RFC

TOC

Network Working Group	C. Jennings
INTERNET DRAFT	Cisco Systems
<draft-jennings-sip-sec-flows-00>	October 2003
Category: Standards Track
Expires: April 2004

Example call flows using SIP security mechanisms

draft-jennings-sip-sec-flows-00

Abstract

This document shows call flows demonstrating the use of SIPS, TLS, and S/MIME in SIP. This draft provides information that helps implementors build interoperable SIP software. It is purely informational. To help facilitate interoperability testing, it includes certificates used in the example call flows and a CA certificate to create certificates for testing.

Warning - this is a very early draft of this document. The call flows in it have not been verified against multiple versions of the software and have reasonable odds of being wrong.

RFC

TOC

1 Conventions
2 Introduction
3 Security Considerations
4 CA Certificates
5 Host Certificate
6 Callflow with Message over TLS
7 Callflow with TLS with Mutual Authentication
8 User Certificates
9 Callflow with Signed Message
10 Callflow with Encrypted Message
11 Callflow with Signed and Encrypted Message
12 Callflow with SRTP keying material in the SDP
13 Callflow with secure REFER
14 Test Notes
15 Making Test Certificates
16 makeCA script
17 makeCert script
18 Certificates for testing
19 Message Dumps
20 Open Issues
21 Still To Do
22 Acknowledgments
§ Normative References
§ Informative References
§ Author's Address
§ Full Copyright Statement

TOC

1 Conventions

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC-2119 [1].

TOC

2 Introduction

Several different groups are starting to implement the S/MIME portion of SIP. Over the last several interoperability events, it has become clear that it is difficult to write these systems without any test vectors or examples of "known good" messages to test against. Furthermore, testing at the events is often hampered by trying to get certificates signed by some common test root into the appropriate format for various clients. This document addresses both of these issues by providing detailed messages that give detailed examples that implemetors can use for comparison and that can also be used for testing. In addition, this document provides a common certificate that can be used for a CA to reduce the time it takes to set up a test at an interoperability event. The document also provides some hints and clarifications for implementors.

A simple SIP call flow using SIPS and TLS is shown in section 6. The certificates for the hosts used are shown in section 5 and the CA certificates used to sign these are shown in section 4.

The text from section 9 through section 11 shows some simple SIP call flows using S/MIME to sign and encrypt the body of the message. The user certificates used in these examples are shown in section 8 and are signed with the same CA certs.

A way to make certificates that can be used for interoperability testing is presented in section 15, along with methods for converting these to various formats.

In section 14, a partial list of things implementators should check that they do in order to implement a secure system is presented.

Binary copies of various messages in this draft that can be used for testing appear in section 19.

TOC

3 Security Considerations

Implementators must never use any of the certificates provided in this document in anything but a test environment. Installing the CA root certificates used in this document as a trusted root in operational software would completely destroy the security of the system while giving the user the impression that the system was operating securely.

This document recommends some things that implementors might test or verify to improve the security of their implementations. It is impossible to make a comprehensive list of these and this document only suggests some of the top mistakes that have been seen at the SIPit interoperability events. Just because an implementation does everything this document recommends does not make it secure.

TOC

4 CA Certificates

The certificate used by the CA to sign the other certificates is shown below. This is a X509v3 certificate. Note that the basic constraints allow it to be used as a CA.

Version: 3 (0x2)
Serial Number: 0 (0x0)
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=US, ST=California, L=San Jose, O=sipit, 
        OU=Sipit Test Certificate Authority
Validity
    Not Before: Jul 18 12:21:52 2003 GMT
    Not After : Jul 15 12:21:52 2013 GMT
Subject: C=US, ST=California, L=San Jose, O=sipit, 
        OU=Sipit Test Certificate Authority
Subject Public Key Info:
    Public Key Algorithm: rsaEncryption
    RSA Public Key: (1024 bit)
        Modulus (1024 bit):
            00:c3:22:1e:83:91:c5:03:2c:3c:8a:f4:11:14:c6:
            4b:9d:fa:72:78:c6:b0:95:18:a7:e0:8c:79:ba:5d:
            a4:ae:1e:21:2d:9d:f1:0b:1c:cf:bd:5b:29:b3:90:
            13:73:66:92:6e:df:4c:b3:b3:1c:1f:2a:82:0a:ba:
            07:4d:52:b0:f8:37:7b:e2:0a:27:30:70:dd:f9:2e:
            03:ff:2a:76:cd:df:87:1a:bd:71:eb:e1:99:6a:c4:
            7f:8e:74:a0:77:85:04:e9:41:ad:fc:03:b6:17:75:
            aa:33:ea:0a:16:d9:fb:79:32:2e:f8:cf:4d:c6:34:
            a3:ff:1b:d0:68:28:e1:9d:e5
        Exponent: 65537 (0x10001)
X509v3 extensions:
  X509v3 Subject Key Identifier: 
    6B:46:17:14:EA:94:76:25:80:54:6E:13:54:DA:A1:E3:54:14:A1:B6
  X509v3 Authority Key Identifier: 
    6B:46:17:14:EA:94:76:25:80:54:6E:13:54:DA:A1:E3:54:14:A1:B6
    DirName:/C=US/ST=California/L=San Jose/O=sipit/
             OU=Sipit Test Certificate Authority
    serial:00
  X509v3 Basic Constraints: 
    CA:TRUE
Signature Algorithm: sha1WithRSAEncryption
 96:6d:1b:ef:d5:91:93:45:7c:5b:1f:cf:c4:aa:47:52:0b:34:
 a8:50:fa:ec:fa:b4:2a:47:4c:5d:41:a7:3d:c0:d6:3f:9e:56:
 5b:91:1d:ce:a8:07:b3:1b:a4:9f:9a:49:6f:7f:e0:ce:83:94:
 71:42:af:fe:63:a2:34:dc:b4:5e:a5:ce:ca:79:50:e9:6a:99:
 4c:14:69:e9:7c:ab:22:6c:44:cc:8a:9c:33:6b:23:50:42:05:
 1f:e1:c2:81:88:5f:ba:e5:47:bb:85:9b:83:25:ad:84:32:ff:
 2a:5b:8b:70:12:11:83:61:c9:69:15:4f:58:a3:3c:92:d4:e8:
 6f:52

The ASN.1 parse of the CA certificate is shown below.

