB0IqKvWAqraY0qYFMfiPp8d4lgK5wJqM5bk
1HRlwnUIEnXRTEe8MPW9/HNgyPeu7LlSe5D/zCjSs2qlfIsfjAi0tekITYHD19oy
vpjIkHGQeXq9N3NucuDAQ9RlZWvw9RKLkzzzY7VFT+3Zx5FaDgSM9+igGlPbAE/8
p3h+MW18StyG9DsQ0DTurhL/fhFYtjiSCksAsmjjX4lVwWaLGEk949vKISCdAlab
BS7YUMBHrsvywTDdwygENzNlDQ1OK5d2zTjcdpSe8z+yrWj3dKLVCO9QPSkuECo6
Izm6JmZXCjn4+PhPmChZGIoB8E3cTyuLd64AzyhSAY0J0myNYVE9Po90yPp+J/86
D6dpNldxJTWm5/myrbdT2dvc2glV0XUIdMKMc16aaD7AX56fCfYt7sWyAZ6nAgwm
t4U=
-----END ENCRYPTED PRIVATE KEY-----
EOF
cat > demoCA/cacert.pem <<EOF
-----BEGIN CERTIFICATE-----
MIIEOzCCAyOgAwIBAgIJAJajhBdO74pMMA0GCSqGSIb3DQEBBQUAMHAxCzAJBgNV
Jennings, et al. Expires July 18, 2011 [Page 46]
Internet-Draft SIP Secure Call Flows January 2011
BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMREwDwYDVQQHEwhTYW4gSm9zZTEO
MAwGA1UEChMFc2lwaXQxKTAnBgNVBAsTIFNpcGl0IFRlc3QgQ2VydGlmaWNhdGUg
QXV0aG9yaXR5MCAXDTEwMTIwNjIyMzYyOVoYDzIxMTAxMTEyMjIzNjI5WjBwMQsw
CQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTERMA8GA1UEBxMIU2FuIEpv
c2UxDjAMBgNVBAoTBXNpcGl0MSkwJwYDVQQLEyBTaXBpdCBUZXN0IENlcnRpZmlj
YXRlIEF1dGhvcml0eTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOzA
rew7DXtqlSSW3DPCHfazDa/tX3OctV/cOiGVIIHBKWOgNIbt8UyKZpA3lasPjLLa
VanKyq5QEOs0KNfYmFsU7PzEVdTGY1ru6OxBCNO+KJ6xiU3Sa1f2qnfJCPz5JaCj
48y/8MDymVnl788KOtc4vGv5bP9uoNCyYk+YcvDwHR1AhFAFm24VPEm2nVgFoQ3P
ke7tKA8P4Q9xiqZufCqtrq7EjY4qLoqirGeFLqqCDks4senyhCMMmOBXuDhw9Imp
lMuaXhVSukUKgJ8zgs/i8uuP+WE8iut0sXyH+QwvIM4NvmmP0bxdxYrlGgtdcGXI
AvNGhSXTiIzdgFXZaZsCAwEAAaOB1TCB0jAdBgNVHQ4EFgQUuzeOR8daNNt62fh2
tnWO0OQTF0UwgaIGA1UdIwSBmjCBl4AUuzeOR8daNNt62fh2tnWO0OQTF0WhdKRy
MHAxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMREwDwYDVQQHEwhT
YW4gSm9zZTEOMAwGA1UEChMFc2lwaXQxKTAnBgNVBAsTIFNpcGl0IFRlc3QgQ2Vy
dGlmaWNhdGUgQXV0aG9yaXR5ggkAlqOEF07vikwwDAYDVR0TBAUwAwEB/zANBgkq
hkiG9w0BAQUFAAOCAQEAsXXUVqtwFKDuZ6PsBwwdiyxf1xzz4wG6PZ3aR0kx1YH1
LdJmpSwf28MtijJq7CKLsVhjVyOINJ9s34x7c4wqfNMjApdUdvM0JX/RrSWHF1Yw
YUP0FmN3D3unsAuXGwXyXIYsqdU7y3OSojzcfhIwhp74V2yipChR5PfwzimcgjTy
AjxDYjaURMGttHn3bvnivfkVzOjesJ2cLxgwqes/1FbJYY14svtO5SIdAMTPzpz+
1vFPAZ2SWOB4KstpNhisG1MNhrGRNIveBV0iGCpn5erydwHWnGAXBoSDb7aIfs7I
Y9QwbZBy/ln0MgTmr9S+mUTI3j0BiNeKNTDCLXfpcA==
-----END CERTIFICATE-----
EOF
# uncomment the following lines to generate your own key pair
# openssl req -newkey rsa:2048 -passin pass:password \
# -passout pass:password -set_serial 0x96a384174eef8a4c \
# -sha1 -x509 -keyout demoCA/private/cakey.pem \
# -out demoCA/cacert.pem -days 36500 -config ${CONF} <<EOF
# US
# California
# San Jose
# sipit
# Sipit Test Certificate Authority
#
#
# EOF
# either randomly generate a serial number, or set it manually
# hexdump -n 4 -e '4/1 "%04u"' /dev/random > demoCA/serial
echo 96a384174eef8a4d > demoCA/serial
Jennings, et al. Expires July 18, 2011 [Page 47]
Internet-Draft SIP Secure Call Flows January 2011
openssl crl2pkcs7 -nocrl -certfile demoCA/cacert.pem \
-outform DER -out demoCA/cacert.p7c
cp demoCA/cacert.pem root_cert_fluffyCA.pem
A.2. makeCert script
#!/bin/sh
set -x
# Make a symbolic link to this file called "makeUserCert"
# if you wish to use it to make certs for users.
# ExecName=$(basename $0)
#
# if [ ${ExecName} == "makeUserCert" ]; then
# ExtPrefix="sipuser"
# elif [ ${ExecName} == "makeEkuUserCert" ]; then
# ExtPrefix="sipuser_eku"
# elif [ ${ExecName} == "makeEkuCert" ]; then
# ExtPrefix="sipdomain_eku"
# else
# ExtPrefix="sipdomain"
# fi
if [ $# == 3 ]; then
DAYS=36500
elif [ $# == 4 ]; then
DAYS=$4
else
echo "Usage: makeCert test.example.org user|domain eku|noeku [days]"
echo " makeCert alice@example.org [days]"
echo "days is how long the certificate is valid"
echo "days set to 0 generates an invalid certificate"
exit 0
fi
ExtPrefix="sip"${2}
if [ $3 == "noeku" ]; then
ExtPrefix=${ExtPrefix}"_noeku"
fi
Jennings, et al. Expires July 18, 2011 [Page 48]
Internet-Draft SIP Secure Call Flows January 2011
DOMAIN=`echo $1 | perl -ne '{print "$1\n" if (/(\w+\..*)$/)}' `
ADDR=$1
echo "making cert for $DOMAIN ${ADDR}"
rm -f ${ADDR}_*.pem
rm -f ${ADDR}.p12
case ${ADDR} in
*:*) ALTNAME="URI:${ADDR}" ;;
*@*) ALTNAME="URI:sip:${ADDR},URI:im:${ADDR},URI:pres:${ADDR}" ;;
*) ALTNAME="DNS:${DOMAIN},URI:sip:${ADDR}" ;;
esac
rm -f demoCA/index.txt
touch demoCA/index.txt
rm -f demoCA/newcerts/*
export ALTNAME
openssl genrsa -out ${ADDR}_key.pem 2048
openssl req -new -config openssl.cnf -reqexts ${ExtPrefix}_req \
-sha1 -key ${ADDR}_key.pem \
-out ${ADDR}.csr -days ${DAYS} <<EOF
US
California
San Jose
sipit
${ADDR}
EOF
if [ $DAYS == 0 ]; then
openssl ca -extensions ${ExtPrefix}_cert -config openssl.cnf \
-passin pass:password -policy policy_anything \
-md sha1 -batch -notext -out ${ADDR}_cert.pem \
-startdate 990101000000Z \
-enddate 000101000000Z \
-infiles ${ADDR}.csr
else
openssl ca -extensions ${ExtPrefix}_cert -config openssl.cnf \
-passin pass:password -policy policy_anything \
-md sha1 -days ${DAYS} -batch -notext -out ${ADDR}_cert.pem \
-infiles ${ADDR}.csr
fi
Jennings, et al. Expires July 18, 2011 [Page 49]
Internet-Draft SIP Secure Call Flows January 2011
openssl pkcs12 -passin pass:password \
-passout pass:password -export \
-out ${ADDR}.p12 -in ${ADDR}_cert.pem \
-inkey ${ADDR}_key.pem -name ${ADDR} -certfile demoCA/cacert.pem
openssl x509 -in ${ADDR}_cert.pem -noout -text
case ${ADDR} in
*@*) mv ${ADDR}_key.pem user_key_${ADDR}.pem; \
mv ${ADDR}_cert.pem user_cert_${ADDR}.pem ;;
*) mv ${ADDR}_key.pem domain_key_${ADDR}.pem; \
mv ${ADDR}_cert.pem domain_cert_${ADDR}.pem ;;
esac
Jennings, et al. Expires July 18, 2011 [Page 50]
Internet-Draft SIP Secure Call Flows January 2011
Appendix B. Certificates for Testing
This section contains various certificates used for testing in PEM
format.
B.1. Certificates Using EKU
These certificates make use of the EKU specification described in
[RFC5924].
Fluffy's user certificate for example.com:
-----BEGIN CERTIFICATE-----
MIIEqzCCA5OgAwIBAgIJAJajhBdO74pNMA0GCSqGSIb3DQEBBQUAMHAxCzAJBgNV
BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMREwDwYDVQQHEwhTYW4gSm9zZTEO
MAwGA1UEChMFc2lwaXQxKTAnBgNVBAsTIFNpcGl0IFRlc3QgQ2VydGlmaWNhdGUg
QXV0aG9yaXR5MCAXDTEwMTIwNjIyNDM0OVoYDzIxMTAxMTEyMjI0MzQ5WjBiMQsw
CQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTERMA8GA1UEBxMIU2FuIEpv
c2UxDjAMBgNVBAoTBXNpcGl0MRswGQYDVQQDFBJmbHVmZnlAZXhhbXBsZS5jb20w
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGqf+y4GMYegW5mjHAM7vU
Bduk3zJoQX7lbBPN8hjTm/p/RZJmEKPyTc5A3R7fE0O22fLLRKCFEVHSsPef0j6v
zX3Lq8DwANB+4EXVkUV6JXPWCIDmynNh4QTTEfVvEACpXaes2tl1khQHvYEmeZBL
marYVOU0ak9h5egiR5bx4lzlowlDInulRtiP38QY7XUXAGhulRboyhVMJfYsM4YO
eg+dmqXjjD7/xTIIJbtSCCCLlUbJUtp6FUbri46iIrjn76DlwlmDyIv3Mw73gLcR
J6w+LDeiZywiO1WQpv/A32PRIOxsfGEutdAo1wntM6YinQDeIbt8U9GfryAj9N1R
AgMBAAGjggFSMIIBTjBRBgNVHREESjBIhhZzaXA6Zmx1ZmZ5QGV4YW1wbGUuY29t
hhVpbTpmbHVmZnlAZXhhbXBsZS5jb22GF3ByZXM6Zmx1ZmZ5QGV4YW1wbGUuY29t
MAkGA1UdEwQCMAAwHQYDVR0OBBYEFBPBLyiv61N/HU1mJx7X95lWMcigMIGiBgNV