    0:l= 804 cons: SEQUENCE          
    4:l= 653 cons:  SEQUENCE          
    8:l=   3 cons:   cont [ 0 ]        
   10:l=   1 prim:    INTEGER           :02
   13:l=   1 prim:   INTEGER           :00
   16:l=  13 cons:   SEQUENCE          
   18:l=   9 prim:    OBJECT            :sha1WithRSAEncryption
   29:l=   0 prim:    NULL              
   31:l= 112 cons:   SEQUENCE          
   33:l=  11 cons:    SET               
   35:l=   9 cons:     SEQUENCE          
   37:l=   3 prim:      OBJECT            :countryName
   42:l=   2 prim:      PRINTABLESTRING   :US
   46:l=  19 cons:    SET               
   48:l=  17 cons:     SEQUENCE          
   50:l=   3 prim:      OBJECT            :stateOrProvinceName
   55:l=  10 prim:      PRINTABLESTRING   :California
   67:l=  17 cons:    SET               
   69:l=  15 cons:     SEQUENCE          
   71:l=   3 prim:      OBJECT            :localityName
   76:l=   8 prim:      PRINTABLESTRING   :San Jose
   86:l=  14 cons:    SET               
   88:l=  12 cons:     SEQUENCE          
   90:l=   3 prim:      OBJECT            :organizationName
   95:l=   5 prim:      PRINTABLESTRING   :sipit
  102:l=  41 cons:    SET               
  104:l=  39 cons:     SEQUENCE          
  106:l=   3 prim:      OBJECT            :organizationalUnitName
  111:l=  32 prim:      PRINTABLESTRING   :
                        Sipit Test Certificate Authority
  145:l=  30 cons:   SEQUENCE          
  147:l=  13 prim:    UTCTIME           :030718122152Z
  162:l=  13 prim:    UTCTIME           :130715122152Z
  177:l= 112 cons:   SEQUENCE          
  179:l=  11 cons:    SET               
  181:l=   9 cons:     SEQUENCE          
  183:l=   3 prim:      OBJECT            :countryName
  188:l=   2 prim:      PRINTABLESTRING   :US
  192:l=  19 cons:    SET               
  194:l=  17 cons:     SEQUENCE          
  196:l=   3 prim:      OBJECT            :stateOrProvinceName
  201:l=  10 prim:      PRINTABLESTRING   :California
  213:l=  17 cons:    SET               
  215:l=  15 cons:     SEQUENCE          
  217:l=   3 prim:      OBJECT            :localityName
  222:l=   8 prim:      PRINTABLESTRING   :San Jose
  232:l=  14 cons:    SET               
  234:l=  12 cons:     SEQUENCE          
  236:l=   3 prim:      OBJECT            :organizationName
  241:l=   5 prim:      PRINTABLESTRING   :sipit
  248:l=  41 cons:    SET               
  250:l=  39 cons:     SEQUENCE          
  252:l=   3 prim:      OBJECT            :organizationalUnitName
  257:l=  32 prim:      PRINTABLESTRING   :
                        Sipit Test Certificate Authority
  291:l= 159 cons:   SEQUENCE          
  294:l=  13 cons:    SEQUENCE          
  296:l=   9 prim:     OBJECT            :rsaEncryption
  307:l=   0 prim:     NULL              
  309:l= 141 prim:    BIT STRING        
00 30 81 89 02 81 81 00-c3 22 1e 83 91 c5 03 2c   .0.......".....,
3c 8a f4 11 14 c6 4b 9d-fa 72 78 c6 b0 95 18 a7   <.....K..rx.....
e0 8c 79 ba 5d a4 ae 1e-21 2d 9d f1 0b 1c cf bd   ..y.]...!-......
5b 29 b3 90 13 73 66 92-6e df 4c b3 b3 1c 1f 2a   [)...sf.n.L....*
82 0a ba 07 4d 52 b0 f8-37 7b e2 0a 27 30 70 dd   ....MR..7{..'0p.
f9 2e 03 ff 2a 76 cd df-87 1a bd 71 eb e1 99 6a   ....*v.....q...j
c4 7f 8e 74 a0 77 85 04-e9 41 ad fc 03 b6 17 75   ...t.w...A.....u
aa 33 ea 0a 16 d9 fb 79-32 2e f8 cf 4d c6 34 a3   .3.....y2...M.4.
ff 1b d0 68 28 e1 9d e5-02 03 01 00 01            ...h(........
  453:l= 205 cons:   cont [ 3 ]        
  456:l= 202 cons:    SEQUENCE          
  459:l=  29 cons:     SEQUENCE          
  461:l=   3 prim:      OBJECT    :X509v3 Subject Key Identifier
  466:l=  22 prim:      OCTET STRING      
04 14 6b 46 17 14 ea 94-76 25 80 54 6e 13 54 da   ..kF....v%.Tn.T.
a1 e3 54 14 a1 b6                                 ..T...
  490:l= 154 cons:     SEQUENCE          
  493:l=   3 prim:      OBJECT    :X509v3 Authority Key Identifier
  498:l= 146 prim:      OCTET STRING      
30 81 8f 80 14 6b 46 17-14 ea 94 76 25 80 54 6e   0....kF....v%.Tn
13 54 da a1 e3 54 14 a1-b6 a1 74 a4 72 30 70 31   .T...T....t.r0p1
0b 30 09 06 03 55 04 06-13 02 55 53 31 13 30 11   .0...U....US1.0.
06 03 55 04 08 13 0a 43-61 6c 69 66 6f 72 6e 69   ..U....Californi
61 31 11 30 0f 06 03 55-04 07 13 08 53 61 6e 20   a1.0...U....San 
4a 6f 73 65 31 0e 30 0c-06 03 55 04 0a 13 05 73   Jose1.0...U....s
69 70 69 74 31 29 30 27-06 03 55 04 0b 13 20 53   ipit1)0'..U... S
69 70 69 74 20 54 65 73-74 20 43 65 72 74 69 66   ipit Test Certif
69 63 61 74 65 20 41 75-74 68 6f 72 69 74 79 82   icate Authority.
01                                                .
      0092 - <SPACES/NULS>
  647:l=  12 cons:     SEQUENCE          
  649:l=   3 prim:      OBJECT            :X509v3 Basic Constraints
  654:l=   5 prim:      OCTET STRING      
30 03 01 01 ff                                    0....
  661:l=  13 cons:  SEQUENCE          
  663:l=   9 prim:   OBJECT            :sha1WithRSAEncryption
  674:l=   0 prim:   NULL              
  676:l= 129 prim:  BIT STRING        
00 96 6d 1b ef d5 91 93-45 7c 5b 1f cf c4 aa 47   ..m.....E|[....G
52 0b 34 a8 50 fa ec fa-b4 2a 47 4c 5d 41 a7 3d   R.4.P....*GL]A.=
c0 d6 3f 9e 56 5b 91 1d-ce a8 07 b3 1b a4 9f 9a   ..?.V[..........
49 6f 7f e0 ce 83 94 71-42 af fe 63 a2 34 dc b4   Io.....qB..c.4..
5e a5 ce ca 79 50 e9 6a-99 4c 14 69 e9 7c ab 22   ^...yP.j.L.i.|."
6c 44 cc 8a 9c 33 6b 23-50 42 05 1f e1 c2 81 88   lD...3k#PB......
5f ba e5 47 bb 85 9b 83-25 ad 84 32 ff 2a 5b 8b   _..G....%..2.*[.
70 12 11 83 61 c9 69 15-4f 58 a3 3c 92 d4 e8 6f   p...a.i.OX.<...o
52                                                R

TOC

5 Host Certificate

The certificate for the host b.example.com is shown below. Note that the Subject Alternative Name is set to b.example.com and is a DNS type.

 Data:
     Version: 3 (0x2)
     Serial Number: 1 (0x1)
     Signature Algorithm: sha1WithRSAEncryption
     Issuer: C=US, ST=California, L=San Jose, O=sipit, 
             OU=Sipit Test Certificate Authority
     Validity
         Not Before: Jul 20 20:46:16 2003 GMT
         Not After : Jul 19 20:46:16 2004 GMT
     Subject: C=US, ST=California, L=San Jose, O=sipit, 
              CN=b.example.com
     Subject Public Key Info:
         Public Key Algorithm: rsaEncryption
         RSA Public Key: (1024 bit)
             Modulus (1024 bit):
                 00:e2:85:18:89:7b:67:2a:b8:67:ac:a5:f9:4e:42:
                 58:04:d8:3a:ae:bb:f6:87:c4:57:2e:5d:79:5f:15:
                 fb:32:7b:00:b1:10:64:19:2a:ed:3e:d9:19:7f:bd:
                 f4:aa:bd:94:b5:d3:19:9e:f2:b8:8c:56:28:dc:3d:
                 08:6e:29:2d:17:e5:b0:bb:da:2a:af:f8:e2:95:ce:
                 87:2f:da:9e:bc:bf:00:90:53:1f:47:c6:52:7f:f6:
                 0e:dc:af:cb:57:2a:7b:17:46:69:db:b1:62:e9:b3:
                 e3:aa:74:6b:bc:d5:65:bc:db:ea:1d:15:2b:1b:22:
                 bc:7b:23:6e:74:9f:01:62:b9
             Exponent: 65537 (0x10001)
     X509v3 extensions:
         X509v3 Subject Alternative Name: 
              DNS:b.example.com
         X509v3 Basic Constraints: 
              CA:FALSE
         X509v3 Subject Key Identifier: 
              62:8E:28:DB:A2:BF:79:75:17:E1:48
              FA:FE:10:61:A2:56:EF:63:74
         X509v3 Authority Key Identifier: 
               keyid:6B:46:17:14:EA:94:76:25:80:54:6E
                     13:54:DA:A1:E3:54:14:A1:B6
         DirName:/C=US/ST=California/L=San Jose/O=sipit/
                 OU=Sipit Test Certificate Authority
         serial:00
  Signature Algorithm: sha1WithRSAEncryption
     57:e2:12:67:d1:ca:d9:1c:8e:38:8f:83:f4:62:c2:9c:54:b1:
     69:7e:32:29:d6:14:67:81:69:c4:11:95:07:af:2c:b0:61:67:
     6a:17:6d:47:ea:ed:cd:43:ab:fb:a5:b8:25:84:44:9b:59:5a:
     b8:9f:12:bb:7a:df:7b:84:ef:f7:3d:1c:3f:35:4b:41:0a:91:
     62:49:1a:e4:92:0f:d5:79:00:01:33:7d:dd:1c:f0:1c:dc:95:
     96:e8:d4:e5:59:d8:64:39:80:ca:08:1d:a4:c4:bd:52:fe:83:
     24:ee:82:b2:3c:53:4d:58:b5:bf:2e:7d:59:a3:df:78:38:0b:
     75:c4

TOC

6 Callflow with Message over TLS

The flow below shows the edited SSLDump output of the host a.example.com forming a TLS connection to b.example.com. In this example mutual authentication is not used. Note that the client proposed three protocol suites including the required TLS_RSA_WITH_AES_128_CBC_SHA. The certificate returned by the server contains a Subject Alternative Name that is set to b.example.com. A detailed discussion of TLS can be found in [9].

New TCP connection #1: a.example.com(5071) <-> b.example.com(5081)
1 1  0.0015 (0.0015)  C>SV3.1(49)  Handshake
      ClientHello
        Version 3.1 
        random[32]=
          3f 1d 41 76 31 6f af f1 42 fa 7b 57 c7 79 49 2b 
          d4 21 9c be e9 8b 85 83 56 4b 36 cb f2 99 ef b2 
        cipher suites
        TLS_RSA_WITH_AES_256_CBC_SHA
        TLS_RSA_WITH_AES_128_CBC_SHA
        TLS_RSA_WITH_3DES_EDE_CBC_SHA
        compression methods
                  NULL
1 2  0.4307 (0.4292)  S>CV3.1(74)  Handshake
      ServerHello
        Version 3.1 
        random[32]=
          3f 1d 41 77 92 f5 55 a3 97 69 cf b5 7a 0a 3c 00 
          bc 0c 59 91 1c 6b 2b 4a 0e 98 40 21 a9 b5 4b 6f 
        session_id[32]=
          10 3c 8c aa 75 d8 62 0b c3 5b ad 24 c1 7f 4f 80 
          25 b7 1c 40 a3 3c e1 85 0d b5 29 d3 15 40 51 d3 
        cipherSuite         TLS_RSA_WITH_AES_256_CBC_SHA
        compressionMethod                   NULL
1 3  0.4307 (0.0000)  S>CV3.1(822)  Handshake
      Certificate
        Subject
          C=US
          ST=California
          L=San Jose
          O=sipit
          CN=b.example.com
        Issuer
          C=US
          ST=California
          L=San Jose
          O=sipit
          OU=Sipit Test Certificate Authority
        Serial         01 
        Extensions
          Extension: X509v3 Subject Alternative Name
          Extension: X509v3 Basic Constraints
          Extension: X509v3 Subject Key Identifier
          Extension: X509v3 Authority Key Identifier
1 4  0.4307 (0.0000)  S>CV3.1(4)  Handshake
      ServerHelloDone
1 5  0.4594 (0.0286)  C>SV3.1(134)  Handshake
      ClientKeyExchange
1 6  0.5498 (0.0903)  C>SV3.1(1)  ChangeCipherSpec
1 7  0.5498 (0.0000)  C>SV3.1(48)  Handshake
1 8  0.5505 (0.0007)  S>CV3.1(1)  ChangeCipherSpec
1 9  0.5505 (0.0000)  S>CV3.1(48)  Handshake

Once the TLS session is set up, the following MESSAGE message is sent from a.example.com to b.example.com. Note that the URI has a SIPS URL and that the VIA indicates that TLS was used.

MESSAGE sips:bob@b.example.com:5081 SIP/2.0
To: <sips:bob@b.example.com:5081>
From: <sip:alice@example.com>;tag=2639484b
Via: SIP/2.0/TLS b.example.com:5071;
     branch=z9hG4bK-c87542-240491824-1-c87542-
Call-ID: 7ba3572175b0f542
CSeq: 1 MESSAGE
Contact: <sips:alice@a.example.com:5071>
Max-Forwards: 70
Content-Type: text/plain
User-Agent: SIPimp.org/0.2.1 (curses)
Content-Length: 2

Hi

The response is sent from b.example.com to a.example.com over the same TLS connections. It is shown below.

SIP/2.0 200 OK
To: <sips:bob@b.example.com:5081>;tag=514db9e7
From: <sip:alice@example.com>;tag=2639484b
Via: SIP/2.0/UDP b.example.com;
     branch=z9hG4bK-c87542-240491824-1-c87542-;received=127.0.0.1
Call-ID: 7ba3572175b0f542
CSeq: 1 MESSAGE
Contact: <sips:bob@b.example.com:5081>
Content-Length: 0

TOC

7 Callflow with TLS with Mutual Authentication

TOC

8 User Certificates

Alice's certificate is shown below. Note that it has a Subject Alternative Name of type email and is set to alice@a.example.com. In this example a.example.com is the domain for Alice, the message could be coming from a host called host1.a.example.com, and the AOR in the user certificate would still be the same.

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1 (0x1)
        Signature Algorithm: sha1WithRSAEncryption
        Issuer: C=US, ST=California, L=San Jose, O=sipit, 
                OU=Sipit Test Certificate Authority
        Validity
            Not Before: Jul 20 14:29:54 2003 GMT
            Not After : Jul 19 14:29:54 2004 GMT
        Subject: C=US, ST=California, L=San Jose, O=sipit, 
                 CN=alice@a.example.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
            RSA Public Key: (1024 bit)
                Modulus (1024 bit):
                    00:f0:9f:91:9a:6d:6f:81:b9:9d:67:db:5f:be:95:
                    3a:29:8a:cc:73:dd:b9:7a:33:c8:f9:52:dd:99:13:
                    04:2b:f1:9b:c2:f5:93:72:7a:9b:e1:97:fc:c2:d2:
                    96:d0:76:db:b5:0e:47:b1:59:74:59:5b:b0:73:ad:
                    c8:64:bd:59:1c:67:1a:82:2f:c2:cf:53:87:d3:2b:
                    5a:dc:e6:3c:8c:27:a0:ab:6e:7f:4d:86:dd:2b:9b:
                    e3:69:3b:f0:aa:1b:ad:f2:ab:1e:44:46:b2:8a:ab:
                    85:2c:81:13:03:98:06:65:57:0c:ff:c3:4f:02:cb:
                    ed:79:e5:81:19:c7:02:e2:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Alternative Name: 
                email:alice@a.example.com
            X509v3 Basic Constraints: 
                CA:FALSE
            X509v3 Subject Key Identifier: 
  DE:0C:46:FC:B7:4C:CE:6B:73:99:22:C2:3D:A9:DE:53:EC:BF:69:66
            X509v3 Authority Key Identifier: 
  keyid:6B:46:17:14:EA:94:76:25:80:54:6E:13:54:DA:A1:E3:54:14:A1:B6
                DirName:/C=US/ST=California/L=San Jose/O=sipit/
                        OU=Sipit Test Certificate Authority
                serial:00
    Signature Algorithm: sha1WithRSAEncryption
        95:2c:fb:26:83:35:4a:3c:da:20:be:74:1a:1f:80:7f:27:61:
        dc:27:f1:a9:7b:2e:a7:24:31:1f:f7:c9:77:cd:0f:bf:02:9b:
        8d:d5:35:42:6d:90:60:30:4c:6b:f4:7f:11:4d:a0:3f:1e:9c:
        d2:2b:e0:4b:4f:fc:fa:37:43:68:e2:d8:32:29:bd:6e:22:e6:
        ef:0e:97:b0:d9:92:49:ae:46:95:38:ab:a5:11:de:fa:dc:1b:
        ae:30:6b:48:2c:a3:c5:26:71:a6:23:58:a2:d2:57:4a:b1:ae:
        d8:45:c6:9a:71:8b:01:e9:ac:95:5e:9a:2c:67:ae:c3:5d:2b:
        7c:9d

Alice's private key is shown below.

    0: 604 cons: SEQUENCE          
    4:   1 prim:  INTEGER           :00
    7: 129 prim:  INTEGER           :
F09F919A6D6F81B99D67DB5FBE953A298ACC73DDB97A33C8F952DD9913042BF19B
C2F593727A9BE197FCC2D296D076DBB50E47B15974595BB073ADC864BD591C671A
822FC2CF5387D32B5ADCE63C8C27A0AB6E7F4D86DD2B9BE3693BF0AA1BADF2AB1E
4446B28AAB852C811303980665570CFFC34F02CBED79E58119C702E21B
  139:   3 prim:  INTEGER           :010001
  144: 128 prim:  INTEGER           :
4764C0F9D5E090D7F6E91AC0E4B638249D471E55BA3394EBDB7607C3E44D87904F
4BE03B586B229723D65E23C795A0BE7D90F81A99D518B248BF79DF8C6C55E4B135
6249D82F9B18C37525FA05D3562399E4912BC902FA92CF12D7AE653C3C0D851A4B
B3DF35E8722006460FC076E02D012D3CF233D1934100FEC7EAC72DE989
  275:  65 prim:  INTEGER           :
FA5A76D62011E3A219B4D89CF2A392FF57A55BC4E1092EC67030E31ABEDC591485
C284250BC0195C33A92920B340B2636EBB880C3DC6E2748A6045A07FCC2E97
  342:  65 prim:  INTEGER           :
F60CEC61DB985C1AE0F927E831AADA2E1DF889D135E91A49B662B8094CF140075A
9C782DF6A28F538D2C51CC4910CB02B159894FB597D17A3FB69DDD37099D1D
  409:  64 prim:  INTEGER           :
53E735A495A2E9334E823986801B2A0CC186FDB681E4DDF44B6D56EF83BFBD6B0F
591D887CE3A89C2A042B707622DCA64E5A33424701FCAB2A2511B0B4A3ED89
  475:  65 prim:  INTEGER           :
CBD8F91E39E888A65C2D103AF6AB2E07771D2A5101F115AE6C446D64873278719F
4872E8E1A4DC49C4742B70AC3815792DA598754965764F69E9C9F03460EAA1
  542:  64 prim:  INTEGER           :
021CFC8DEC23F4B82BE937CD45B819AE8C5777BFF14C74F719FFBBF3EB567A563A
9B2256EC3563E764B269DC34BFEC772BE443484D974B8FF07C52D9BF95DC24

Bob's certificate is shown below. Bob is in the domain b.example.com.