HSMEgZowgZeAFLs3jkfHWjTbetn4drZ1jtDkExdFoXSkcjBwMQswCQYDVQQGEwJV
UzETMBEGA1UECBMKQ2FsaWZvcm5pYTERMA8GA1UEBxMIU2FuIEpvc2UxDjAMBgNV
BAoTBXNpcGl0MSkwJwYDVQQLEyBTaXBpdCBUZXN0IENlcnRpZmljYXRlIEF1dGhv
cml0eYIJAJajhBdO74pMMAsGA1UdDwQEAwIF4DAdBgNVHSUEFjAUBggrBgEFBQcD
BAYIKwYBBQUHAxQwDQYJKoZIhvcNAQEFBQADggEBAF3W+SNF2npRi8b+S4mZgTfv
JwOq4O2N7NC/bkwMY2q7276dbfjQ2X2JeOMfxjvbrh729FYA3fMOK/hwkfHs+AIG
wfOQkrMljVQiuAdLoe5cXBesYjcoX3ACtYAJlELP5vBw29/RlOF91XBBGku1c+xM
eHG9m9Rj11cw/OvSu32cTrnC6rabRkdG0I2OUfnd7Yh1LRg7eUvO9nZ79S9xS6Qd
Bvg3XtmKQlx2o5U28JvuWlViEiqUTv43iy5FWiEcR/3eLwE+d7kkpmZElTI3LE2Q
k7tqsx1bnAw71nDTejlGSCu6XW7YO4PLz2dbDC0uTP8SHt9ydbPPnYPO6fT0PAI=
-----END CERTIFICATE-----
Fluffy's private key for user certificate for example.com:
Jennings, et al. Expires July 18, 2011 [Page 51]
Internet-Draft SIP Secure Call Flows January 2011
-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEAxqn/suBjGHoFuZoxwDO71AXbpN8yaEF+5WwTzfIY05v6f0WS
ZhCj8k3OQN0e3xNDttnyy0SghRFR0rD3n9I+r819y6vA8ADQfuBF1ZFFeiVz1giA
5spzYeEE0xH1bxAAqV2nrNrZdZIUB72BJnmQS5mq2FTlNGpPYeXoIkeW8eJc5aMJ
QyJ7pUbYj9/EGO11FwBobpUW6MoVTCX2LDOGDnoPnZql44w+/8UyCCW7Ugggi5VG
yVLaehVG64uOoiK45++g5cJZg8iL9zMO94C3ESesPiw3omcsIjtVkKb/wN9j0SDs
bHxhLrXQKNcJ7TOmIp0A3iG7fFPRn68gI/TdUQIDAQABAoIBAEwk1lOaO4EjK9SS
rCTt7zz5rdEIl0psaBXJEeIqu6dHroBfixhBooT5m2czGWUI/jg0WyHbwOaf18u4
doC0VcCOM3v/7ahPt5oZncqYrpd9iWNsyPMsf4LxeybnSDn0WTyRH/ZZv2WXwsOg
t8Kmb076rAfUqjEn2hs8wnd5FvrISfWG2yYuht06+Tu/0OEk/DJpP9AsEcoHbWpy
tsHaPfqGiD2HEViOTXqBQ2GGJE6p/WpJvqQXDJTRkkXjuQCuNiah+p3DsUbtKkYe
YdAWhC4T/Lmq9QQiWEiEjRcFYQ45LU0jGbtqOIPOlPpq+cxlXHUVwgE6XDSC090B
YgyEL8ECgYEA8HsDj/aj28rBbiMduhAOLgVaiPrR4d9Lp5N22S2R1OXqS65cDGnU
zMjRlSBak/aLwxcFv/lGpHwoJxr13GHTid2/7h7/R8pN+USjtvC8qVAOPYujAsX6
gcl53WGo8mSciIEN5L6TpwMknP3F/FYANalyuUpkKr6dIGbVCrrbGskCgYEA03wi
QRpA/vvB21GbeneyIDcGmRX7TTCd5TfH4GFOPFNZtkw35RHOyMh6f5jN4Gf828lC
rvqhgmYaI58n9Jf8CHoOlWrXgLQadxszD4T2s+PPUmjLKKkwLLe2JpWtUxrUVbg0
9XOid8MdFybeQapUJ9BKPTufBGAAqIUvAj3LakkCgYBjWi9Klxdzgv0PR6rMaD2z
fbq9xQJZUyuqfB4p883AK4z034BgEIk+YelUtx007DMp0qUpfw9UfYcJQPY6qp/+
4YKeGmhVfJtiVJ1ew27udIitnLcoOisY2+hhMivemPqi2s6mpqXR5laGFcJqUg2c
Hfmr27QuhLnd3R4/ZJuJIQKBgAg0xeN+0EzUmgYXmY/b+yZy3CeuiazKGSZezruv
Kuj+VvnS5UxXL43s8Yvn8v0lK9OfcJ33jbLQoW0GbPd5ukbd7Zjwp2IQGwLKJGYS
w7vhOBc7h76RKhRiIIhIwIv7+4dD+ZIYpZI+GO/gCznDETbmRysvGBGEZCIl4NgW
a8E5AoGBAIzBmJ4ILr6D5ap2hXPX97FGjatcs8jl7UHOOBIKEiPJBKIwsw/n/07W
+JWtSwMAUKepSVMBJZRSugfmryO3O4dgIy4eGIIGtkzzVW/CJ+/P6f8uBOrpBr0z
woMp543+fuBjpu5B1YLP/9EmZuQf+98BCkk6uUmYekIuVNS4sbUl
-----END RSA PRIVATE KEY-----
Kumiko's user certificate for example.net:
Jennings, et al. Expires July 18, 2011 [Page 52]
Internet-Draft SIP Secure Call Flows January 2011
-----BEGIN CERTIFICATE-----
MIIEqzCCA5OgAwIBAgIJAJajhBdO74pOMA0GCSqGSIb3DQEBBQUAMHAxCzAJBgNV
BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMREwDwYDVQQHEwhTYW4gSm9zZTEO
MAwGA1UEChMFc2lwaXQxKTAnBgNVBAsTIFNpcGl0IFRlc3QgQ2VydGlmaWNhdGUg
QXV0aG9yaXR5MCAXDTEwMTIwNjIyNDM0OVoYDzIxMTAxMTEyMjI0MzQ5WjBiMQsw
CQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTERMA8GA1UEBxMIU2FuIEpv
c2UxDjAMBgNVBAoTBXNpcGl0MRswGQYDVQQDFBJrdW1pa29AZXhhbXBsZS5uZXQw
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkdtivi2PlG4flNHykpe5V
BNZiM+syZv0FInCzH0E1eWYfD34esCKXZaalQJqLzxPudFZ18uwdJ8+H7ToHQM2O
nsdfY6rBh1/51ee2Au9L2qxy2kHoRPXARmWWh4Wa1oSzBWBmWJIuof9NQbkoVnER
ikFRzDiaMvG1uh4gOTpXhxch18BCUgopUkksYheHHDDcV0CcZXmH49mo+VbOs55S
S4kWkamP3R35hOWGIBYhRa7/XnBU8Xq+7Qg4SYjy41ZTSE3l8oaayfqf8SHWOQO+
hFlHm6BlYOEnGMX4Fjn+XWllJ3GinsGmrXXJvDj8Y4ux5SxYQvzAxssF0ZeMFDPt
AgMBAAGjggFSMIIBTjBRBgNVHREESjBIhhZzaXA6a3VtaWtvQGV4YW1wbGUubmV0
hhVpbTprdW1pa29AZXhhbXBsZS5uZXSGF3ByZXM6a3VtaWtvQGV4YW1wbGUubmV0
MAkGA1UdEwQCMAAwHQYDVR0OBBYEFKSdwO/x+f3jTWmnSXlr2GWtXYgkMIGiBgNV
HSMEgZowgZeAFLs3jkfHWjTbetn4drZ1jtDkExdFoXSkcjBwMQswCQYDVQQGEwJV
UzETMBEGA1UECBMKQ2FsaWZvcm5pYTERMA8GA1UEBxMIU2FuIEpvc2UxDjAMBgNV
BAoTBXNpcGl0MSkwJwYDVQQLEyBTaXBpdCBUZXN0IENlcnRpZmljYXRlIEF1dGhv
cml0eYIJAJajhBdO74pMMAsGA1UdDwQEAwIF4DAdBgNVHSUEFjAUBggrBgEFBQcD
BAYIKwYBBQUHAxQwDQYJKoZIhvcNAQEFBQADggEBAJFQco7QyfgyrK8+fUpsI5PH
zgey97huhCIN07H0XI7wUbGgXpBwv/IU5MT5rCk4nRpQUcCzGcKumeSqAkjdmHjP
FgyTBTlpx3+21vr9+980sw7HBNWV3tC8wzg1M8HJe8Fg9O1ESESwy0dLFcspAcRh
QNnA9C90ukcZjyObl44blQ9z9eUGlFePwirXF/g3zAf1CLiww6a6T4i0mqxFdQ4q
Kwy0iNpfU1MdRfOIr9Pv9dOLcaoijEFH9kugRBhNSVoVK2mzctJB1+XPDQqO2uwa
3FARkYFFxdNi+TktvaXxxO1S6bq1hurStsYOfHrgunPiLdRsF+JO44xYAxHPrwU=
-----END CERTIFICATE-----
Kumiko's private key for user certificate for example.net:
Jennings, et al. Expires July 18, 2011 [Page 53]
Internet-Draft SIP Secure Call Flows January 2011
-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEApHbYr4tj5RuH5TR8pKXuVQTWYjPrMmb9BSJwsx9BNXlmHw9+
HrAil2WmpUCai88T7nRWdfLsHSfPh+06B0DNjp7HX2OqwYdf+dXntgLvS9qsctpB
6ET1wEZlloeFmtaEswVgZliSLqH/TUG5KFZxEYpBUcw4mjLxtboeIDk6V4cXIdfA
QlIKKVJJLGIXhxww3FdAnGV5h+PZqPlWzrOeUkuJFpGpj90d+YTlhiAWIUWu/15w
VPF6vu0IOEmI8uNWU0hN5fKGmsn6n/Eh1jkDvoRZR5ugZWDhJxjF+BY5/l1pZSdx
op7Bpq11ybw4/GOLseUsWEL8wMbLBdGXjBQz7QIDAQABAoIBAQCUD0pT/zEXeQmG
lxH/SEKf15MJJaR/46e1j6PWHjUeZwRAwjnQdtEtax3zd42qf+p5qdKMrP1T4hs7
S54KGZT06Iykm52GTNFioefQPCQiLeNCIqti53I2fynFsovdMXKVmCmI+gPgZ4bn
jluarPdtywGzGh968pIYAE5OxDZ5xHrdP8VfgcClx31qxHSMtr3EMWiYBOfb2P77
sQW1mox7JzNjdpw2KNjMg+gBPW7J0dslG084MtDR5qMzLXtSsxYQsJjwjySXLrB4
d2o6ZpH7UTzvkxu6zzGfeX+wmDES7Gio/AuNrWMuTR+cZcs76g10nkHkPPPRj32v
/e6YRIsBAoGBAM98U6ln2C15SjjMuEn8x/xR000BPVBH650fQoJwuORqORWFqFTH
3aQZTHupmLojabBvlCx9vlpdbC9OfKW9Le+pW1F8T9o2MyEs4U82DmkLuNNd6x5U
7TRPMieQfTzbDdEMynR1Gf5D1wl95ZcuaGbSfIoJ64c/Eyh0G5WSMJdpAoGBAMrr
WEWCYZAmZfr7O9ay/zhG+EAR86SCKVdrV12okvagp18k2EEdFuk+Mx4h7cs/FIS6
P9mbasPjU/o6kmeQuuHW/M66D/5R+C7YJKxC24L7ZfSAVrqVjyXR6rfoqCaSBJoX
kgsxpS4tsUF0iC9RRehOZrJVAuaR1A8mb4OZGUvlAoGAEiQKpIshyYgLR0AO9NkX
GyaEVP1AwR4oqYosJH96iu4Go60V9KOs60YS+9TuN4gVG4oF6IXt+LSmWtR/7XXG
6GdkRpGZ4bhPbB0ibeyKAgE2XbSec/505tftyKvHZ2S3pol5wgjjBuojiP7q7fbu
xd6taNxJLYAESsssBj3L5dECgYBLwMQ5Xs0xVURpB/V012n0BnqS4KDGX1kzq3z4
GACVVbBmEokw9b0h4fiPXTc60xfD3QwNHroi2vD0z3zscNlziiDixA9IcC1ov4Qh
UuxD37pWJrs5+K9x/QXVFmP/0i8pn3cD+sqhjKlJuElG8N5aNTqdhKMKlJJH/Z9P
z43kCQKBgEpEVv4D7MDLxXMoEaPckayeGGSswbPgeb/u5Wy1PsqiaP992KrP62hq
K5uTFjRHJMuGKJfMFM/2HETJfllXSHWIMgnFz9ZRqcZ4AbLSreK2muzIKsHnusKg
DEMZo+gSRZbZrINJnxFhCgF0ttpVZ56LC2ftMmFzARzuP7e1Wu05
-----END RSA PRIVATE KEY-----
Domain certificate for example.com:
Jennings, et al. Expires July 18, 2011 [Page 54]
Internet-Draft SIP Secure Call Flows January 2011
-----BEGIN CERTIFICATE-----
MIIEejCCA2KgAwIBAgIJAJajhBdO74pPMA0GCSqGSIb3DQEBBQUAMHAxCzAJBgNV
BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMREwDwYDVQQHEwhTYW4gSm9zZTEO
MAwGA1UEChMFc2lwaXQxKTAnBgNVBAsTIFNpcGl0IFRlc3QgQ2VydGlmaWNhdGUg
QXV0aG9yaXR5MCAXDTEwMTIwNjIyNDM1MFoYDzIxMTAxMTEyMjI0MzUwWjBbMQsw
CQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTERMA8GA1UEBxMIU2FuIEpv
c2UxDjAMBgNVBAoTBXNpcGl0MRQwEgYDVQQDEwtleGFtcGxlLmNvbTCCASIwDQYJ
KoZIhvcNAQEBBQADggEPADCCAQoCggEBAJ0mJZ3y+ADOOo7lEfhqOw7KC3ysdMta
ecdSHOrMB4a3kzdqDioA5kf5epK4B8ksGpo0oOBjrUZu0oLMxKLNzqbiUdebzjmo
VT2xSt8n2I8CMwqEWqLs0bTB4Al5nwVquAg4gmvCDl3HT8Uhok81SlqWOtbyoFPI
/tfu7xsnBgj+JJYEIxl/ZU2BQ7B5R0O3ox8TWI7A5JKnPUSTTXTfIROUc0jwb8+N
oG0qZ46Cx8dWrxXMLcAOv0knCr2nf3HUXitu8sE3FgvkuUQpkfpIC0jo5zLUlhdW
uZq6G8EOX3gSJga0H3MNqo0X3CmJg/4IcYg9oc01SQH+Jt/HLKhE2eMCAwEAAaOC
ASgwggEkMCcGA1UdEQQgMB6CC2V4YW1wbGUuY29thg9zaXA6ZXhhbXBsZS5jb20w
CQYDVR0TBAIwADAdBgNVHQ4EFgQUq+m8DTeiRZDyu8ux26FJKIE8GtIwgaIGA1Ud
IwSBmjCBl4AUuzeOR8daNNt62fh2tnWO0OQTF0WhdKRyMHAxCzAJBgNVBAYTAlVT
MRMwEQYDVQQIEwpDYWxpZm9ybmlhMREwDwYDVQQHEwhTYW4gSm9zZTEOMAwGA1UE
ChMFc2lwaXQxKTAnBgNVBAsTIFNpcGl0IFRlc3QgQ2VydGlmaWNhdGUgQXV0aG9y
aXR5ggkAlqOEF07vikwwCwYDVR0PBAQDAgXgMB0GA1UdJQQWMBQGCCsGAQUFBwMB
BggrBgEFBQcDFDANBgkqhkiG9w0BAQUFAAOCAQEAjtkfGFJTKHe5CiYLDZTYP/oB
qXLyAoA8+QFcCoQ7822Gs61/05HoDLR2L+z2WpoW1V4Od+blO7toUSvYv2hcY0rY
LYRrr/Xi6ox1C+VVv131vLvu8GK83pqqxa5T1L2qpTtv840ALivI7M4q/A2OVI5N
AerACkSTAy2PlUUv3d8z39uWHyYSL7EX0vCrMbnLxMGu5lPBoBV5W6Kdrxe07HLC
nTh5Q8VYbraORLqHAyTYJKwSHL4WQjJOG6jDf6lwCxLBj5gsuSMD7qqYWkiPyDT5
vnPlXK5rorWMBA98sdKGluTA0fQRc1Xf5jx+F8aVh7Gih1CR185oJIbBPTXA0A==
-----END CERTIFICATE-----
Private key for domain certificate for example.com:
Jennings, et al. Expires July 18, 2011 [Page 55]
Internet-Draft SIP Secure Call Flows January 2011
-----BEGIN RSA PRIVATE KEY-----
MIIEogIBAAKCAQEAnSYlnfL4AM46juUR+Go7DsoLfKx0y1p5x1Ic6swHhreTN2oO
KgDmR/l6krgHySwamjSg4GOtRm7SgszEos3OpuJR15vOOahVPbFK3yfYjwIzCoRa
ouzRtMHgCXmfBWq4CDiCa8IOXcdPxSGiTzVKWpY61vKgU8j+1+7vGycGCP4klgQj
GX9lTYFDsHlHQ7ejHxNYjsDkkqc9RJNNdN8hE5RzSPBvz42gbSpnjoLHx1avFcwt
wA6/SScKvad/cdReK27ywTcWC+S5RCmR+kgLSOjnMtSWF1a5mrobwQ5feBImBrQf
cw2qjRfcKYmD/ghxiD2hzTVJAf4m38csqETZ4wIDAQABAoIBAHyobQCdYxOohBUk
KxwmkJCLv473cnJ5Y860GVI75OB9sN8tVu0E56dChHPsXei7/qJCizdUeng7ouu1
KWqH3ZzOPOPOqUldebjFccIRZp0SvpBiK0/Akh1UCbcabgWrAS8sPHDkb+b+Gw4i
PxGcEU5Ii4ZE0t+DunxqAexFCWmJigAqn+FfRP765ijjI/GOzw02xEemR5GblyMI
3P8dir9btXbevic3dBS4p9IkDfSQdgJc1MvscEa4RE76J8cpuRJx5/TT1YdBqn53
Yuit1vJ44ep/tDtSbOPshmqS2nZAgZZ7IhPnmkn803r9ZlOHMRomScnrNq+kLeRl
frEjgdECgYEAzi2vY7eqY+Ok+KVVR2ZqD8uxQXwiOep2n9mdNYXAtOBPEvekFGmD
oPO6NNY2sc+mbuPYNRsjkNBwvs2Amuc7sGar9vJ3KCGdA4J5WQfC2JO4QrSAw8xH
x3uQHA5nukYqZdFQzpQ87SyOPyQrg5lIsEdj8EWOjMspr7dhkfoqQpsCgYEAwx95
C1/EnZi4gy6CrNAEuinjDOborEhWY/pEvU1h2NI3L20a1UkG522Yu3vVDhIhRUmo
z46XOJmdGAjhJ+jGuEvC/I/1/dhH43QZ/+nnbNKq8hgAjsLYB2NalJLv5Oo7bOn3
99k6Ve3jpai7UMxKN+mmF4p0BtFy7pbRUrGFNlkCgYBi8CdfCa7ZWk87BlPC/JFe
3RdFXmUqN6oPESVQnsuXwKARcQaqyOtiXDL50eXTM9shEXMaINjTUEMaPJE/REEv
aEWTLk0h0+d93KmQoJnOxixAzk+QJcI4JsJDxGHgUHVeALDvQNFv2taz1A6RiwgH
l2qMzUQXqhJqAOzwWQTYiwKBgFHRq7cqRE71UEGpyh/e5myNzeiGFwDPIHKx6gsb
HLGHjJ51eLAA/EUk/st3JKLO1WaxeXj3SM/yEh6W8psCj/mNw0iWsUbtX0+wSoq2
MVW/jPERQYKbj2yhq8TrTG7IDX0hKtqiG0UXCMNZWpqJ34FMl1n9s6N8Rl5nnYS4
bayZAoGAbDehMmO3vOUa/XdDAwxXoSB1KuONGF0u+V8tbYLrPpRQRBm1hwnQgsRC
FWE1NvNEj8nku19CP9/iuOHSCaBEsZ0jKzGr5wTRa3XO19qmBjotDcby6q11VkUM
GrbwRHncPk3H6tNED+sAaeNcmEBiBvX1HW7iVN1SAM2jj1xv79E=
-----END RSA PRIVATE KEY-----
Domain certificate for example.net:
Jennings, et al. Expires July 18, 2011 [Page 56]
Internet-Draft SIP Secure Call Flows January 2011
-----BEGIN CERTIFICATE-----
MIIEejCCA2KgAwIBAgIJAJajhBdO74pQMA0GCSqGSIb3DQEBBQUAMHAxCzAJBgNV
BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMREwDwYDVQQHEwhTYW4gSm9zZTEO
MAwGA1UEChMFc2lwaXQxKTAnBgNVBAsTIFNpcGl0IFRlc3QgQ2VydGlmaWNhdGUg
QXV0aG9yaXR5MCAXDTEwMTIwNjIyNDM1MVoYDzIxMTAxMTEyMjI0MzUxWjBbMQsw
CQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTERMA8GA1UEBxMIU2FuIEpv
c2UxDjAMBgNVBAoTBXNpcGl0MRQwEgYDVQQDEwtleGFtcGxlLm5ldDCCASIwDQYJ
KoZIhvcNAQEBBQADggEPADCCAQoCggEBAKbPap6TpwWUVOamXmS8f0LCVAKz0F/7
kIb5ec82bNlDMBvAsdFU3NXDqjEToP7qFNSKC15NvspLKVke9qVrXh6C2HzGzU+E
YQZ/A+Z7ZThevlGHlDuIAjcwjF/Fl289B/grw944cjfEVEg1rj3x3mzyC3EQdNOO
7rUlAlQxq6ddWXtfTgvDItZUOiKBkj0Atj0cJLKzdHzB+hrKDgnX72sDHIpO5M59
QFjeKaanYnjZ8GoazJ6ZWLf4tQUZpwVM1ZkoVmVY/P34GCSm+AredDseL0o2591w
3OvKv7HSNtILyoXNaN3Of1WZlHbVG3ttVAV3mFc1BlrsE2mbgHl0ExsCAwEAAaOC
ASgwggEkMCcGA1UdEQQgMB6CC2V4YW1wbGUubmV0hg9zaXA6ZXhhbXBsZS5uZXQw
CQYDVR0TBAIwADAdBgNVHQ4EFgQUipA3w0Xx3/5B9qPT6PBlak3th6IwgaIGA1Ud
IwSBmjCBl4AUuzeOR8daNNt62fh2tnWO0OQTF0WhdKRyMHAxCzAJBgNVBAYTAlVT
MRMwEQYDVQQIEwpDYWxpZm9ybmlhMREwDwYDVQQHEwhTYW4gSm9zZTEOMAwGA1UE
ChMFc2lwaXQxKTAnBgNVBAsTIFNpcGl0IFRlc3QgQ2VydGlmaWNhdGUgQXV0aG9y
aXR5ggkAlqOEF07vikwwCwYDVR0PBAQDAgXgMB0GA1UdJQQWMBQGCCsGAQUFBwMB
BggrBgEFBQcDFDANBgkqhkiG9w0BAQUFAAOCAQEAxOpZXrdpZMLbA1GgFI4Sj4a5
9qtrweqFKFY1X+mUWvuBVpcClUgTC/sbE1kngtY7p8icF7NSbQhT5+UYwwUI0d1U
+J0K2JFF+5t5db54CMVGniMIfw/NAqA5u1kX4+N90FF4DpoG9TKwxu8Q+zfWVCag
VDMg9uYx90eM1v+Qk6LWbnYzG+ZA+VuDq+ilRw4eTqX4urTmprudxzpI7FZZLJDs
1KNBGGza1anbrdD0X7NoKaY7i0Pu2Vz7JmNFa2xC5xrswOJTho8eL00g+UXCVu4M
d8aD/tpKbGVHgjwfoorD+lDLogtnDcqTXkEnw4MM77AYScc9UQtIcODm8Y65Lw==
-----END CERTIFICATE-----
Private key for domain certificate for example.net:
Jennings, et al. Expires July 18, 2011 [Page 57]
Internet-Draft SIP Secure Call Flows January 2011
-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEAps9qnpOnBZRU5qZeZLx/QsJUArPQX/uQhvl5zzZs2UMwG8Cx
0VTc1cOqMROg/uoU1IoLXk2+ykspWR72pWteHoLYfMbNT4RhBn8D5ntlOF6+UYeU
O4gCNzCMX8WXbz0H+CvD3jhyN8RUSDWuPfHebPILcRB0047utSUCVDGrp11Ze19O
C8Mi1lQ6IoGSPQC2PRwksrN0fMH6GsoOCdfvawMcik7kzn1AWN4ppqdieNnwahrM
nplYt/i1BRmnBUzVmShWZVj8/fgYJKb4Ct50Ox4vSjbn3XDc68q/sdI20gvKhc1o
3c5/VZmUdtUbe21UBXeYVzUGWuwTaZuAeXQTGwIDAQABAoIBACdfe+4UMe86NNQA
XvVuHKe4ULYWlU+ihFmnlx3W3dhmaHuUfyRG4J1AQvK0jGK/A82rC8XlmewL06Wq
jlM7RYr0HX9OOXXUbEZpQpVreNfWXRvHYbCviL5YIjoU3IqwICpuwhu4vRT2rWIh
8Y/DgFm8xACa/shUy3lMVAFle/vTxlAuLA8eU7StYCsw8a7ZBqSWwWhbRQXAH6j0
KYo7g37SP+3GnxvvLmEARpsK11ymQLWfIqtO4lF1I/ODW0Jc1YPzF/i/wcfy1VLd
IySx84qqOKmwA8aRvnjeiLnyii0Qo99Dc3nQH34uK8YyBeq1/00JNBKwI1kO+W0l
oUTindkCgYEA01mNxZeU5KhZy9n4jHkJCoO4YxXRJeVtq0HUO3Ht7NP7LtRtbmnZ
L+ha7vtftJo/H8Mklj0xMBaHw3W6J0NTtYB6fcViEVvRpohis13ol/LcpP57/y+L
yEW6E9q811mta8hUhhmjhjQdytv5IT9taze+7y6I1HGN17xlW9JOmOUCgYEAyg0G
TfbMG9974aN86RsN56OFhEvMUscawnFMf9L+c/JWV8pkhIiUvATVHwsLAMXnM0mk
q2jHVunFMF6/Dt0QDE6els+p9S/qz/qn5P2i5TEse/L7YITk0K/6Xp0Ot9VDMoFx
XDd5FJj1PjikmhZ3qM6jxhrzKE9OVnv+P+JpO/8CgYBIWbjZsnlrCWKsETMvy2NX
8R2W9eoCIhc38DIaI3dCgpLTRi8sBBowd0dh1jW+GquPUPteXxZOkvfo5o1SUY7/
bDsCgSaAMMGFU90N8BDmq2HzLZb/FaSxa4U2tMO+qNlgM1UUDwTWtVKZllIjmpX3
hT7cnD6FE1ZuSvUbyNPVLQKBgQCMmbWqaTQtrT3CjYbtm5L4fzT5E9nyPHUlm7v1
Mzk4LAnje4apJ3YAxIgd2wxkFFNHwFZjpT0aAQDkIPpo+HIjbk4zefy2DwsigTV2
Rv2k6awf8Lz2tGOZyOu8DSThzfi924+r8TpDmBEIpFf+leXcxTb4M2bDxTQpQI1z
nTVHtwKBgGQPfSeoeegQEg4JwWA4gcxc7IFn0zppj+LZMI98Teyga5S0P7ju4SC9
mPD0N9TriE6nW6+Zvf/9JDC+gjwXs2m/ueq50HKYxHaeG4NGknuJg09HpgD1f37R
UVhWNjxpG4iU18Rm5UCRP3HwEJ06DWFFty+7ZKJtSkTZFOH7NdUf
-----END RSA PRIVATE KEY-----
B.2. Certificates NOT Using EKU
These certificates do not make use of the EKU specification described
in [RFC5924]. Most existing certificates fall in this category.