    Data:
        Version: 3 (0x2)
        Serial Number: 1 (0x1)
        Signature Algorithm: sha1WithRSAEncryption
        Issuer: C=US, ST=California, L=San Jose, O=sipit, 
                OU=Sipit Test Certificate Authority
        Validity
            Not Before: Jul 20 14:30:06 2003 GMT
            Not After : Jul 19 14:30:06 2004 GMT
        Subject: C=US, ST=California, L=San Jose, O=sipit, 
                 CN=bob@b.example.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
            RSA Public Key: (1024 bit)
                Modulus (1024 bit):
                    00:b0:ef:02:43:fd:59:28:0b:d3:59:ff:e6:66:3a:
                    a7:30:b0:e5:11:54:c0:d7:e9:8a:51:a7:2b:30:94:
                    98:ef:bb:f9:8a:95:a6:ca:5e:e3:7a:af:a2:2a:f9:
                    b4:5e:b0:8a:e1:ab:0d:c4:67:9b:2f:10:b1:c8:71:
                    28:0b:0d:36:75:46:30:f9:17:39:d0:c8:e2:14:ac:
                    ec:bb:ba:3d:d1:a7:50:13:83:3e:d3:75:67:87:ef:
                    36:a5:5d:b3:23:71:29:15:94:e8:50:3c:f8:7b:a7:
                    0c:ce:f0:be:92:6b:d8:03:c3:e6:fb:25:78:ea:5c:
                    18:76:36:06:ba:2e:78:cf:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Alternative Name: 
                email:bob@b.example.com
            X509v3 Basic Constraints: 
                CA:FALSE
            X509v3 Subject Key Identifier: 
  B5:B2:6C:07:9B:79:19:9B:64:FB:9F:37:F7:7A:60:BC:1D:40:25:DA
            X509v3 Authority Key Identifier: 
  keyid:6B:46:17:14:EA:94:76:25:80:54:6E:13:54:DA:A1:E3:54:14:A1:B6
                DirName:/C=US/ST=California/L=San Jose/O=sipit/
                        OU=Sipit Test Certificate Authority
                serial:00
    Signature Algorithm: sha1WithRSAEncryption
        9c:99:39:e7:19:59:96:06:46:74:b5:b7:98:1a:cc:f5:a3:e6:
        55:6c:3c:e9:b0:7a:a3:0a:1a:ea:32:c9:51:e5:da:7e:ac:24:
        1b:cb:b4:7d:ae:b5:70:ba:26:0f:34:81:d6:7d:e5:c6:76:11:
        44:7f:26:90:ff:0a:9f:6a:8e:d2:f8:34:7b:7d:21:66:53:9d:
        1b:1c:74:d5:72:95:8d:76:fe:68:88:f2:c4:79:d2:df:d0:7a:
        4e:6c:e7:2d:f0:1f:7e:03:7a:14:21:56:6c:f0:cb:04:c8:c2:
        63:0d:24:52:1f:e4:b8:aa:21:65:0f:75:e3:76:9b:35:48:0f:
        b4:ab

Bob's private key is shown below.

    0: 605 cons: SEQUENCE          
    4:   1 prim:  INTEGER           :00
    7: 129 prim:  INTEGER           :
B0EF0243FD59280BD359FFE6663AA730B0E51154C0D7E98A51A72B309498EFBBF9
8A95A6CA5EE37AAFA22AF9B45EB08AE1AB0DC4679B2F10B1C871280B0D36754630
F91739D0C8E214ACECBBBA3DD1A75013833ED3756787EF36A55DB32371291594E8
503CF87BA70CCEF0BE926BD803C3E6FB2578EA5C18763606BA2E78CF3D
  139:   3 prim:  INTEGER           :010001
  144: 128 prim:  INTEGER           :
06B0A2D74B4709BA98BD386DCFC3BBFA9D55ABF8166A938C05565ACDB570AAEFE2
9998DAFB9FE6DE06B20D09F005FC8AE3C981F5C12D1EF474A46D92E40815DCFD36
860631EF92CB2F30AB746A0CF80428CC544C51A04F08AF1773E53F88FC4031DF32
68B82476A1875DBB9212AAA6373AF6600F37053B3417E957D7D9633D49
  275:  65 prim:  INTEGER           :
DB1765DB11C76D7CC0A50E60CFA66025EC971C0F6D797D2166B7578F8DC1401E87
B3D448135B2FB74ABD3EEDB41B0EE538D587A88D08D018C2971C298F88971F
  342:  65 prim:  INTEGER           :
CEBD8090AAD98D86986FBB1E38C1CB0FAA1951D625A9333BF4F52E53AE2405878B
AB54179A1964F02BEF17B2E25F922BDA097E7B282ADF8AD8DEC962012D1A23
  409:  64 prim:  INTEGER           :
3EF3CF298E473E577D4730057344FC158990B5D85CFD6E8DFD64AAFD2D9F1C9C69
23ABD875EF5A9B91172590C99288CA26757C805ADDF0655CEC6C8428A0F7C3
  475:  65 prim:  INTEGER           :
9D23529623162AC9341230C29ED745D5C92F6791829CA1B19FD5BFF9A0B20675E9
46372B9D5851ED6F2752F707B326B2280EF15100CDDD8D769B97ABE342F9CB
  542:  65 prim:  INTEGER           :
84D65C4EBCC1B95AA42AA2AD2ECDDC58809316CC4793A889C24828E04F386B1277
8DA68B57E7891E6780D5FD1A028B207D7C7D9AE40CDD9F9059BDEB2EF098BF

TOC

9 Callflow with Signed Message

Example Signed Message. The value on the Content-Type line has been broken across lines to fit on the page but it should not be.

MESSAGE sip:bob@b.example.com SIP/2.0
To: <sip:bob@b.example.com>
From: <sip:alice@a.example.com>;tag=1b2f5769
Via: SIP/2.0/UDP 
     127.0.0.1:5070;branch=z9hG4bK-c87542-730075406-1--c87542-;rport
Call-ID: 22b4f26d6be23a0e
CSeq: 1 MESSAGE
Contact: <sip:alice@a.example.com:5070>
Max-Forwards: 70
Content-Type: multipart/signed;boundary=65b6563f5e8ef632;\
              micalg=sha1;protocol=application/pkcs7-signature
User-Agent: SIPimp.org/0.2.2 (curses)
Content-Length: 1653

--65b6563f5e8ef632
Content-Type: text/plain
Content-Transfer-Encoding: binary

Hi
--65b6563f5e8ef632
Content-Type: application/pkcs7-signature;name=smime.p7s
Content-Disposition: attachment;handling=required;filename=smime.p7s
Content-Transfer-Encoding: binary

*******************
* BINARY BLOB 1   *
*******************
--65b6563f5e8ef632--

It is important to note that the data the signature is computed across includes the header and is:

Content-Type: text/plain
Content-Transfer-Encoding: binary

Hi

The response follows. The Via line has been split across lines for formatting but it should not be.

SIP/2.0 200 OK
To: <sip:bob@b.example.com>;tag=6b167ed8
From: <sip:alice@a.example.com>;tag=1b2f5769
Via: SIP/2.0/UDP 
     127.0.0.1:5070;branch=z9hG4bK-c87542-730075406-1--c87542-;\
     rport=5070;received=127.0.0.1
Call-ID: 22b4f26d6be23a0e
CSeq: 1 MESSAGE
Contact: <sip:bob@b.example.com:5060>
Content-Length: 0

ASN.1 parse of binary blob 1. Note that at address 30, the hash for the signature is specified as sha1.

    0: SEQUENCE          
    4:  OBJECT            :pkcs7-signedData
   15:  cont [ 0 ]        
   19:   SEQUENCE          
   23:    INTEGER           :01
   26:    SET               
   28:     SEQUENCE          
   30:      OBJECT            :sha1
   37:      NULL              
   39:    SEQUENCE          
   41:     OBJECT            :pkcs7-data
   52:    cont [ 0 ]        
   56:     SEQUENCE          
   60:      SEQUENCE          
   64:       cont [ 0 ]        
   66:        INTEGER           :02
   69:       INTEGER           :55018102490073
   78:       SEQUENCE          
   80:        OBJECT            :sha1WithRSAEncryption
   91:        NULL              
   93:       SEQUENCE          
   95:        SET               
   97:         SEQUENCE          
   99:          OBJECT            :countryName
  104:          PRINTABLESTRING   :US
  108:        SET               
  110:         SEQUENCE          
  112:          OBJECT            :stateOrProvinceName
  117:          PRINTABLESTRING   :California
  129:        SET               
  131:         SEQUENCE          
  133:          OBJECT            :localityName
  138:          PRINTABLESTRING   :San Jose
  148:        SET               
  150:         SEQUENCE          
  152:          OBJECT            :organizationName
  157:          PRINTABLESTRING   :sipit
  164:        SET               
  166:         SEQUENCE          
  168:          OBJECT            :organizationalUnitName
  173:          PRINTABLESTRING   :Sipit Test Certificate Authority
  207:       SEQUENCE          
  209:        UTCTIME           :031014202459Z
  224:        UTCTIME           :061013202459Z
  239:       SEQUENCE          
  241:        SET               
  243:         SEQUENCE          
  245:          OBJECT            :countryName
  250:          PRINTABLESTRING   :US
  254:        SET               
  256:         SEQUENCE          
  258:          OBJECT            :stateOrProvinceName
  263:          PRINTABLESTRING   :California
  275:        SET               
  277:         SEQUENCE          
  279:          OBJECT            :localityName
  284:          PRINTABLESTRING   :San Jose
  294:        SET               
  296:         SEQUENCE          
  298:          OBJECT            :organizationName
  303:          PRINTABLESTRING   :sipit
  310:        SET               
  312:         SEQUENCE          
  314:          OBJECT            :commonName
  319:          T61STRING         :alice@a.example.com
  340:       SEQUENCE          
  343:        SEQUENCE          
  345:         OBJECT            :rsaEncryption
  356:         NULL              
  358:        BIT STRING        
  502:       cont [ 3 ]        
  505:        SEQUENCE          
  508:         SEQUENCE          
  510:          OBJECT            :X509v3 Subject Alternative Name
  515:          OCTET STRING      
  540:         SEQUENCE          
  542:          OBJECT            :X509v3 Basic Constraints
  547:          OCTET STRING      
  551:         SEQUENCE          
  553:          OBJECT            :X509v3 Subject Key Identifier
  558:          OCTET STRING      
  582:         SEQUENCE          
  585:          OBJECT            :X509v3 Authority Key Identifier
  590:          OCTET STRING      
  739:      SEQUENCE          
  741:       OBJECT            :sha1WithRSAEncryption
  752:       NULL              
  754:      BIT STRING        
  886:    SET               
  890:     SEQUENCE          
  894:      INTEGER           :01
  897:      SEQUENCE          
  899:       SEQUENCE          
  901:        SET               
  903:         SEQUENCE          
  905:          OBJECT            :countryName
  910:          PRINTABLESTRING   :US
  914:        SET               
  916:         SEQUENCE          
  918:          OBJECT            :stateOrProvinceName
  923:          PRINTABLESTRING   :California
  935:        SET               
  937:         SEQUENCE          
  939:          OBJECT            :localityName
  944:          PRINTABLESTRING   :San Jose
  954:        SET               
  956:         SEQUENCE          
  958:          OBJECT            :organizationName
  963:          PRINTABLESTRING   :sipit
  970:        SET               
  972:         SEQUENCE          
  974:          OBJECT            :organizationalUnitName
  979:          PRINTABLESTRING   :Sipit Test Certificate Authority
 1013:       INTEGER           :55018102490073
 1022:      SEQUENCE          
 1024:       OBJECT            :sha1
 1031:       NULL              
 1033:      cont [ 0 ]        
 1036:       SEQUENCE          
 1038:        OBJECT            :contentType
 1049:        SET               
 1051:         OBJECT            :pkcs7-data
 1062:       SEQUENCE          
 1064:        OBJECT            :signingTime
 1075:        SET               
 1077:         UTCTIME           :031015000907Z
 1092:       SEQUENCE          
 1094:        OBJECT            :messageDigest
 1105:        SET               
 1107:         OCTET STRING      
 1129:       SEQUENCE          
 1131:        OBJECT            :S/MIME Capabilities
 1142:        SET               
 1144:         SEQUENCE          
 1146:          SEQUENCE          
 1148:           OBJECT            :des-ede3-cbc
 1158:          SEQUENCE          
 1160:           OBJECT            :rc2-cbc
 1170:           INTEGER           :80
 1174:          SEQUENCE          
 1176:           OBJECT            :rc2-cbc
 1186:           INTEGER           :40
 1189:          SEQUENCE          
 1191:           OBJECT            :des-cbc
 1198:          SEQUENCE          
 1200:           OBJECT            :rc2-cbc
 1210:           INTEGER           :28
 1213:      SEQUENCE          
 1215:       OBJECT            :rsaEncryption
 1226:       NULL              
 1228:      OCTET STRING