Fluffy's user certificate for example.com:
Jennings, et al. Expires July 18, 2011 [Page 58]
Internet-Draft SIP Secure Call Flows January 2011
-----BEGIN CERTIFICATE-----
MIIEjDCCA3SgAwIBAgIJAJajhBdO74pRMA0GCSqGSIb3DQEBBQUAMHAxCzAJBgNV
BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMREwDwYDVQQHEwhTYW4gSm9zZTEO
MAwGA1UEChMFc2lwaXQxKTAnBgNVBAsTIFNpcGl0IFRlc3QgQ2VydGlmaWNhdGUg
QXV0aG9yaXR5MCAXDTEwMTIwNjIyNDM1MVoYDzIxMTAxMTEyMjI0MzUxWjBiMQsw
CQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTERMA8GA1UEBxMIU2FuIEpv
c2UxDjAMBgNVBAoTBXNpcGl0MRswGQYDVQQDFBJmbHVmZnlAZXhhbXBsZS5jb20w
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnWAqXQ7NkLPjAssXP8c3o
zMed3haJ8gwH4r+N1Pm+3LuWk8LJ63Vq/+gjlel2RxP39rkU/HXa+nqHqiH+M1E1
ic7hpmEHM6Gm0Tg43aVQBx5qGzneMMfdXJ9UARSg/Vb+U0AlvyWbwXDh3UZvIl1E
EVOJ80h8F8B34PcUbzZ5koaYcBV/GMWkihT6++mgTT+U1b0icP3+Jz//upaOYQiI
pGKo79p0b1yESS6jFkPEbiFJEQssroWIZWIYkY4qkbFQCw60pN+S+zwI/vBDFCea
9sUpwkCLdsVwMpqjDSseJHtzfqBAD5bEjLPJ8vGaqmPcYwFamsZ6ylJqxGizO1il
AgMBAAGjggEzMIIBLzBRBgNVHREESjBIhhZzaXA6Zmx1ZmZ5QGV4YW1wbGUuY29t
hhVpbTpmbHVmZnlAZXhhbXBsZS5jb22GF3ByZXM6Zmx1ZmZ5QGV4YW1wbGUuY29t
MAkGA1UdEwQCMAAwHQYDVR0OBBYEFI0hoK+Qsya+/kfcfP+YSiT654kjMIGiBgNV
HSMEgZowgZeAFLs3jkfHWjTbetn4drZ1jtDkExdFoXSkcjBwMQswCQYDVQQGEwJV
UzETMBEGA1UECBMKQ2FsaWZvcm5pYTERMA8GA1UEBxMIU2FuIEpvc2UxDjAMBgNV
BAoTBXNpcGl0MSkwJwYDVQQLEyBTaXBpdCBUZXN0IENlcnRpZmljYXRlIEF1dGhv
cml0eYIJAJajhBdO74pMMAsGA1UdDwQEAwIF4DANBgkqhkiG9w0BAQUFAAOCAQEA
PlzFnchNCY8HE21bWZxYX20lENZqv4Cnmwcgdlq1iHCW/r+aUty6f4PvYEBULPxv
70HAW5v2KTyK4p9JOk+/59+60piLp4Fq6P0/T8D9oIJUPm2W0xqvsyBzcQEI8fq3
GZCc+P/4J2B9T58sD4wROMkThhSiCsIkqWMGxV2RZBUQZkgPkAWBHmueEFO3p/9m
7de94Cw7I8Wusip2YIbMzekraVC2soAjL9v5BV5sjflU6g94mBQ4LrfPGHIQLXL0
i84PwSuLJRtHLxfbF6Rv13t3s3aRyi3rOz9CA7cqf4ZhKdknek34WmDAFh0nRfZS
B4J1D+Ky/GluG6T4vqKHPA==
-----END CERTIFICATE-----
Fluffy's private key for user certificate for example.com:
Jennings, et al. Expires July 18, 2011 [Page 59]
Internet-Draft SIP Secure Call Flows January 2011
-----BEGIN RSA PRIVATE KEY-----
MIIEogIBAAKCAQEAp1gKl0OzZCz4wLLFz/HN6MzHnd4WifIMB+K/jdT5vty7lpPC
yet1av/oI5XpdkcT9/a5FPx12vp6h6oh/jNRNYnO4aZhBzOhptE4ON2lUAceahs5
3jDH3VyfVAEUoP1W/lNAJb8lm8Fw4d1GbyJdRBFTifNIfBfAd+D3FG82eZKGmHAV
fxjFpIoU+vvpoE0/lNW9InD9/ic//7qWjmEIiKRiqO/adG9chEkuoxZDxG4hSREL
LK6FiGViGJGOKpGxUAsOtKTfkvs8CP7wQxQnmvbFKcJAi3bFcDKaow0rHiR7c36g
QA+WxIyzyfLxmqpj3GMBWprGespSasRosztYpQIDAQABAoIBAE4NmqMDSOEouL3o
pKthNZGoMlNIC2s8IrBq6r3U4MhNXJHXSbu0v4ew5S3z9njcnkvCIIHRX4dL3Wr5
x/ExLmeyZ3SIjik1w+hzHa4oc7roFx+Wo18nkZGGaipcdqrAf5sQaZMxnPERQP2Y
oAmmFapyCm0FtIFs8rD3lUdKuDXriPj+p8adcXeJrKixlJSjK1ct+KIEP+GK53x8
0c5+v2mUopfY4bFxJtQx0CwXQj0DQtn7y9gtKP53pyUDwE6/MBx3IxssIaBIz4ke
DgSZACdYCmCnyWCjsfLhkhvapm6+8nM3RxtFAdo3OA5EUte4+YpGHGCrHOkumdu/
QuJ1MQECgYEA1lCm83NUJPyh+QvmKNMT2gLcNJGkMUlLr1izBn0es6y7e0VRCgOR
wcC1KKx2IlW0OqO4yHGKGH0+9zSd+3ZE+9SjsYrL0p0zmgl3jtevhKm1KHiVHj5f
opgIOF6+SEED2QoeLWyQHzYATtQLXRjIL+rihDdct//IvY3ii4QJ37kCgYEAx+SQ
g1mkqzMraDmaB8SEO+CvxSHPZYw7xAuOx4OeznU8FKRyC+pxiMOBfsdUXqIRVa9W
vOcEhmfNmRSAOYJBmMa3S9vNJtn0hejnVEQBo/HKaG19cqDc03anXFNXxx1mkgvE
Dixv4WuiJladAHl6E8HNWNW609I1WHpRj7hWfk0CgYARyiARlUEm0NGhGpvAR8Ue
E56zvmMitDLUG0jBASHLSEtHsDlJ24H900E2XxpvPy32sCBmgwYzgjH30yZJ+UdA
oCX2Vs8UbHgcES0bbkvjdzLSaS/3krXdiUElbLfex4bKPUzD+H7+GD1uTaujzqrP
T2/+CZpoq5K+KUjky9EGAQKBgEpa0Q6q97/fBtR8KLme9fk3+OoBS55gbZLdIb1B
Tn9JyJF9IhcgnB7danv4NYAGFSCkWkVmQZ6lWisJHzFFLJVhxajoGAXNqVFucy47
JckQFdSGddV/1OSsDFEhh1M/snm8+q6zBOL7IJPWQAx/I1PaEUJsLlTAqqtAxLoL
PdE5AoGALjb+pyL6ZZzpawX3BbM6AKUYr3nITsatHkRFdko4JYQ27Wv17//947BL
NJxJrw411nv8O32O/A2PEd3tSOZAAl4XWgzDN2SSBIllIjkbQG02gdd6EalFZ4jL
LkjFYQOJdaurKaTZaOqcb6QQWlrplz9zbZhsXBJmNm+MO7IJWXE=
-----END RSA PRIVATE KEY-----
Kumiko's user certificate for example.net:
Jennings, et al. Expires July 18, 2011 [Page 60]
Internet-Draft SIP Secure Call Flows January 2011
-----BEGIN CERTIFICATE-----
MIIEjDCCA3SgAwIBAgIJAJajhBdO74pSMA0GCSqGSIb3DQEBBQUAMHAxCzAJBgNV
BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMREwDwYDVQQHEwhTYW4gSm9zZTEO
MAwGA1UEChMFc2lwaXQxKTAnBgNVBAsTIFNpcGl0IFRlc3QgQ2VydGlmaWNhdGUg
QXV0aG9yaXR5MCAXDTEwMTIwNjIyNDM1MloYDzIxMTAxMTEyMjI0MzUyWjBiMQsw
CQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTERMA8GA1UEBxMIU2FuIEpv
c2UxDjAMBgNVBAoTBXNpcGl0MRswGQYDVQQDFBJrdW1pa29AZXhhbXBsZS5uZXQw
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRSzOOvy+ileQ+vlg50lmj
LG2ZtCBwMwzoxV61qi4GYW7Ycj1Po4rGZj6SbPXBl1kOEVWLeUk6kcdw1VCx0Qy6
DhMNfdOBC/iEKGClhTs+hsV9TYl8S9gyPWPPkny6C2LSsnZlN2CAlftvj7YzMOiT
bcHejcvsA3Wa0HyJbUlj80v/iqf5e+6x2qlvEsCBfHmBQcybJlJLhIUcMTRsEo6o
pEC8ZGNzHLfyH+MFZeGkte7+n1M7PSLCywQ0ZHy5hZQd5G3xoM5FRB/MzZumLCEn
NbVi2K9tBSbcEExKPwgiANwoBG5r9fPoSUibZk/DbH4f79L+wbI8z3EjiAEqib+Z
AgMBAAGjggEzMIIBLzBRBgNVHREESjBIhhZzaXA6a3VtaWtvQGV4YW1wbGUubmV0
hhVpbTprdW1pa29AZXhhbXBsZS5uZXSGF3ByZXM6a3VtaWtvQGV4YW1wbGUubmV0
MAkGA1UdEwQCMAAwHQYDVR0OBBYEFEDMGZkS331DpFqfPXUoAIYcVUKVMIGiBgNV
HSMEgZowgZeAFLs3jkfHWjTbetn4drZ1jtDkExdFoXSkcjBwMQswCQYDVQQGEwJV
UzETMBEGA1UECBMKQ2FsaWZvcm5pYTERMA8GA1UEBxMIU2FuIEpvc2UxDjAMBgNV
BAoTBXNpcGl0MSkwJwYDVQQLEyBTaXBpdCBUZXN0IENlcnRpZmljYXRlIEF1dGhv
cml0eYIJAJajhBdO74pMMAsGA1UdDwQEAwIF4DANBgkqhkiG9w0BAQUFAAOCAQEA
E7CDtfPvcTa8bcfnkqQ9+26qTuiL1uCEyo3QnnrZl1+miN3DZvsmckgUn64vkKQ5
w9bPrckyhtJrY2WGLnQ7UGvUItK3asv22cgN9JaAMZfJeeH0jOJRtH6oDeWuDcgV
2hanLeJYeZU3p2scV5r1ph3xpRG2mOCgaFKhT1zxP7j8Teya2m/k1IKjZyV/khPI
nn/RMK1H56zoeqhQt3Xx//xxyxnZcqbyDOdRsnwGolm0V6s1qFy7BHq/1uRCAbyn
fHcPfciTr+DR7GC/HkgVrIcZdy0gxsc2Vnbx8JQ8KqQl1gNIHo+QmYbBv+MhSqcA
dhkXD+SMLv6W+eO16uneCA==
-----END CERTIFICATE-----
Kumiko's private key for user certificate for example.net:
Jennings, et al. Expires July 18, 2011 [Page 61]
Internet-Draft SIP Secure Call Flows January 2011
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEA0Uszjr8vopXkPr5YOdJZoyxtmbQgcDMM6MVetaouBmFu2HI9
T6OKxmY+kmz1wZdZDhFVi3lJOpHHcNVQsdEMug4TDX3TgQv4hChgpYU7PobFfU2J
fEvYMj1jz5J8ugti0rJ2ZTdggJX7b4+2MzDok23B3o3L7AN1mtB8iW1JY/NL/4qn
+XvusdqpbxLAgXx5gUHMmyZSS4SFHDE0bBKOqKRAvGRjcxy38h/jBWXhpLXu/p9T
Oz0iwssENGR8uYWUHeRt8aDORUQfzM2bpiwhJzW1YtivbQUm3BBMSj8IIgDcKARu
a/Xz6ElIm2ZPw2x+H+/S/sGyPM9xI4gBKom/mQIDAQABAoIBAG9e7w6U2gpQbOae
b2BFeQGFkMTrvx81azcqX92Xs2odythO4iVQx3YPzlgotxXPLcp4mubfIYKTNGfs
e0ZEEdunxae2Pyg6cIIS4mrx3LbHDKxC6FhGG8OQO16nesudZ3brFGmD8Ew8g1G4
TaIr8ncRPsro9YyfwqMhMkQG7bjLNcArDV8QiFduJFDKHSTfQjMS3V9p0SUFwGFy
/t/1IsEWNvcTO5H3flNOgergiPNx30prMD+vhgWJXPKDuKW0mIfmogFheDZXOMvZ
XvKJoNHzhSmB4mToADbTFXRXCTxeGgE7ZKqldPlHNBw0TdBpFdu0vrxkJV+t9CT+
RQPYdCkCgYEA+D6SGuR7LPMHa/6wGHRXaIZXDTTRbbTA9M54/+aByvSgSdUgTkyV
c76GLjal3X2eNGHHi75fJtpTugrMZ4EnRrqGS8U3Tip081zUy2m+sfT4eHUDACDT
kFOzJA+brPz9VLpZZYL1boNtDicMp9qN1RhDw8arqcRj9bUdPK9Fh4sCgYEA19Ub
oN8quH8TKi9QbDAc7Mm59T/IvW1qGXacpU/noRUvSfnhazCExLeFhmd2gfF8GbeA
Nt6LWCxMdd62wi+uubQ9N+qkp6SoRi5FdZQ0F+sTaslI8wgr+LOITcYQYibpnRLe
L4WjIqQuESy3bQ+uTDVMK/yAm3ZLxYWCBdelWesCgYEAzT6me/eWY8aXx1Fu9PkT
38baqH+X/BVrR7yCTEmf3Fa/Q+wjZrlpA6ZtuD3Uizk2GWcSndaLQ0tV2EbfU2B0
QcUsDe+D12vBAAkrovbOBMJewPE1xuBdK0IYpeMFulP9fBUKnqRVGcct3nqouws3
Iw2J0Y8sFRPb9aWGA8uCOBsCgYEA0M7QB/dgMVZfiDR2LfTuRvdy/R5Ua09rkm76
ZcTEZ0dDlOI3f6hVCqwydjGqqVSjp42scWkkjo1s+6wYTA4tkGQbxfkwiy/1zM//
Sx2yuGEpS+qotNd3Ewk+GWBBgXP8F4alhnxXs6/7EYqdetns2rXFl9iV49GyxMnB
XT2gLzkCgYBfcLwsNYCw5YChZSexQgP/VYDIFm5PAITnGYCVMDLMaPdeCV/IKVWN
UKqlc97IyKCmLy0RYzXpYiY1sw5Vdb63mb243AjIOxZiaHMjfG2Ke6+Iz5CfuIoD
3uxlgFG/hCv5HAjOPkYopkB/eOtHbvKh1Ud+zhyCjnnxiQKawYtL4Q==
-----END RSA PRIVATE KEY-----
Domain certificate for example.com:
Jennings, et al. Expires July 18, 2011 [Page 62]
Internet-Draft SIP Secure Call Flows January 2011
-----BEGIN CERTIFICATE-----
MIIEWzCCA0OgAwIBAgIJAJajhBdO74pTMA0GCSqGSIb3DQEBBQUAMHAxCzAJBgNV
BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMREwDwYDVQQHEwhTYW4gSm9zZTEO
MAwGA1UEChMFc2lwaXQxKTAnBgNVBAsTIFNpcGl0IFRlc3QgQ2VydGlmaWNhdGUg
QXV0aG9yaXR5MCAXDTEwMTIwNjIyNDM1M1oYDzIxMTAxMTEyMjI0MzUzWjBbMQsw
CQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTERMA8GA1UEBxMIU2FuIEpv
c2UxDjAMBgNVBAoTBXNpcGl0MRQwEgYDVQQDEwtleGFtcGxlLmNvbTCCASIwDQYJ
KoZIhvcNAQEBBQADggEPADCCAQoCggEBAPXQypMGzF6lwEjhD96RuJBYfc/pw98Y
cR1IVQhNBqzHQYvq+Q4FO+MdpNk/AFv6IRNTMr+v5NN6TK47CWeUqA9XuXiACFw2
ozotPePHCEqvtUaxtUvxqmhkkUB/QiZcTKk/eEDQsDSgcsY5HJ+iE7VEFhu5J6dF
gKdhn8RsNngTPTMwF/3yYuir1SjPCKTGBgikG0ZBqob5dmZ2SMovaCq22vkvO0x8
ZyitT+nmvAC3ojlhXohzjAjzhmW/okAy835eDFT720jrf0TMoPUXSj/NXXJNEBZP
V7rIB9WVb9I4FP3tSsq18pZAEarCxaunMHk6iI5p84m7c/4x9pliaKUCAwEAAaOC
AQkwggEFMCcGA1UdEQQgMB6CC2V4YW1wbGUuY29thg9zaXA6ZXhhbXBsZS5jb20w
CQYDVR0TBAIwADAdBgNVHQ4EFgQUagjcipLzTuQKrLLsrLLfkHFwfekwgaIGA1Ud
IwSBmjCBl4AUuzeOR8daNNt62fh2tnWO0OQTF0WhdKRyMHAxCzAJBgNVBAYTAlVT
MRMwEQYDVQQIEwpDYWxpZm9ybmlhMREwDwYDVQQHEwhTYW4gSm9zZTEOMAwGA1UE
ChMFc2lwaXQxKTAnBgNVBAsTIFNpcGl0IFRlc3QgQ2VydGlmaWNhdGUgQXV0aG9y
aXR5ggkAlqOEF07vikwwCwYDVR0PBAQDAgXgMA0GCSqGSIb3DQEBBQUAA4IBAQBi
FmTqO1oubNqemX+2FuF3YhkXMIzDEH668rel+NP2B4ypYJhA4tz+v2CWOAX3ZZQB
Nwkw0QcH4Fj0Ux1U9AtggSCcX7hSQ2r2k2EWM45wfzI6Nfrm+eWntGSTj9CQMSwK
XrhLhQB1o/7E05zuMmbmslZE+Nb1/W7HkDexwh1r0hzYLh+dUUAjbd5tGXo3tRgB
nU9EGfdMgbIMEP2iTc8rZoIcGIvDgd+2GrOLVL/1ZAGCZTu9ZKD0SHSmQkiY0hBk
sWDOjCnj2BFumv5e0cG3ny79ow93aHkbF5nSDpk1Os3dodkaPJ3oimtiB1J5r2Se
quV9K7j+tItHd7bapwBt
-----END CERTIFICATE-----
Private key for domain certificate for example.com:
Jennings, et al. Expires July 18, 2011 [Page 63]
Internet-Draft SIP Secure Call Flows January 2011
-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEA9dDKkwbMXqXASOEP3pG4kFh9z+nD3xhxHUhVCE0GrMdBi+r5
DgU74x2k2T8AW/ohE1Myv6/k03pMrjsJZ5SoD1e5eIAIXDajOi0948cISq+1RrG1
S/GqaGSRQH9CJlxMqT94QNCwNKByxjkcn6ITtUQWG7knp0WAp2GfxGw2eBM9MzAX
/fJi6KvVKM8IpMYGCKQbRkGqhvl2ZnZIyi9oKrba+S87THxnKK1P6ea8ALeiOWFe
iHOMCPOGZb+iQDLzfl4MVPvbSOt/RMyg9RdKP81dck0QFk9XusgH1ZVv0jgU/e1K
yrXylkARqsLFq6cweTqIjmnzibtz/jH2mWJopQIDAQABAoIBAClI8uz0pFh1IDFd
U2v/L29W3XKRAWuz0DOp1VY6kZdtM84LHd9D88X2UZyHH0lTXkC/pXNaWGVIUh6l
HbQ+3GcPRcA+SKksKAf6Vz2tTPA2SIziBeAGa6dy1I5vkS2eLOX0Gf9QzXdZR02R
hAQvlX3JPKlVVJqcaroyBEJaJl/ODyKEEWn5s13sjV1OUjsTtWJp56sbkQ/6tHaq
T/q3jLviNUyJJWnbXNMSMTo+L+kg9ezLngJp7QHjemk+/GcrZHMZGEiydFlVkE8R
egBanpVFve7OB0zeYRFI+2dSnt9/M7OwEp2abBj4iGCOlrNvvrJ0cp4US3cTc6U0
z2kvMGECgYEA+6+fw6RNCmrJRXE/cMqMq0d/gzlDeZ8iQ7Esx3yvMprI6nhYR/CI
gsYAEz4SkRYeUggMLRF2VEHzM3jIp0ClucpxN9gPXk/rgew+wdzDUHxchuSdYUYO
W0c6ji7TksrCFckYRqOyEQ1MYcQHUYSSt4FdXI1lHVSosv/DGOGtxfkCgYEA+gdo
g3hAKm0wDNMg/T9rsnsDeQY+H4TuGMpLU9Uy0dJ4wwRIeUc8L2fLBgFEzV2cwRGw
fDEZvt0btvzXN+JGUiKwoS+S8a+To6YN+Xk0w9SwyulqmriVsWfmNiBlStO7yhCI
HlM6Q9ZLCSnDK1rRiHoDDq/N44x6fZ+lfA7E8w0CgYEAuRA5HIUqNNeyaUJNUKVO
6/5lr1qi18IAUt/rOj/fHwmbZHTbDQK7jdUDZyLESjSGVPEf6t+lL21S420TtY+e
jE9kEpjnLAT9+Yl519h5MSxQaMufQVBe7BUi5DtgTNaUAardE8v3+fvaRyT58KHX
s+EGgjBhwkBmzz+q+BexTBkCgYBIbOzxaFvt7kME9AOSWFSyFsAixpQoPTFbLP41
AoT+EqG4m/0CZIgik0ZULvnnIz7NDnq4/uAeUZ49m3AcWAdWs4XGqyk9qUZzGR7j
LSEDuRCdNpAS0XVLNnWRKEEvM7YqCi/j2Of/zotd1CMc4+neRrmr/3D8gSzaRuyA
yyZx4QKBgEsfARDm5ldHF4Eatn0P7p+KpIKaaRELwklUKWpkc7Q4XTEkshzBZ7bn
66QPgU2JHCd4gKnTZDs1qhz7G+ZkRFk9bupiqEmGE1Tcv1cKgSXacYQJHvki+/9E
1r6h5F002P6KeKEwzliN2b3Bsu5fhZrxWQOm82+D1vcrkgmZ0UtY
-----END RSA PRIVATE KEY-----
Domain certificate for example.net:
Jennings, et al. Expires July 18, 2011 [Page 64]
Internet-Draft SIP Secure Call Flows January 2011
-----BEGIN CERTIFICATE-----
MIIEWzCCA0OgAwIBAgIJAJajhBdO74pUMA0GCSqGSIb3DQEBBQUAMHAxCzAJBgNV
BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMREwDwYDVQQHEwhTYW4gSm9zZTEO
MAwGA1UEChMFc2lwaXQxKTAnBgNVBAsTIFNpcGl0IFRlc3QgQ2VydGlmaWNhdGUg
QXV0aG9yaXR5MCAXDTEwMTIwNjIyNDM1M1oYDzIxMTAxMTEyMjI0MzUzWjBbMQsw
CQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTERMA8GA1UEBxMIU2FuIEpv
c2UxDjAMBgNVBAoTBXNpcGl0MRQwEgYDVQQDEwtleGFtcGxlLm5ldDCCASIwDQYJ
KoZIhvcNAQEBBQADggEPADCCAQoCggEBAKLxMPl07wMbp/bSkuEbZEWv9qP/GBID
pfthXzRVzFDnVFH7dpO/jMZKBH2iNT4b9wdkfsS6c1DmgU8AqJtegvtmTgOVol/r
EJn2J8VGOWJVN/TynBbJ2niNnSvxdhFV4xRq2BCebH9ef5sDUj8cWdTAq2/rHzYj
XQkaLXQB3Gv1IO4DwmKsh+TwZaTa8IsTPR2oUXp7+91NY6Su71j81vE5YWlyCceJ
ABQS21h8tRlTujsdcimMahzYk0h1YW5eIQL0nu8ntuRUJbSB1ggOIBWBfiwfrC+s
lddcoi2BmwLAjVA2jFJSX6VKPeGx/SBJzGLSchBhbYhqxLTdEZHl9hsCAwEAAaOC
AQkwggEFMCcGA1UdEQQgMB6CC2V4YW1wbGUubmV0hg9zaXA6ZXhhbXBsZS5uZXQw
CQYDVR0TBAIwADAdBgNVHQ4EFgQUtqDdd06cJYC0MbTmS+guXze7o8wwgaIGA1Ud
IwSBmjCBl4AUuzeOR8daNNt62fh2tnWO0OQTF0WhdKRyMHAxCzAJBgNVBAYTAlVT
MRMwEQYDVQQIEwpDYWxpZm9ybmlhMREwDwYDVQQHEwhTYW4gSm9zZTEOMAwGA1UE
ChMFc2lwaXQxKTAnBgNVBAsTIFNpcGl0IFRlc3QgQ2VydGlmaWNhdGUgQXV0aG9y
aXR5ggkAlqOEF07vikwwCwYDVR0PBAQDAgXgMA0GCSqGSIb3DQEBBQUAA4IBAQBE
fQlW/9q+ne3nOldC1mJtzLYKBqSUUiI+FCmMvcIYACx0wzLl7CyAWmh2xn2gcVRL
7H7kFzdhRYHUzAMG88NzQ4V8RaXb3KKOv6X5yBMfaTJh4nQSkdVGZ6JkJaQpvrd3
fvAWlT1rJc19vIymXrtYhqoYcgnm0bk1ewwBmxh7SpIRIpX6W/4dP/AWryXBphYm
Ha3eghCol5H+g9wRtsA08CKPak/LRTupULY0embxqpZhHTyA++8Vp3W6dfegZVRx
tBigKs6tXY7tkvkbKq4X6zBNEF9A9verJ7u/K5fwkpxHy5QqBS5cK1i1cwlHPveU
qg7Qj2kcWHF55LrBaWFh
-----END CERTIFICATE-----
Private key for domain certificate for example.net:
Jennings, et al. Expires July 18, 2011 [Page 65]
Internet-Draft SIP Secure Call Flows January 2011
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAovEw+XTvAxun9tKS4RtkRa/2o/8YEgOl+2FfNFXMUOdUUft2
k7+MxkoEfaI1Phv3B2R+xLpzUOaBTwCom16C+2ZOA5WiX+sQmfYnxUY5YlU39PKc
FsnaeI2dK/F2EVXjFGrYEJ5sf15/mwNSPxxZ1MCrb+sfNiNdCRotdAHca/Ug7gPC
YqyH5PBlpNrwixM9HahRenv73U1jpK7vWPzW8TlhaXIJx4kAFBLbWHy1GVO6Ox1y
KYxqHNiTSHVhbl4hAvSe7ye25FQltIHWCA4gFYF+LB+sL6yV11yiLYGbAsCNUDaM
UlJfpUo94bH9IEnMYtJyEGFtiGrEtN0RkeX2GwIDAQABAoIBAQCE4NaEiHSl/zbB
lUXMp67lGbO0V8KEZk9Eqkqefl2JmKzt0nkH0kz2I8R3xAFRbjLM54pt2nNSBThs
eegGFFQSuoJib/Oj7ylxtQkH2tXPOBnS+sqJ1wEAENSc0mPrjTQLIXqkSt3GHQVJ
H7NB3lfvpVPpiD/CwaIMWzm4AhCERGza2t6wpAy5gFhylKpVKooHz7kOrEYdRml1
nS/kCzPEhUoWMQR7vbvwFuSGXM92xzmI1/5cBAVE+C10jVc/rdWaZ62DYudx/g5i
hIZNlwhP3XipkO3BsbiECJxRTWL4QkkTOGaz36UouP9ZYO5QMSr7XiJMhSrInc4n
ieU4E9qZAoGBANKD1ZZ70tHaQEL8cejQNfV1fId+RPOQ0aENlAarpoyoldJll3zN
E1Hgi80Evs7Zh7hlunXmW3MpOEUgkJutv+ZpAo5blSdqQGtLiBDItPPrjYAh+HPZ
MvbCIRyh5ABxW37JaDPPiBplDGtonj37S+ZZw3FZgdgRs/BvIsUV1rqlAoGBAMYl
+PUEDSThCLseQeRKLRbnJV7+mUpEtipeoNWFWZYpupwgsFfQzN568SpN2nLO3rrL
DCC88ODWH2QJp9D1+luc2NE0b9fzGlTsFRfl2dTkHwNp8LG8k2jclLbKnpqEV0KR
M+mkEu8otmA01n51y9ok5H+JB/d1PuE8t7G2ENG/AoGBAIil9QYquE1qG56f2Z0j
UnNT4RLenwlvrvOZKcYus/zIDgC122CyieDzHixl8Sm6QIQs3J1de21Ei3crzVKQ
tWluLq+TuT0NlmVPcTJb5kITXBWZd3pTueY9W1sHp0W2T4r8V/yRsSpY/3fVQCrB
raIIEHrKfCNyUlg2+93s8CbVAoGAbEIG2ObTv5hrSsBnQ7D7HY5ALrxvR9JurIty
1/W5Un+OAwshDXl41PzakkBi32MC8Y9KGwDfoheaou9bjqE1naP+GZ7KlHOvqUIq
7Bmaf+P6xcS1yoW7DAmn/o6JROaVPjtS343TAnN94OY9Ym49Z/vME5nsjliyeCDS
Q/ezDMUCgYA9OJnERsdz8Eh7oFRYo5e2lGRb7PrhEXvWGtQTRGkciCZi+qoOUpnm
NIo24QE08RksQBHUvPQva9bX19lNcoC0mhnRtqR4I7CUug9pb/jOEU9KtDJWwqem
PYfdA6oLGdAKQrlatklXiotbPhxtW6uyXM6szyDZrlqmMz37UZ3mIw==
-----END RSA PRIVATE KEY-----
B.3. Certificate Chaining with a Non-Root CA
Following is a certificate for a non-root CA in example.net. The
certificate was signed by the root CA shown in Section 2.1. As
indicated in Sections 4.2.1.9 and 4.2.1.3 [RFC5280], "cA" is set in
Basic Constraints, and "keyCertSign" is set in Key Usage. This
identifies the certificate holder as a signing authority.