TOC

10 Callflow with Encrypted Message

Example encrypted message:

MESSAGE sip:bob@b.example.com SIP/2.0
To: <sip:bob@b.example.com>
From: <sip:alice@a.example.com>;tag=4bba1f0d
Via: SIP/2.0/UDP 
     127.0.0.1:5070;branch=z9hG4bK-c87542-558422834-1--c87542-;rport
Call-ID: 132bb895019d4536
CSeq: 1 MESSAGE
Contact: <sip:alice@a.example.com:5070>
Max-Forwards: 70
Content-Disposition: attachment;handling=required;filename=smime.p7
Content-Type: 
    application/pkcs7-mime;smime-type=enveloped-data;name=smime.p7m
User-Agent: SIPimp.org/0.2.2 (curses)
Content-Length: 385

*****************
* BINARY BLOB 2 *
*****************

The Response. The Via is split across lines for formatting but is not split in the real message.

SIP/2.0 200 OK
To: <sip:bob@b.example.com>;tag=330805f5
From: <sip:alice@a.example.com>;tag=4bba1f0d
Via: SIP/2.0/UDP 
     127.0.0.1:5070;branch=z9hG4bK-c87542-558422834-1--c87542-;\
     rport=5070;received=127.0.0.1
Call-ID: 132bb895019d4536
CSeq: 1 MESSAGE
Contact: <sip:bob@b.example.com:5060>
Content-Length: 0

ASN.1 parse of Binary Blob 2. Note that at address 323, the encryption is set to des-ebe3-cbc.

    0: SEQUENCE          
    4:  OBJECT            :pkcs7-envelopedData
   15:  cont [ 0 ]        
   19:   SEQUENCE          
   23:    INTEGER           :00
   26:    SET               
   30:     SEQUENCE          
   34:      INTEGER           :00
   37:      SEQUENCE          
   39:       SEQUENCE          
   41:        SET               
   43:         SEQUENCE          
   45:          OBJECT            :countryName
   50:          PRINTABLESTRING   :US
   54:        SET               
   56:         SEQUENCE          
   58:          OBJECT            :stateOrProvinceName
   63:          PRINTABLESTRING   :California
   75:        SET               
   77:         SEQUENCE          
   79:          OBJECT            :localityName
   84:          PRINTABLESTRING   :San Jose
   94:        SET               
   96:         SEQUENCE          
   98:          OBJECT            :organizationName
  103:          PRINTABLESTRING   :sipit
  110:        SET               
  112:         SEQUENCE          
  114:          OBJECT            :organizationalUnitName
  119:          PRINTABLESTRING   :Sipit Test Certificate Authority
  153:       INTEGER           :55018102490072
  162:      SEQUENCE          
  164:       OBJECT            :rsaEncryption
  175:       NULL              
  177:      OCTET STRING      
  308:    SEQUENCE          
  310:     OBJECT            :pkcs7-data
  321:     SEQUENCE          
  323:      OBJECT            :des-ede3-cbc
  333:      OCTET STRING      
  343:     cont [ 0 ]

TOC

11 Callflow with Signed and Encrypted Message

Example Signed and Encrypted Message

In the example below, one of the headers is contained in a box and is split across two lines. This was only done to make it fit in the RFC format. This header should not have the box around it and should be on one line with no whitespace between the "mime;" and the "smime-type". Note that Content-Type is split across lines for formatting but is not in the real message.

MESSAGE sip:bob@b.example.com SIP/2.0
To: <sip:bob@b.example.com>
From: <sip:alice@a.example.com>;tag=1d8673a3
Via: SIP/2.0/UDP 
     127.0.0.1:5070;branch=z9hG4bK-c87542-488884104-1--c87542-;rport
Call-ID: 450c8b112715a732
CSeq: 1 MESSAGE
Contact: <sip:alice@a.example.com:5070>
Max-Forwards: 70
Content-Type: multipart/signed;boundary=75b3d73b4e24d3f6;\
              micalg=sha1;protocol=application/pkcs7-signature
User-Agent: SIPimp.org/0.2.2 (curses)
Content-Length: 2158

--75b3d73b4e24d3f6
|---See note about stuff in this box---------------------|
|Content-Type: application/pkcs7-mime;                   |
|              smime-type=enveloped-data;name=smime.p7m  |
|--------------------------------------------------------|
Content-Disposition: attachment;handling=required;filename=smime.p7
Content-Transfer-Encoding: binary

*****************
* BINARY BLOB 3 * 
*****************
--75b3d73b4e24d3f6
Content-Type: application/pkcs7-signature;name=smime.p7s
Content-Disposition: attachment;handling=required;filename=smime.p7s
Content-Transfer-Encoding: binary

*****************
* BINARY BLOB 4 *
*****************
--75b3d73b4e24d3f6--

Response back. Note that the Via is split across lines for formatting.

SIP/2.0 200 OK
To: <sip:bob@b.example.com>;tag=40d7131b
From: <sip:alice@a.example.com>;tag=1d8673a3
Via: SIP/2.0/UDP 
     127.0.0.1:5070;branch=z9hG4bK-c87542-488884104-1--c87542-;\
     rport=5070;received=127.0.0.1
Call-ID: 450c8b112715a732
CSeq: 1 MESSAGE
Contact: <sip:bob@b.example.com:5060>
Content-Length: 0

Binary blob 3

    0: SEQUENCE          
    4:  OBJECT            :pkcs7-envelopedData
   15:  cont [ 0 ]        
   19:   SEQUENCE          
   23:    INTEGER           :00
   26:    SET               
   30:     SEQUENCE          
   34:      INTEGER           :00
   37:      SEQUENCE          
   39:       SEQUENCE          
   41:        SET               
   43:         SEQUENCE          
   45:          OBJECT            :countryName
   50:          PRINTABLESTRING   :US
   54:        SET               
   56:         SEQUENCE          
   58:          OBJECT            :stateOrProvinceName
   63:          PRINTABLESTRING   :California
   75:        SET               
   77:         SEQUENCE          
   79:          OBJECT            :localityName
   84:          PRINTABLESTRING   :San Jose
   94:        SET               
   96:         SEQUENCE          
   98:          OBJECT            :organizationName
  103:          PRINTABLESTRING   :sipit
  110:        SET               
  112:         SEQUENCE          
  114:          OBJECT            :organizationalUnitName
  119:          PRINTABLESTRING   :Sipit Test Certificate Authority
  153:       INTEGER           :55018102490072
  162:      SEQUENCE          
  164:       OBJECT            :rsaEncryption
  175:       NULL              
  177:      OCTET STRING      
  308:    SEQUENCE          
  310:     OBJECT            :pkcs7-data
  321:     SEQUENCE          
  323:      OBJECT            :des-ede3-cbc
  333:      OCTET STRING      
  343:     cont [ 0 ]