Version: 3 (0x2)
Serial Number:
49:02:11:01:84:01:5c
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=US, ST=California, L=San Jose, O=sipit,
OU=Sipit Test Certificate Authority
Validity
Not Before: Dec 7 01:58:47 2010 GMT
Not After : Nov 13 01:58:47 2110 GMT
Subject: C=US, ST=California, L=San Jose, O=sipit,
OU=Test CA for example.net, CN=example.net
Subject Public Key Info:
Jennings, et al. Expires July 18, 2011 [Page 66]
Internet-Draft SIP Secure Call Flows January 2011
Public Key Algorithm: rsaEncryption
RSA Public Key: (2048 bit)
Modulus (2048 bit):
00:c0:a8:7e:1a:37:6a:40:3d:f6:a4:18:be:27:bd:
c6:20:63:af:9e:42:b6:09:13:85:6d:c1:0d:17:9a:
5b:98:5c:9a:d8:dc:55:b1:a0:b8:b5:51:0f:6c:98:
19:86:7f:46:24:2f:54:b1:b1:c3:75:4d:13:8a:1c:
03:83:ce:e7:3d:2b:a4:a9:8f:74:7d:9e:7e:2c:42:
2d:a9:df:84:56:ea:78:74:81:af:74:4d:c0:95:2c:
c4:c2:8b:55:a6:4e:7c:d6:f2:54:7c:10:c5:b1:ae:
88:82:38:53:97:1e:16:1a:85:db:da:9c:d5:31:7c:
df:b7:22:df:5f:2a:df:78:36:b3:98:0a:b7:d9:2a:
5f:9c:39:0e:95:23:98:cc:4d:f5:d0:63:39:83:04:
40:96:1c:3c:73:8e:78:59:09:bf:e9:45:7a:f5:76:
48:3c:86:c0:94:3b:1c:d8:d7:d1:40:7c:d2:cf:47:
c8:e4:ea:f9:d4:36:a8:1d:77:e1:25:9c:69:5d:a8:
cf:09:1a:04:78:71:95:97:99:7f:1b:51:3c:0a:25:
2e:d3:a3:20:d4:72:b9:55:80:10:a6:3e:56:2e:82:
5c:b2:77:c8:0d:40:4f:e3:65:f5:97:7a:8e:12:e9:
8a:31:42:00:5a:99:46:5e:a2:7d:b4:e2:24:d6:a7:
5e:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:TRUE
X509v3 Subject Key Identifier:
8F:65:F4:D6:05:98:B2:0F:34:5F:48:89:CC:81:DE:A5:C1:E8:A4:B2
X509v3 Authority Key Identifier:
BB:37:8E:47:C7:5A:34:DB:7A:D9:F8:76:B6:75:8E:D0:E4:13:17:45
X509v3 Key Usage:
Certificate Sign
Signature Algorithm: sha1WithRSAEncryption
c1:80:06:29:01:35:68:dc:67:ab:1c:c5:de:ad:d5:24:29:24:
12:4b:5f:67:51:a4:85:e0:70:92:d7:4b:5b:2c:17:5e:42:a1:
56:b6:89:a5:92:64:d4:30:0a:df:24:8a:88:06:ee:5c:4e:51:
3a:a1:7c:70:f4:4b:ff:18:3b:8f:6d:a8:6a:ec:84:73:b5:4c:
ef:6f:a3:f3:ac:63:46:aa:72:0c:cb:4c:ac:99:5c:ca:0f:ba:
73:c3:1f:57:e9:05:a8:57:3b:5f:dd:66:2a:a7:a8:9b:e5:99:
3f:6a:2e:48:5a:86:38:bd:5a:5d:2d:12:d1:43:6a:7a:34:d5:
9b:3e:64:d8:2f:40:0e:67:2f:34:ee:83:9a:f1:e4:99:84:66:
4d:3d:6e:99:6b:74:0b:13:28:75:7b:ee:55:e8:48:15:9e:fe:
e6:bb:de:48:f7:53:59:37:85:52:a0:72:80:35:0d:24:14:ae:
9b:87:32:da:25:16:7f:01:84:aa:c9:0b:2d:ec:21:c1:51:35:
37:80:e8:ae:eb:0c:e7:c2:7e:5d:a4:61:eb:b1:19:d0:4a:2b:
2b:42:3a:95:7c:5a:49:a8:7b:27:f3:af:b6:15:94:f4:8b:a6:
11:80:80:2f:ff:9d:9a:cd:c4:de:20:48:c0:f9:f3:0e:e4:8f:
07:a2:13:17
Jennings, et al. Expires July 18, 2011 [Page 67]
Internet-Draft SIP Secure Call Flows January 2011
Robert's certificate was signed by the non-root CA in example.net:
Version: 3 (0x2)
Serial Number:
49:02:11:01:84:01:5d
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=US, ST=California, L=San Jose, O=sipit,
OU=Test CA for example.net,
CN=example.net
Validity
Not Before: Dec 7 01:58:48 2010 GMT
Not After : Nov 13 01:58:48 2110 GMT
Subject: C=US, ST=California, L=San Jose, O=sipit, CN=robert@example.net
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (2048 bit)
Modulus (2048 bit):
00:c9:74:33:f2:e2:2e:ba:0d:0f:c9:08:17:56:9b:
50:c2:9f:e9:68:af:bf:be:13:f4:d7:68:ef:67:d5:
77:53:d9:f8:64:92:08:6b:64:4e:a0:ea:ff:16:56:
96:dd:e1:94:9d:75:a9:35:e9:82:27:90:42:80:1f:
75:27:90:c2:6f:45:3d:3d:59:da:2f:12:16:ef:e5:
1f:e3:7f:f8:20:ea:2b:1b:5a:08:fd:53:a1:ed:29:
8a:13:fe:27:77:14:d6:14:f9:8e:e3:e3:da:49:b0:
e6:f1:84:d3:b0:82:58:79:9d:8d:a5:44:52:19:92:
de:da:1d:a9:cd:d6:39:01:29:02:d9:51:31:d5:c1:
d2:90:dc:58:11:c3:fb:da:21:fb:8a:71:18:a6:86:
7a:7d:21:29:83:bc:47:89:e3:7e:0c:a9:f0:dc:4d:
52:fd:6b:97:69:ec:72:1c:f7:db:8f:42:c8:54:17:
6e:12:09:e2:96:cd:c7:e6:43:7d:65:50:7d:06:17:
4e:cf:60:81:54:2d:07:b5:1f:71:ae:7a:ee:55:2f:
c9:e6:e4:62:eb:89:a5:15:ee:62:31:ad:c8:c0:48:
d6:de:04:81:88:72:ae:60:7d:6d:a4:95:00:aa:17:
3f:cc:e0:ff:c2:59:8c:2c:40:1b:8b:3d:1e:e2:39:
2a:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Alternative Name:
URI:sip:robert@example.net, URI:im:robert@example.net,
URI:pres:robert@example.net
X509v3 Basic Constraints:
CA:FALSE
X509v3 Subject Key Identifier:
1F:9D:AA:DA:A2:0C:D2:DF:D8:A0:5C:CF:CD:CA:E4:2F:31:0C:4F:D3
X509v3 Authority Key Identifier:
8F:65:F4:D6:05:98:B2:0F:34:5F:48:89:CC:81:DE:A5:C1:E8:A4:B2
X509v3 Key Usage:
Jennings, et al. Expires July 18, 2011 [Page 68]
Internet-Draft SIP Secure Call Flows January 2011
Digital Signature, Non Repudiation, Key Encipherment
X509v3 Extended Key Usage:
E-mail Protection, 1.3.6.1.5.5.7.3.20
Signature Algorithm: sha1WithRSAEncryption
46:f4:fa:a0:78:ea:66:da:87:3f:b7:c5:f4:4d:38:5a:fc:05:
78:6f:6a:0b:81:b1:09:b5:79:9e:a1:05:d1:2b:b0:4b:9b:f4:
ff:b9:1a:c3:15:e5:8b:83:8d:00:59:b1:bc:a4:1a:3f:e1:6c:
3b:78:66:aa:b8:73:60:4d:a6:6b:22:4c:26:19:a9:71:fc:c0:
04:0b:d2:42:02:12:ed:3f:29:74:4e:88:e6:46:e0:c0:46:61:
27:e9:66:a3:e5:e6:e4:55:0e:03:4c:9a:55:f9:49:f6:ae:0f:
8d:91:1e:fc:e4:5d:8d:51:8f:c8:07:7a:ec:04:38:8f:53:14:
3d:71:ff:0c:b6:9e:c1:a4:3a:7f:2f:d3:84:e0:6a:f1:82:21:
23:20:10:e7:90:94:4a:47:b3:5a:a0:9e:66:9a:97:3b:73:8f:
18:43:37:8c:c2:73:cb:a4:be:86:d6:77:0c:51:65:03:41:cb:
03:98:f0:2b:2f:5d:eb:64:e4:52:37:ec:5f:ff:a9:16:bf:d7:
a3:43:ca:ac:86:ce:56:7e:35:f0:9f:f4:f4:77:78:ce:04:15:
7b:b8:95:0c:04:52:f5:9c:98:20:9d:18:04:95:f2:15:e5:f6:
31:6e:b9:1b:64:a9:c4:ac:3b:e9:f2:a7:24:1b:4e:30:fc:67:
cc:97:65:5d
Certificate for CA for example.net in PEM format:
-----BEGIN CERTIFICATE-----
MIIDzTCCArWgAwIBAgIHSQIRAYQBXDANBgkqhkiG9w0BAQUFADBwMQswCQYDVQQG
EwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTERMA8GA1UEBxMIU2FuIEpvc2UxDjAM
BgNVBAoTBXNpcGl0MSkwJwYDVQQLEyBTaXBpdCBUZXN0IENlcnRpZmljYXRlIEF1
dGhvcml0eTAgFw0xMDEyMDcwMTU4NDdaGA8yMTEwMTExMzAxNTg0N1owfTELMAkG
A1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExETAPBgNVBAcTCFNhbiBKb3Nl
MQ4wDAYDVQQKEwVzaXBpdDEgMB4GA1UECxMXVGVzdCBDQSBmb3IgZXhhbXBsZS5u
ZXQxFDASBgNVBAMTC2V4YW1wbGUubmV0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAwKh+GjdqQD32pBi+J73GIGOvnkK2CROFbcENF5pbmFya2NxVsaC4
tVEPbJgZhn9GJC9UsbHDdU0TihwDg87nPSukqY90fZ5+LEItqd+EVup4dIGvdE3A
lSzEwotVpk581vJUfBDFsa6IgjhTlx4WGoXb2pzVMXzftyLfXyrfeDazmAq32Spf
nDkOlSOYzE310GM5gwRAlhw8c454WQm/6UV69XZIPIbAlDsc2NfRQHzSz0fI5Or5
1DaoHXfhJZxpXajPCRoEeHGVl5l/G1E8CiUu06Mg1HK5VYAQpj5WLoJcsnfIDUBP
42X1l3qOEumKMUIAWplGXqJ9tOIk1qdeuQIDAQABo10wWzAMBgNVHRMEBTADAQH/
MB0GA1UdDgQWBBSPZfTWBZiyDzRfSInMgd6lweiksjAfBgNVHSMEGDAWgBS7N45H
x1o023rZ+Ha2dY7Q5BMXRTALBgNVHQ8EBAMCAgQwDQYJKoZIhvcNAQEFBQADggEB
AMGABikBNWjcZ6scxd6t1SQpJBJLX2dRpIXgcJLXS1ssF15CoVa2iaWSZNQwCt8k
iogG7lxOUTqhfHD0S/8YO49tqGrshHO1TO9vo/OsY0aqcgzLTKyZXMoPunPDH1fp
BahXO1/dZiqnqJvlmT9qLkhahji9Wl0tEtFDano01Zs+ZNgvQA5nLzTug5rx5JmE
Zk09bplrdAsTKHV77lXoSBWe/ua73kj3U1k3hVKgcoA1DSQUrpuHMtolFn8BhKrJ
Cy3sIcFRNTeA6K7rDOfCfl2kYeuxGdBKKytCOpV8Wkmoeyfzr7YVlPSLphGAgC//
nZrNxN4gSMD58w7kjweiExc=
-----END CERTIFICATE-----
Private key for CA for example.net:
Jennings, et al. Expires July 18, 2011 [Page 69]
Internet-Draft SIP Secure Call Flows January 2011
-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEAwKh+GjdqQD32pBi+J73GIGOvnkK2CROFbcENF5pbmFya2NxV
saC4tVEPbJgZhn9GJC9UsbHDdU0TihwDg87nPSukqY90fZ5+LEItqd+EVup4dIGv
dE3AlSzEwotVpk581vJUfBDFsa6IgjhTlx4WGoXb2pzVMXzftyLfXyrfeDazmAq3
2SpfnDkOlSOYzE310GM5gwRAlhw8c454WQm/6UV69XZIPIbAlDsc2NfRQHzSz0fI
5Or51DaoHXfhJZxpXajPCRoEeHGVl5l/G1E8CiUu06Mg1HK5VYAQpj5WLoJcsnfI
DUBP42X1l3qOEumKMUIAWplGXqJ9tOIk1qdeuQIDAQABAoIBAFuG8LnFv92bUnRt
KNG6j8jNcx5ttQuk0Yvt3ilrdL5yqEIEk1Wa9IV3aCuAKwhBqPIB5muw9xngLzs6
ydSx1Bu0gzrm40HWrTybiBQfE0EzjVxUTCWl1qtIJIYEKgGjYh2/7LEwSqt6LnIn
DldJvNiG5Yb7YTFskN/xWktdE+OIzJ3emJW9JwAMHbT4HZkhMg4YAqMa0xi48/s4
eq/oBRs6Ukn1YSi9Mae9f3ZQ4wGnWbpDbBVE/ViLKrd6jCWEK+D8LMxWoHBbfF4F
cmG52ByEjYYaNhpYbjV3ScjFOfs1OcGB/AWIpmxXhys+P7aaeTyRJeIRGMRzBXE3
yu91Kp0CgYEA/BLVqM4nhjsZgjQRBHrLViQXYldzro3L+oI9nFe6vxjZhqZeNfHc
lYD7KkdknCf8wknpmMuC+zsQdfiCytwSOFa0Pm/5MaPmL8UzgtCfg6tQovKxtBUm
a12+tpRgK1zvKivz9Vhbaa0QANW6ZEwORk00dIY09E+3MAsrFpP0IOsCgYEAw6i7
4Blxf4qWTfBMK+9QQsinfwjrqcYbg6Uwvne0C+EXyXwyIpIc/SVtjgLwYWJyxBkn
T0fUGICPeLXwMqloohtJ3UQ4wI1jxMsCEtPbJ0s/YtYEkp9kLWzJbI2OICi2eJ06
GROgHtSuL1eheEi7106vKMIGBVT3X+GqZGUVtesCgYEAmkY0ueGiUwbsr8GKAMHe
nNPt8+QuCtEB3EnFx1/yDW76AuzjkAR8yotsLQ4Qx3m5undeHoO/oF8fzfPQqLNT
+2MlYWlKjFURVn9M7W0dk4pQCcqbc+nV37Q6OqhIy4FPZvILl0cCe4TN3JTyRNw/
iEtMJVzWIAiBx0eukVzv9w0CgYBu8wDOfD8TDthai9f11ffSVww8CifwlslFZmf0
qdZsIhEmDQo09lv/5LhyHhKHdpcTwhu7ZkTMPCKfVbRGVjBiNE03bpcsAUFA98lO
Odp9NrtT5X6kUkQxSg4SQ1cDv3JxhN7MF4fl076OVAfZOI1j81d6KkPVxC+erE2+
LmAYTwKBgAZtrPmLR6jW1PsNDrRW4krw2oXZoM6sBehL0ZUwsKUkbn+ksvWgDAP1
NjxUvJ77VlCkUG5ftfl4RD+Ttd6bC8zLEqZBCV9owyCerQ5dwfU+4mAdRaY7nsry
Jx+kwbiQpcFImLnrXtO/J47UzivrAc52M5u5wAw009j0YngCPT5R
-----END RSA PRIVATE KEY-----
Robert's certificate:
Jennings, et al. Expires July 18, 2011 [Page 70]
Internet-Draft SIP Secure Call Flows January 2011
-----BEGIN CERTIFICATE-----
MIIEMDCCAxigAwIBAgIHSQIRAYQBXTANBgkqhkiG9w0BAQUFADB9MQswCQYDVQQG
EwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTERMA8GA1UEBxMIU2FuIEpvc2UxDjAM
BgNVBAoTBXNpcGl0MSAwHgYDVQQLExdUZXN0IENBIGZvciBleGFtcGxlLm5ldDEU
MBIGA1UEAxMLZXhhbXBsZS5uZXQwIBcNMTAxMjA3MDE1ODQ4WhgPMjExMDExMTMw
MTU4NDhaMGIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMREwDwYD
VQQHEwhTYW4gSm9zZTEOMAwGA1UEChMFc2lwaXQxGzAZBgNVBAMUEnJvYmVydEBl
eGFtcGxlLm5ldDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMl0M/Li
LroND8kIF1abUMKf6Wivv74T9Ndo72fVd1PZ+GSSCGtkTqDq/xZWlt3hlJ11qTXp
gieQQoAfdSeQwm9FPT1Z2i8SFu/lH+N/+CDqKxtaCP1Toe0pihP+J3cU1hT5juPj
2kmw5vGE07CCWHmdjaVEUhmS3todqc3WOQEpAtlRMdXB0pDcWBHD+9oh+4pxGKaG
en0hKYO8R4njfgyp8NxNUv1rl2nschz3249CyFQXbhIJ4pbNx+ZDfWVQfQYXTs9g
gVQtB7Ufca567lUvyebkYuuJpRXuYjGtyMBI1t4EgYhyrmB9baSVAKoXP8zg/8JZ
jCxAG4s9HuI5KpcCAwEAAaOBzTCByjBRBgNVHREESjBIhhZzaXA6cm9iZXJ0QGV4
YW1wbGUubmV0hhVpbTpyb2JlcnRAZXhhbXBsZS5uZXSGF3ByZXM6cm9iZXJ0QGV4
YW1wbGUubmV0MAkGA1UdEwQCMAAwHQYDVR0OBBYEFB+dqtqiDNLf2KBcz83K5C8x
DE/TMB8GA1UdIwQYMBaAFI9l9NYFmLIPNF9IicyB3qXB6KSyMAsGA1UdDwQEAwIF
4DAdBgNVHSUEFjAUBggrBgEFBQcDBAYIKwYBBQUHAxQwDQYJKoZIhvcNAQEFBQAD
ggEBAEb0+qB46mbahz+3xfRNOFr8BXhvaguBsQm1eZ6hBdErsEub9P+5GsMV5YuD
jQBZsbykGj/hbDt4Zqq4c2BNpmsiTCYZqXH8wAQL0kICEu0/KXROiOZG4MBGYSfp
ZqPl5uRVDgNMmlX5SfauD42RHvzkXY1Rj8gHeuwEOI9TFD1x/wy2nsGkOn8v04Tg
avGCISMgEOeQlEpHs1qgnmaalztzjxhDN4zCc8ukvobWdwxRZQNBywOY8CsvXetk
5FI37F//qRa/16NDyqyGzlZ+NfCf9PR3eM4EFXu4lQwEUvWcmCCdGASV8hXl9jFu
uRtkqcSsO+nypyQbTjD8Z8yXZV0=
-----END CERTIFICATE-----
Robert's private key:
Jennings, et al. Expires July 18, 2011 [Page 71]
Internet-Draft SIP Secure Call Flows January 2011
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAyXQz8uIuug0PyQgXVptQwp/paK+/vhP012jvZ9V3U9n4ZJII
a2ROoOr/FlaW3eGUnXWpNemCJ5BCgB91J5DCb0U9PVnaLxIW7+Uf43/4IOorG1oI
/VOh7SmKE/4ndxTWFPmO4+PaSbDm8YTTsIJYeZ2NpURSGZLe2h2pzdY5ASkC2VEx
1cHSkNxYEcP72iH7inEYpoZ6fSEpg7xHieN+DKnw3E1S/WuXaexyHPfbj0LIVBdu
Egnils3H5kN9ZVB9BhdOz2CBVC0HtR9xrnruVS/J5uRi64mlFe5iMa3IwEjW3gSB
iHKuYH1tpJUAqhc/zOD/wlmMLEAbiz0e4jkqlwIDAQABAoIBACcWcO3zjPV0i1eK
Rlz7jdP1iyhQ0XdkD+Gr7qfK93hBlryMyS1tLQR0FEKVUniCyH800TwwrpxWlVCe
yfB/WfqVCKjawkbXz7OEVYei0NYyGWMZOR1OGOEXaj8u1SF53X/8XAlDsJsTw/ug
tiJNaDVQqKckdnmX0b2oe8YAhtb+cdpAQeILHzn5Zbi/6pE1dSFRYA7krVK3Llv8
oLUJtlHJIXXdyajsBFxpT+i34PonkUDM8Gv51Or95L3z2nrBKG6IK/QvAdDnbcnK
s2IPmxaE4Dmql3+NbqOYkyaYpaPl5jot0fYuzE8WiUbnLklsPiZhnpUqOm9UOMof
RWDa76ECgYEA75U44AL7amX/yuUAugXp642I8UI05MzWE1r+uc49MqsPikr1emr2
MWq+2jejUl7hA8B1UwaND6YQxJ7IsN/Gw9e1uo/hUM0BXAmj8wvLfC7U2F2RoelV
xCxtJm8ltWv1mT7wzphYbddE3MF/WEYGMeQBPp8ZGsi5YthqCFBW2t0CgYEA10Ie
rb2TaCU2RCw/H6mJ1RDT1T9XYN/LggDmNOBnAxOpor4h0ifiuvIZSzEcnXD0bBGJ
HgGJh4yVuGQOKEWGcCXp3R6ARtYQPJi1nNF+I6wdH3eM3z5/7xB/FZsoPesA0Tp+
9cbGsaP6yxSFFdEhu3npE4r0wRSiqZevbJJcYgMCgYEAkeYHmrN2M9clrINErAQJ
7b5lVLaCy4rKG0Ngt/oWXpK5hfgcAY69ml5tFyqmtPS+hrBfQk5M/OiecX5YrQ25
V243ZwNTrQcK+ueMBeh65IcIazKgCz+zUSHU3oD1L8Qs7kPcFZPE1i8v6leTm0gZ
Yax97YqpmRv/eWhdOe7i1akCgYEAzJEvqpmBHvZOThdmneZ28J+fUQdzOMM2GgRU
wmeIPipPijP63Ee/dz5gv06bDRytjI5Vqsh3NPRrzOJ5edgo3SeKyvMToT4KDCxs
W+3TXH9S5fatT/OLjVw2Cgh8A+vzyOM4iMYxSdy2mIyVtZgb4JkI4eOqmlvMAjP/
KMUnOpUCgYA7Ah+UVDuxnW1znWnYcvo/CnSkpAFf9XPQzr/fFY8oAXTsEJdRzS1A
eXPplLGDPQLAR426MLBbGXgSgMp3SqEPHH5nn8hH6WUsnNvQDOeEIJKmGXhU/xQ3
QEA9FUXAvpAO1iSPESE/oPvwWv2DWieiUwDoX9F8scoF1j8ChBX33A==
-----END RSA PRIVATE KEY-----
Jennings, et al. Expires July 18, 2011 [Page 72]
Internet-Draft SIP Secure Call Flows January 2011
Appendix C. Message Dumps
This section contains a base64 encoded gzipped, compressed tar file
of various CMS messages used in this document. Saving the data in a
file foo.tgz.b64 then running a command like "openssl base64 -d -in
foo.tgz.b64 | tar xfz -" would recover the CMS messages and allow
them to be used as test vectors.