Binary Blob 4

    0: SEQUENCE          
    4:  OBJECT            :pkcs7-signedData
   15:  cont [ 0 ]        
   19:   SEQUENCE          
   23:    INTEGER           :01
   26:    SET               
   28:     SEQUENCE          
   30:      OBJECT            :sha1
   37:      NULL              
   39:    SEQUENCE          
   41:     OBJECT            :pkcs7-data
   52:    cont [ 0 ]        
   56:     SEQUENCE          
   60:      SEQUENCE          
   64:       cont [ 0 ]        
   66:        INTEGER           :02
   69:       INTEGER           :55018102490073
   78:       SEQUENCE          
   80:        OBJECT            :sha1WithRSAEncryption
   91:        NULL              
   93:       SEQUENCE          
   95:        SET               
   97:         SEQUENCE          
   99:          OBJECT            :countryName
  104:          PRINTABLESTRING   :US
  108:        SET               
  110:         SEQUENCE          
  112:          OBJECT            :stateOrProvinceName
  117:          PRINTABLESTRING   :California
  129:        SET               
  131:         SEQUENCE          
  133:          OBJECT            :localityName
  138:          PRINTABLESTRING   :San Jose
  148:        SET               
  150:         SEQUENCE          
  152:          OBJECT            :organizationName
  157:          PRINTABLESTRING   :sipit
  164:        SET               
  166:         SEQUENCE          
  168:          OBJECT            :organizationalUnitName
  173:          PRINTABLESTRING   :Sipit Test Certificate Authority
  207:       SEQUENCE          
  209:        UTCTIME           :031014202459Z
  224:        UTCTIME           :061013202459Z
  239:       SEQUENCE          
  241:        SET               
  243:         SEQUENCE          
  245:          OBJECT            :countryName
  250:          PRINTABLESTRING   :US
  254:        SET               
  256:         SEQUENCE          
  258:          OBJECT            :stateOrProvinceName
  263:          PRINTABLESTRING   :California
  275:        SET               
  277:         SEQUENCE          
  279:          OBJECT            :localityName
  284:          PRINTABLESTRING   :San Jose
  294:        SET               
  296:         SEQUENCE          
  298:          OBJECT            :organizationName
  303:          PRINTABLESTRING   :sipit
  310:        SET               
  312:         SEQUENCE          
  314:          OBJECT            :commonName
  319:          T61STRING         :alice@a.example.com
  340:       SEQUENCE          
  343:        SEQUENCE          
  345:         OBJECT            :rsaEncryption
  356:         NULL              
  358:        BIT STRING        
  502:       cont [ 3 ]        
  505:        SEQUENCE          
  508:         SEQUENCE          
  510:          OBJECT            :X509v3 Subject Alternative Name
  515:          OCTET STRING      
  540:         SEQUENCE          
  542:          OBJECT            :X509v3 Basic Constraints
  547:          OCTET STRING      
  551:         SEQUENCE          
  553:          OBJECT            :X509v3 Subject Key Identifier
  558:          OCTET STRING      
  582:         SEQUENCE          
  585:          OBJECT            :X509v3 Authority Key Identifier
  590:          OCTET STRING      
  739:      SEQUENCE          
  741:       OBJECT            :sha1WithRSAEncryption
  752:       NULL              
  754:      BIT STRING        
  886:    SET               
  890:     SEQUENCE          
  894:      INTEGER           :01
  897:      SEQUENCE          
  899:       SEQUENCE          
  901:        SET               
  903:         SEQUENCE          
  905:          OBJECT            :countryName
  910:          PRINTABLESTRING   :US
  914:        SET               
  916:         SEQUENCE          
  918:          OBJECT            :stateOrProvinceName
  923:          PRINTABLESTRING   :California
  935:        SET               
  937:         SEQUENCE          
  939:          OBJECT            :localityName
  944:          PRINTABLESTRING   :San Jose
  954:        SET               
  956:         SEQUENCE          
  958:          OBJECT            :organizationName
  963:          PRINTABLESTRING   :sipit
  970:        SET               
  972:         SEQUENCE          
  974:          OBJECT            :organizationalUnitName
  979:          PRINTABLESTRING   :Sipit Test Certificate Authority
 1013:       INTEGER           :55018102490073
 1022:      SEQUENCE          
 1024:       OBJECT            :sha1
 1031:       NULL              
 1033:      cont [ 0 ]        
 1036:       SEQUENCE          
 1038:        OBJECT            :contentType
 1049:        SET               
 1051:         OBJECT            :pkcs7-data
 1062:       SEQUENCE          
 1064:        OBJECT            :signingTime
 1075:        SET               
 1077:         UTCTIME           :031015000922Z
 1092:       SEQUENCE          
 1094:        OBJECT            :messageDigest
 1105:        SET               
 1107:         OCTET STRING      
 1129:       SEQUENCE          
 1131:        OBJECT            :S/MIME Capabilities
 1142:        SET               
 1144:         SEQUENCE          
 1146:          SEQUENCE          
 1148:           OBJECT            :des-ede3-cbc
 1158:          SEQUENCE          
 1160:           OBJECT            :rc2-cbc
 1170:           INTEGER           :80
 1174:          SEQUENCE          
 1176:           OBJECT            :rc2-cbc
 1186:           INTEGER           :40
 1189:          SEQUENCE          
 1191:           OBJECT            :des-cbc
 1198:          SEQUENCE          
 1200:           OBJECT            :rc2-cbc
 1210:           INTEGER           :28
 1213:      SEQUENCE          
 1215:       OBJECT            :rsaEncryption
 1226:       NULL              
 1228:      OCTET STRING

TOC

12 Callflow with SRTP keying material in the SDP

Still TODO.

TOC

13 Callflow with secure REFER

Still TODO.

TOC

14 Test Notes

This section describes some common interoperability problems. Implementors should verify their clients do the correct things and perhaps make their clients forgiving in what they receive, or at least produce reasonable error messages with other software that does have these problems.

A common problem in interoperability is that some SIP clients do not support TLS and only do SSLv3. Check that the client does use TLS.

Many SIP clients were found to accept expired certificates with no warning or error.

TLS and S/MIME can provide the identity of the peer that a client is communicating with in the Subject Alternative Name in the certificate. The software must check that this name corresponds to the identity the server is trying to contact. If a client is trying to set up a TLS connection to good.example.com and it gets a TLS connection set up with a server that presents a valid certificate but with the name evil.example.com, it must generate an error or warning of some type. Similarly with S/MIME, if a user is trying to communicate with bob@b.example.com, the Subject Alternate Name field in the certificate must match the AOR for bob.

Some implementations used binary MIME encodings while others used base64. There is no reason not to use binary - check that your implementation sends binary and preferably receives both.

TOC

15 Making Test Certificates

These scripts allow you to make certificates for test purposes. The certificates will all share a common CA root so that everyone running these scripts can have interoperable certificates. WARNING - these certificates are totally insecure and are for test purposes only. All the CA created by this script share the same private key to facilitate interoperability testing, but this totally breaks the security since the private key of the CA is well known.

The instructions assume a Unix-like environment with openssl installed, but openssl does work in Windows too. Make sure you have openssl installed by trying to run "openssl". Run the makeCA script found in section 16; this creates a subdirectory called demoCA. If the makeCA script cannot find where your openssl is installed you will have to set an environment variable called OPENSSLDIR to whatever directory contains the file openssl.cnf. You can find this with a "locate openssl.cnf". You are not ready to make certificates.

To create certs for use with TLS, run the makeCert script found in section 17 with the fully qualified domain name of the proxy you are making the certificate for. For example, "makeCert host.example.net". This will generate a private key and a certificate. The private key will be left in a file named host.example.net_key.pem in pem format. The certificate will be in host.example.net_cert.pem. Some programs expect both the certificate and private key combined together in a PKCS12 format file. This is created by the script and left in a file named host.example.net.p12. Some programs expect this file to have a .pfx extension instead of .p12 - just rename the file if needed.

A second argument indicating the number of days for which the certificate should be valid can be passed to the makeCert script. It is possible to make an expired certificate using the command "makeCert host.example.net 0".

Anywhere that a password is used to protect a certificate, the password is set to the string "password".

The root certificate for the CA is in the file demoCA/cacert.pem and a PKCS#7 version of it is in demoCA/cacert.p7c.

For things that need DER format certificates, a certificate can be converted from PEM to DER with "openssl x509 -in cert.pem -inform PEM -out cert.der -outform DER".

Some programs expect certificates in PKCS#7 format (with a file extension of .p7c). You can convert these from PEM format with to PKCS#7 with "openssl crl2pkcs7 -nocrl -certfile cert.pem -certfile demoCA/cacert.pem -outform DER -out cert.p7c"

IE, Outlook, and Netscape can import and export .p12 files and .p7c files. You can convert a pkcs7 certificate to PEM format with "openssl pkcs7 -in cert.p7c -inform DER -outform PEM -out cert.pem".

The private key can be converted to pkcs8 format with "openssl pkcs8 -in a_key.pem -topk8 -outform DER -out a_key.p8c"

In general, a TLS client will just need the root certificate of the CA. A TLS server will need its private key and its certificate. These could be in two PEM files or one .p12 file. An S/MIME program will need its private key and certificate, the root certificate of the CA, and the certificate for every other user it communicates with.

When validating a chain of certificates, make sure that the basic constraints on any non leaf node allow the certificate to be used for a CA. For example, if the domain example.com issues a certificate for alice@example.com, Alice should not be able to use this to sign a certificate for bob@example.com.

TOC

16 makeCA script

Appendix B - makeCA script

#!/bin/sh
#set -x

rm -rf demoCA

mkdir demoCA 
mkdir demoCA/certs 
mkdir demoCA/crl 
mkdir demoCA/newcerts
mkdir demoCA/private
#echo "01" > demoCA/serial
hexdump -n 4 -e '4/1 "%04d"' /dev/random > demoCA/serial
touch demoCA/index.txt
	    
# You may need to modify this for where your default file is
# you can find where yours in by typing "openssl ca"
CONF=${OPENSSLDIR:=/usr/local/ssl}/openssl.cnf
if [ ! -f $CONF  ]; then
    echo "Can not find file $CONF - set your OPENSSLDIR variable"
fi 
cp $CONF openssl.cnf

cat >> openssl.cnf  <<EOF
[ cj_cert ]
subjectAltName=\${ENV::ALTNAME}
basicConstraints=CA:FALSE
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid,issuer:always
EOF

cat > demoCA/private/cakey.pem <<EOF
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,4B47A0A73ADE342E

aHmlPa+ZrOV6v+Jk0SClxzpxoG3j0ZuyoVkF9rzq2bZkzVBKLU6xhWwjMDqwA8dH
3fCRLhMGIUVnmymXYhTW9svI1gpFxMBQHJcKpV/SmgFn/fbYk98Smo2izHOniIiu
NOu2zr+bMiaBphOAZ/OCtVUxUOoBDKN9lR39UCDOgkEQzp9Vbw7l736yu5H9GMHP
JtGLJyx3RhS3TvLfLAJZhjm/wZ/9QM8GjyJEiDhMQRJVeIZGvv4Yr1u6yYHiHfjX
tX2eds8Luc83HbSvjAyjnkLtJsAZ/8cFzrd7pjFzbogLdWuil+kpkkf5h1uzh7oa
um0M1EXBE4tcDHsfg1iqEsDMIei/U+/rWfk1PrzYlklwZp8S03vulkDm1fT76W7d
mRBg4+CrHA6qYn6EPWB37OBtfEqAfINnIcI1dWzso9A0bTPD4EJO0JA0PcZ/2JgT
PaKySgooHQ8AHNQebelch6M5LFExpaOADJKrqauKcc2HeUxXaYIpac5/7drIl3io
UloqUnMlGa3eLP7BZIMsZKCfHZ8oqwU4g6mmmJath2gODRDx3mfhH6yaimDL7v4i
SAIIkrEHXfSyovrTJymfSfQtYxUraVZDqax6oj/eGllRxliGfMLYG9ceU+yU/8FN
LE7P+Cs19H5tHHzx1LlieaK43u/XvbXHlB5mqL/fZdkUIBJsjbBVx0HR8eQl2CH9
YJDMOPLADecwHoyKA0AY59oN9d41oF7yZtN9KwNdslROYH7mNJlqMMenhXCLN+Nz
vVU5/7/ugZFhZqfS46c1WdmSvuqpDp7TBtMeaH/PXjysBr0iZffOxQ==
-----END RSA PRIVATE KEY-----
EOF

cat > demoCA/cacert.pem <<EOF
-----BEGIN CERTIFICATE-----
MIIDJDCCAo2gAwIBAgIBADANBgkqhkiG9w0BAQUFADBwMQswCQYDVQQGEwJVUzET
MBEGA1UECBMKQ2FsaWZvcm5pYTERMA8GA1UEBxMIU2FuIEpvc2UxDjAMBgNVBAoT
BXNpcGl0MSkwJwYDVQQLEyBTaXBpdCBUZXN0IENlcnRpZmljYXRlIEF1dGhvcml0
eTAeFw0wMzA3MTgxMjIxNTJaFw0xMzA3MTUxMjIxNTJaMHAxCzAJBgNVBAYTAlVT
MRMwEQYDVQQIEwpDYWxpZm9ybmlhMREwDwYDVQQHEwhTYW4gSm9zZTEOMAwGA1UE
ChMFc2lwaXQxKTAnBgNVBAsTIFNpcGl0IFRlc3QgQ2VydGlmaWNhdGUgQXV0aG9y
aXR5MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDDIh6DkcUDLDyK9BEUxkud
+nJ4xrCVGKfgjHm6XaSuHiEtnfELHM+9WymzkBNzZpJu30yzsxwfKoIKugdNUrD4
N3viCicwcN35LgP/KnbN34cavXHr4ZlqxH+OdKB3hQTpQa38A7YXdaoz6goW2ft5
Mi74z03GNKP/G9BoKOGd5QIDAQABo4HNMIHKMB0GA1UdDgQWBBRrRhcU6pR2JYBU
bhNU2qHjVBShtjCBmgYDVR0jBIGSMIGPgBRrRhcU6pR2JYBUbhNU2qHjVBShtqF0
pHIwcDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExETAPBgNVBAcT
CFNhbiBKb3NlMQ4wDAYDVQQKEwVzaXBpdDEpMCcGA1UECxMgU2lwaXQgVGVzdCBD
ZXJ0aWZpY2F0ZSBBdXRob3JpdHmCAQAwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0B
AQUFAAOBgQCWbRvv1ZGTRXxbH8/EqkdSCzSoUPrs+rQqR0xdQac9wNY/nlZbkR3O
qAezG6Sfmklvf+DOg5RxQq/+Y6I03LRepc7KeVDpaplMFGnpfKsibETMipwzayNQ
QgUf4cKBiF+65Ue7hZuDJa2EMv8qW4twEhGDYclpFU9YozyS1OhvUg==
-----END CERTIFICATE-----
EOF


# uncomment the following lines to generate your own key pair 

#openssl req -newkey rsa:1024 -passin pass:password \
#    -passout pass:password \
#    -sha1 -x509 -keyout demoCA/private/cakey.pem \
#    -out demoCA/cacert.pem -days 3650 <<EOF
#US
#California
#San Jose
#sipit
#Sipit Test Certificate Authority
#
#
#EOF

openssl crl2pkcs7 -nocrl -certfile demoCA/cacert.pem \
        -outform DER -out demoCA/cacert.p7c

TOC

17 makeCert script

Appendix C - makeCert script

#!/bin/sh 
#set -x

if [  $# == 1  ]; then
  DAYS=1095
elif [ $# == 2 ]; then
  DAYS=$2
else
  echo "Usage: makeCert test.example.org [days]" 
  echo "       makeCert alice@example.org [days]"
  echo "days is how long the certifiace is valid"
  echo "days set to 0 generates an invalid certificate"
  exit 0
fi

ADDR=$1

echo "making cert for ${ADDR}"

rm -f ${ADDR}_*.pem
rm -f ${ADDR}.p12

case ${ADDR} in
*:*) TYPE="URI" ;;
*@*) TYPE="email" ;;
*)   TYPE="DNS" ;;
esac

rm -f demoCA/index.txt
touch demoCA/index.txt
rm -f demoCA/newcerts/*

#setenv ALTNAME "URI:${ADDR}"
#setenv ALTNAME "email:${ADDR}"
#setenv ALTNAME "DNS:${ADDR}"
ALTNAME="$TYPE:${ADDR}"
export ALTNAME


openssl genrsa  -out ${ADDR}_key.pem 1024 
openssl req -new -sha1 -key ${ADDR}_key.pem \
        -out ${ADDR}_req.pem -days ${DAYS} <<EOF
US
California
San Jose
sipit

${ADDR}



EOF

if [ $DAYS == 0 ]; then
openssl ca -extensions cj_cert -config openssl.cnf \
    -passin pass:password -policy policy_anything \
    -md sha1 -batch -notext -out ${ADDR}_cert.pem \
    -startdate 990101000000Z \
    -enddate 000101000000Z \
     -infiles ${ADDR}_req.pem
else
openssl ca -extensions cj_cert -config openssl.cnf \
    -passin pass:password -policy policy_anything \
    -md sha1 -days ${DAYS} -batch -notext \
    -out ${ADDR}_cert.pem \
    -infiles ${ADDR}_req.pem
fi


openssl pkcs12 -passin pass:password \
    -passout pass:password -export \
    -out ${ADDR}.p12 -in ${ADDR}_cert.pem \
    -inkey ${ADDR}_key.pem -name TheName \
    -certfile demoCA/cacert.pem

openssl x509 -in ${ADDR}_cert.pem -noout -text

TOC

18 Certificates for testing

This section contains various certificates used for testing in PEM format.

Alice's certificate.

Alice's private key

Bob's certificate

Bob's private key

Certificate for a.example.com.

Private key for a.example.com.

Certificate for b.example.com.

Private key for b.example.com.

TOC

19 Message Dumps

This section contains base64 encoded versions of the SIP messages in this draft. They can be encoded and used as test vectors, and they contain all the correct CRLF sequences. A command like "openssl base64 -d -in foo.b64 -out foo" will convert the base64 data to a SIP message that contains everything after the UDP header. This can be used with a net cat program like nc to send test messages to programs.

The following is the base64 of the signed message.