-- BEGIN MESSAGE ARCHIVE --
H4sIAOaV/UwCA+ycCVgTV9fHCQgIQl1wRYsBrZUlODOZJQFRg2E3CUsAEwXN
MiEJ2UyCLK6AoqLVqmVTK1DBomjFDZWq4IJbQRHRun9IUXErVoG6Ud5QW0UK
4vd+0FY+Lg/PJHdmztwM99zf/5wzQSDXkDRyiRwnyTVhjkKeVq/zGwAAKAwT
m7cYiryzbW4QDENEEIQxjAxCGIwQARBGAESPCOj9DS1Co+WpdUPhqyU8xXuO
62j/689CfLP9SBrDLSCA5uFG1EhUTuERckm4chIexZOrZLijAtcSA7x8x0GO
gLlpkITn9Oe7cezJvkSQqnvlCDlCTiACAKAzX81TCMQuMVSxB8z3IQkpGALH
kMggzgchhIoJyFQeCCAkkET6c5+zWqVUa10QChnEzE0ZvCiSu1IdyVMLNU5E
THdJttKJOL7tcU0wN3VXK+V/7BfJIkSi6Df7BUr5BGctL8wFFeh+ABQ0N53M
k8lIXnQnIovNAFgeQTIW3YvMgbxABuQv5Ur9wxlSsYThwYhkSjkQ18NdzPLw
ctSdFoDPciJSYIxM/OM+mZvSBAJcpXUiyiNkWomKp9aO00jCFLjQgajFo7Tj
VDKeROFA5KlUMomAp5UoFeNU4QINRmr2sXf7NUKVQwszPJkWVyt0u2bjuisr
FVpcoSWxo1X4X6/lzFdGKIQ8dbQLovMkmE9GBCJQJAQAgbNcZ10W5qIR80Bn
lVqpVQqUMhebvw6n2RBPG6HGbd5ebAquCNOKdTe/+e6bm5JIra23HtfbT9xi
j24eaES4muSmECiFEkWYE5EvUejG2mzSE5fJlNYfYvo9I3ZW8OS4y++LlqMK
07w9ky7RqJQaSfM5OgNaLU8gluv6ncU8hVCmG4mLGp8VIVHr7p9IIsPbs/Le
DwDEESqMTOwSPBN+NScY62fEEYp1XUf0CQTQBDA2MrT/xEDfEujz9hACGEf4
RnfIRt0hwDxABfYBTIwMAnsZWegHBoAWQP/mN70tfp+iEpFSrZDwwP5A3+Ze
Y4veATwF0VupwcFPALPmLnNTC0PdjJdoQVvg8+aOPhbEgOb3RDau0RIn42qt
RNR823AiLUIrVqol2mh9E73kTYuGMGsTGW9HaP5mhASCoV6vOIJe38R1hx/n
rF/tcsT7Nv/IyxCJiok+G18cc9FIyreSOQ4xH796L/Vk7LnIfTxnx5TZRU4p
g76FnCdE5zamVDrS7i5vIA67NXyfpmrwMzqBwVFcG+71wnP+4WSItWaCPXp+
jD22nlB6kvoi25aW/ejQ01nX4rike07ldwr7PaXtkBLjKiS+L1VXl246trq4
31mXhYHfrUizYucbTTgj/PJFFWtz3qQJmV+X18wtnCRRLNyhUTgsuLGpd5P/
LzQ/RgLMHXFpzfglp8xN/aEvtja4DZ+eIb0rtLIdsCjAx7GP+pPQaet8vH9r
EE6ISpy2wa2I33SnYdlnepphPpW9y+t/g8o9Hv7C0M4d09asJJHMTfW6dZPj
Gg0vDCdpZRqSGteoukICdMB/AMaAVvxHIAjs4f/f0f5AOhHSjZnl05rzUwI+
lPN8AR8ToBREhFAQFKO2w3nkLdU1bWDdCdHR+jW7yQifotOBopag17RB+tej
en0OXzdtAD4Kt+A9l+4HcqVMMUPqF8WVcmUcKTOcKw2M5ki9xQw6DWGwaVEc
qb+YIXd7w3uYDFDe8r41HH9HY/dZFVr4fxep/479H4PB1vofQsg9/v836/92
PbK9KKALVof2o4D214t/fIn4J0KCtqT3n0sU2lJqd/D3Vyjx8AiSoEuzAB3H
/+TW/Eehnvi/O8T/IEWAoEIyiCIQhuoUddueD4FdEv8LEQDEqAivZfxP50As
Oi2KyxbEcOliMVPqLmZ6uJFZdAHMifHXxf1BUoZUEMNh0z6K+B8HACoAQlQ+
hAkpQqiT4//W1jsx/u/IdE/83/nxv9/74v+hkrLyb58ZL+XjMxZed517Y0+8
Pt9sBnlB4Cj6Ot+zE8uC2J+FVni65m/+PCbB3NTM4LnKy+7eyIOlg1hfSkbj
/rbQiJB+B441kg6NsM7nrd8T8mIVTfDDjQR6PsAKMuaGF94R2vMezPspZbf3
uN3MfffoU71W5pqb4nXq/vU3E2sGF5y8k7l28/75qU94WRL+6a2DPGrmXJq+
JR5mzS0J4Cv3L00zSSkZC9yOUxkcrHmwetStCXqjVlCqFdkSjeW8PargIell
M65eOWjTKK/eXrGrYVD6LpunQy2SDHwZEtJGopy4c4f+hbW5524GX/s0L3WY
wtX1K8lQcLYlarX26fywnJWpm4HItqZlt08AvOb/a/bjCoE6WqXFhZ2sADri
Jennings, et al. Expires July 18, 2011 [Page 73]
Internet-Draft SIP Secure Call Flows January 2011
P0RGW/Ffh3+4h//dgP8oWQRjVDKG8UUiRASL2uE/1DX5fxFMxagwtQX/GWwd
53WCnikPhDhQkJQrZ0BMdpBO9AciDJ024Ehp0Qw2B2HGhL/hPxlCgX+K//8H
pH0Q0TqCbrMt59erg1Z3iAuumI3LlCpcSNItEbx3SSz/q5JAUOQ1NfXBt0g0
yIjTt9F1WekT9HR0TNPRMUn38p+mo38bUDy4av78suFHK5KS0JtrC79KFy1O
P5d5pzEtfYvj1Spzrb9BYqVeZCFnwznrTwe6ThSrf7W3cixRGHDmHY2XTRY3
ns98+tztyOPHnOgXuN4sxgnPvqXWtw4eGjTswb4EKMry0XIRYpE/NepQYeUW
m8NoL/7IHXF2sphLD2kUO9ES0k+/1d1eYrcjtH8tbLOcNuPU0HqakfeR8m0N
6DerZl+/tmf6tMW+0dt9FTNig2cbTh2cHM34PqAGq/r6sSWn7uqtIoddBQn8
ELPRd40NFl6Mf75o+5Fdl0YifVieoRULZq148PMjpzkyi/M0n+JeFw+cGU0t
uH//QsYaa2iC1a57lpnz6/SfA4K1wNwWSgb41MhkZoInATfoRdDv1W9P3eIL
zuq6VxuzlxJv9ho7eqFv9qnhx6/3HmhduzeN51VZX1tUUtWXEFww9Mx0rcrk
+U7XWdXjwlz2vQhW6/VLnjltZupsrzlnnm6NOer58nam8ZLl876/lodmeQ2K
V4aHld/YtaK8u+fe/23876onADqO/7HW8T+A9OT/uwP/EQpO0YX9uEhIEQlE
ELkd/gNdwn+yCAOE8DvxP1cqlnE93KVMtqsu9mcgXDZXypF7RTGDGTBXzonh
0jkgR+qm0wh+H0n9H4cpFERI0bkOyIOhTor/4T/r/+9a79T6//tN/3vj/8vv
xv+ndV3FzfF/s3R5HV0b6rXOAGTpDsr4V2QAWoyxJwfQdg6g9dTs1jmAlvxv
9rA/kwCdKQQ64D8Zg1rn/1EM6Kn/dQf+A6BQAFIRKi5CKRQIFrTDf3KX8J8P
omSUh6It+M+k+0VxpH6RXDYnkkHnyrh0GsSgM2AO5B7OlLpFcj38ZVwpM5wh
Z7zhPwLD1H8r/1EBINT5FhlFQSoFQTon/w/CCPJaALQ232UJg67Oc3wkOQhm
G1COBgfVLUktHvOwait08vbc6Id213+JWr/nleu0OHrpd8RFX9soVHBlwMmz
MaFZ349ztc0cOl277zDxsTh0/hivmkFU4s/JcgnqicQbpv14OWLPEiZd2ZsR
Vro3p9FzovLMLeWkgmoDr/Qsl7yJg+J3HbPNnfokEDxrJlxQEToRfRVOf9jk
Y/ci5Gpj8dizgl0JkRHr9heX1R/9bciJH8sWVOTt+SqrTJV+6dCK4TkuWzd4
lU+Mbai5OSV3SNDMPnyz/IPDEzUy1HvUnfqfcgbXxAXjdvkVqz6zXZMxccPT
UVtme5tXr1xSe2rReDBEcfyu5STj+tq6qQsRh9q63WMsqNNz4zML7tAWvC8H
0bs+cLrsofqiu9R8o3CIr91CXwj+xXGAkeryuG/K+Ul5Tg3TjE8JI4ITbVzL
113mqDycnl3CLHv7SM8uJVVPNeGmlvibzTu9LXPP2szPjI+VK03SCaqjW8/v
vVarm/1nr6V+/1j737lBj1jtjMdV3ytWl8nEpymPrTY0fteXfZFDoVxdgyaZ
2O9H9u6ckEH6Ar0+D158d/+veWPt4sj0iCxKU/B5D58Fa5ZJl24sceu/anhs
nicxoGSNw9BPSo4VlabSpxdCA7T9hw0JG5g82Td24YKx/mPOhKw5MnKm3iiH
AxHVP66bH2oFnG+0p6wHCB7f5c4+Z+AgbRx2/0CyGpz8fLlSWySo+PqQ/5lS
Qnia3sRMV0lohuXNmUlTHmGJoYVmKueLX4aNDGi6lLITc/UbVPRNFHRzXuDW
rIEmO7ZUrLx+FCxm2S2GBrDvqh0epzw7tKXK3LSm6KDs2goe41HBiKxn5XGM
9FcHfoRDvXc1zFxfdXz9HYvFL9uamf9rrdq1lZ8Prf+0zP+gzfkfkIz16L/u
UP8BqGQyGaOCwubnfNvTfyCla+o/ECLA+Qj/Hf3HgblSbymDLpNx2TSYxWY2
P/Al1mlCMlPuBnKkXjEsejjC9GD01H/+f9V/2tJeFr1EQ4dcHL3ZIWz1moyR
r/JtZpncLbqy+6V50ecl1ZWZTa9KduyJHbzrx2MBUV6cGzcWXTtYfbHySlnR
7VuhqeMdiXMOOuk5b1s6a7X7k688yq4YNgx/ej96n8Q65UalMCQHCDpcOClF
MzUMP9wQcLqofDfPOMX1BzGWUn0st5+JKOCe+mSWyMzEaMAtr7ADky71KfCf
d2zjPsDPh/bDjB0PczK2SpoAo+VZo27/amiYUH92+5ymghD3KY6/yedWWcdE
YP3mmzPiNtJ3wrllnJxnA6WHXPAJ4ZjjM/YcD69xgXNqZjseWjnR6kpCkqXh
Q0t+ct+gpPVjSqsSL8XWjlhz/kksHL9iYu37tNdz1tE1XtCDLZXZ23JrCSHZ
C32THge4DDWJBMq32VuZm/rde1ANLT8j+aLgtrtgQxpCVF34Ocba59i9gNt5
88ask07vr+Sod6+2Sk1qkCyj3bGZNu5B/YZZtt9bEVI2Jj+gJn5z4lVPAajL
25vKDylSzNOSwpRa0uv1rBOVQEfPf4MA0or/KAb28P9vaZ2S0O9xo4/f/7vs
2x8fUv9FW/k/GSNDPf7fDfQ/BcRhEUamIBQBGaEgwnb0P9ol+h+DeSCIgkDL
579iXGUsDwbAjAmPZLHdohgQI5rhofuNCSSzghkxXI9AgANxQAY77KOo/2Ii
vogMAny+SEARYKCgc+u/ra13Yv23I9M9KbV/IKXW8x3wNmZm934EvGsrvx9a
Jennings, et al. Expires July 18, 2011 [Page 74]
Internet-Draft SIP Secure Call Flows January 2011
/wVb5/8QtKf+2y3yf1QBDAoADMZFZIoIa+f7XyC1S/hPQWAMQRFyy/yfPEjK
kbrp+M8UM6WCGAbdLZrrwSBzghkIU+4v5QT7RXEgbxmH7fVR1H/Jzf8riQ/i
KAJTABjld3L9t7X5nvrv35+D1F46be8pSLEPOjq7yez88QdXfrnpXv8JFjvz
mUF/atrM+nTiM1pA8knfKU3ytIya/P25KaXKb4dN3VLm8OT4gWW2RaL6poV+
JaMjZuZUhOydIre/WZydk/1innW/7LtmqWEiT+PaG6vEdv3l7sz8zAzxz37y
2OB7n6dG7L7du2Tz1bmRFdcHR/FObt55Lhk9ffnzbSMvZOwYuRMffqq2YMOp
7T53tr4KMFhxVH9kIfE75V1nTJ66yeJ83aa6dYcr8yPq86clZNxqWLnWx4vA
py2ZM2CnW/wJHj275nzpZvshe099dmHD0f3L+YMd6nzVDcdY9mSAk1Jow0ZH
sfoZ8crynymJhUt793lfDnKW8/3KkN/KQuX3t/U5EO6UttCXdpe7c9vjzQfT
/VnxF4tlo7yGEKO+Pq35ocQzkffAnVThbSD1Bu/96j+NsBmmHAi7cSgqgCPg
ujnq+w3NezI5krWMed/67qumuY1xtDEnLiK2/50X9GjVLteq8791aeQbLju0
qNdd2a0NA768OCoQZ18OBmauHZj4OO32vlj7tIHeeYZZ17iNT+yrnk6eb4s9
7T07acTkvNQ7JrFjk17+T2PpDtVVY+uwtP7HD1wirJOVTE0nbaZfUF+Ynux8
q6ruS1C0aZ9oeKOj7dRPhw4qeDSmYmf2s7A6GHK7n2uzfZ/ooIud8Yja+LCv
dt/MflHv17i8+HGC0fFHL1/egp76HKW9WtVYurFp/acmK6qfu/XFr5+I35S8
crm4evdE8sMRRg9Q61FTPHIdMh9YYoSojSkhOU0L8neRc/QJPxU/qhlrJr2S
Mee+R9B/2rljG4CgAICClQ2MoKCRSNSi0xiBWvJVejsYgNIo5lBZwAYMYAK5
m+HVr1qTLZ7qZe9C2aTnMc531OdF1g7XV5j/3xUBAAAAAAAAAAAArwcJE6fh
AHgAAA==
-- END MESSAGE ARCHIVE --
Jennings, et al. Expires July 18, 2011 [Page 75]
Internet-Draft SIP Secure Call Flows January 2011
Authors' Addresses
Cullen Jennings
Cisco Systems
170 West Tasman Drive
Mailstop SJC-21/2
San Jose, CA 95134
USA
Phone: +1 408 421 9990
Email: fluffy@cisco.com
Kumiko Ono
Columbia University
Email: kumiko@cs.columbia.edu
Robert Sparks
Tekelec
17210 Campbell Road
Suite 250
Dallas, TX 75252
USA
Email: rjsparks@estacado.net
Brian Hibbard (editor)
Tekelec
17210 Campbell Road
Suite 250
Dallas, TX 75252
USA
Email: brian@estacado.net
Jennings, et al. Expires July 18, 2011 [Page 76]