TUVTU0FHRSBzaXA6Ym9iQGIuZXhhbXBsZS5jb20gU0lQLzIuMA0KVG86IDxzaXA6
Ym9iQGIuZXhhbXBsZS5jb20+DQpGcm9tOiA8c2lwOmFsaWNlQGEuZXhhbXBsZS5j
b20+O3RhZz0xYjJmNTc2OQ0KVmlhOiBTSVAvMi4wL1VEUCAxMjcuMC4wLjE6NTA3
MDticmFuY2g9ejloRzRiSy1jODc1NDItNzMwMDc1NDA2LTEtLWM4NzU0Mi07cnBv
cnQNCkNhbGwtSUQ6IDIyYjRmMjZkNmJlMjNhMGUNCkNTZXE6IDEgTUVTU0FHRQ0K
Q29udGFjdDogPHNpcDphbGljZUBhLmV4YW1wbGUuY29tOjUwNzA+DQpNYXgtRm9y
d2FyZHM6IDcwDQpDb250ZW50LVR5cGU6IG11bHRpcGFydC9zaWduZWQ7Ym91bmRh
cnk9NjViNjU2M2Y1ZThlZjYzMjttaWNhbGc9c2hhMTtwcm90b2NvbD1hcHBsaWNh
dGlvbi9wa2NzNy1zaWduYXR1cmUNClVzZXItQWdlbnQ6IFNJUGltcC5vcmcvMC4y
LjIgKGN1cnNlcykNCkNvbnRlbnQtTGVuZ3RoOiAxNjUzDQoNCi0tNjViNjU2M2Y1
ZThlZjYzMg0KQ29udGVudC1UeXBlOiB0ZXh0L3BsYWluDQpDb250ZW50LVRyYW5z
ZmVyLUVuY29kaW5nOiBiaW5hcnkNCg0KSGkNCi0tNjViNjU2M2Y1ZThlZjYzMg0K
Q29udGVudC1UeXBlOiBhcHBsaWNhdGlvbi9wa2NzNy1zaWduYXR1cmU7bmFtZT1z
bWltZS5wN3MNCkNvbnRlbnQtRGlzcG9zaXRpb246IGF0dGFjaG1lbnQ7aGFuZGxp
bmc9cmVxdWlyZWQ7ZmlsZW5hbWU9c21pbWUucDdzDQpDb250ZW50LVRyYW5zZmVy
LUVuY29kaW5nOiBiaW5hcnkNCg0KMIIFSwYJKoZIhvcNAQcCoIIFPDCCBTgCAQEx
CzAJBgUrDgMCGgUAMAsGCSqGSIb3DQEHAaCCAz4wggM6MIICo6ADAgECAgdVAYEC
SQBzMA0GCSqGSIb3DQEBBQUAMHAxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxp
Zm9ybmlhMREwDwYDVQQHEwhTYW4gSm9zZTEOMAwGA1UEChMFc2lwaXQxKTAnBgNV
BAsTIFNpcGl0IFRlc3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MB4XDTAzMTAxNDIw
MjQ1OVoXDTA2MTAxMzIwMjQ1OVowYzELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNh
bGlmb3JuaWExETAPBgNVBAcTCFNhbiBKb3NlMQ4wDAYDVQQKEwVzaXBpdDEcMBoG
A1UEAxQTYWxpY2VAYS5leGFtcGxlLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAw
gYkCgYEAoYw/gUYHZ5v+xKL+8axvOOrIFH5JruQqzcL6BbvktjPXnETrJKcQOedb
75xEKqrTd1MDqm9AXJuF1xG0zYf0aWHEzUWTxKUgSQwMBYzaFErpjrgjE0U5zRlM
vbzK10AqGtgzFgq4LS//WXme0Zj7qbIpqMif15plDIg/UjKq518CAwEAAaOB6jCB
5zAeBgNVHREEFzAVgRNhbGljZUBhLmV4YW1wbGUuY29tMAkGA1UdEwQCMAAwHQYD
VR0OBBYEFPvBYLvWCgb7Xzy3lSsw3OZteAheMIGaBgNVHSMEgZIwgY+AFGtGFxTq
lHYlgFRuE1TaoeNUFKG2oXSkcjBwMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2Fs
aWZvcm5pYTERMA8GA1UEBxMIU2FuIEpvc2UxDjAMBgNVBAoTBXNpcGl0MSkwJwYD
VQQLEyBTaXBpdCBUZXN0IENlcnRpZmljYXRlIEF1dGhvcml0eYIBADANBgkqhkiG
9w0BAQUFAAOBgQBfex+PEk9VKHhNqgTZtPcdkYgleGBdsvK5vZR+AmMzjhDZns/N
VTIct1N4RLZ2l4ZySQ5/y28H0GjNO5G8bDbQLpOdvJ/bivpQ2BUit9PQ1lFWGhOv
o0hsygux6XVMyogp8re6eNJgAhN4WxNkDjkmn06BaiIzlsncW7Neb7dTyDGCAdUw
ggHRAgEBMHswcDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExETAP
BgNVBAcTCFNhbiBKb3NlMQ4wDAYDVQQKEwVzaXBpdDEpMCcGA1UECxMgU2lwaXQg
VGVzdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkCB1UBgQJJAHMwCQYFKw4DAhoFAKCB
sTAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0wMzEw
MTUwMDA5MDdaMCMGCSqGSIb3DQEJBDEWBBRweIiRmownAI3QcTrAOjUZBJolPDBS
BgkqhkiG9w0BCQ8xRTBDMAoGCCqGSIb3DQMHMA4GCCqGSIb3DQMCAgIAgDANBggq
hkiG9w0DAgIBQDAHBgUrDgMCBzANBggqhkiG9w0DAgIBKDANBgkqhkiG9w0BAQEF
AASBgBGmL7aacdLrQbLav67qW9vawNWCEjIVefaK8/QSMy+J+TQX6FCThi45uDwU
MezrzxTroNCZhJPVf45inWrqG3h8SK2fIUBSbYdwdpb1QlMbbrygsb2Ea85mNVO/
upIk2YgSiz3Z796y2NV4sqB1go2rmVtLKPAWVrFoML86Wk6xDQotLTY1YjY1NjNm
NWU4ZWY2MzItLQ==

The base64 of the response was:

U0lQLzIuMCAyMDAgT0sNClRvOiA8c2lwOmJvYkBiLmV4YW1wbGUuY29tPjt0YWc9
NmIxNjdlZDgNCkZyb206IDxzaXA6YWxpY2VAYS5leGFtcGxlLmNvbT47dGFnPTFi
MmY1NzY5DQpWaWE6IFNJUC8yLjAvVURQIDEyNy4wLjAuMTo1MDcwO2JyYW5jaD16
OWhHNGJLLWM4NzU0Mi03MzAwNzU0MDYtMS0tYzg3NTQyLTtycG9ydD01MDcwO3Jl
Y2VpdmVkPTEyNy4wLjAuMQ0KQ2FsbC1JRDogMjJiNGYyNmQ2YmUyM2EwZQ0KQ1Nl
cTogMSBNRVNTQUdFDQpDb250YWN0OiA8c2lwOmJvYkBiLmV4YW1wbGUuY29tOjUw
NjA+DQpDb250ZW50LUxlbmd0aDogMA0KDQo=

The following is the base64 of the encrypted message.

TUVTU0FHRSBzaXA6Ym9iQGIuZXhhbXBsZS5jb20gU0lQLzIuMA0KVG86IDxzaXA6
Ym9iQGIuZXhhbXBsZS5jb20+DQpGcm9tOiA8c2lwOmFsaWNlQGEuZXhhbXBsZS5j
b20+O3RhZz00YmJhMWYwZA0KVmlhOiBTSVAvMi4wL1VEUCAxMjcuMC4wLjE6NTA3
MDticmFuY2g9ejloRzRiSy1jODc1NDItNTU4NDIyODM0LTEtLWM4NzU0Mi07cnBv
cnQNCkNhbGwtSUQ6IDEzMmJiODk1MDE5ZDQ1MzYNCkNTZXE6IDEgTUVTU0FHRQ0K
Q29udGFjdDogPHNpcDphbGljZUBhLmV4YW1wbGUuY29tOjUwNzA+DQpNYXgtRm9y
d2FyZHM6IDcwDQpDb250ZW50LURpc3Bvc2l0aW9uOiBhdHRhY2htZW50O2hhbmRs
aW5nPXJlcXVpcmVkO2ZpbGVuYW1lPXNtaW1lLnA3DQpDb250ZW50LVR5cGU6IGFw
cGxpY2F0aW9uL3BrY3M3LW1pbWU7c21pbWUtdHlwZT1lbnZlbG9wZWQtZGF0YTtu
YW1lPXNtaW1lLnA3bQ0KVXNlci1BZ2VudDogU0lQaW1wLm9yZy8wLjIuMiAoY3Vy
c2VzKQ0KQ29udGVudC1MZW5ndGg6IDM4NQ0KDQowggF9BgkqhkiG9w0BBwOgggFu
MIIBagIBADGCARYwggESAgEAMHswcDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNh
bGlmb3JuaWExETAPBgNVBAcTCFNhbiBKb3NlMQ4wDAYDVQQKEwVzaXBpdDEpMCcG
A1UECxMgU2lwaXQgVGVzdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkCB1UBgQJJAHIw
DQYJKoZIhvcNAQEBBQAEgYCUvSKVQO7kymKOszSmBP8WBx1Q4Y/Lb9C52Lo5ze9+
mzthE+09Yf5iCzecZZ208jJ0LuXsfg81meW+RXxjLd9eoEKbcN2NmWVw3TU1GNck
Ubr3lICk4pP10M3CH/+qVj/6CRVBvQJteCE7ANyWSd0hbFeu2aBfh1Uboea45yY2
qzBLBgkqhkiG9w0BBwEwFAYIKoZIhvcNAwcECJyyY8coGB9SgCiP8VFLHeq5gTx+
pr4tR390slx3dSBzPvDH9SyOWMELstFhlkedC+aL

The base64 of the response was:

U0lQLzIuMCAyMDAgT0sNClRvOiA8c2lwOmJvYkBiLmV4YW1wbGUuY29tPjt0YWc9
MzMwODA1ZjUNCkZyb206IDxzaXA6YWxpY2VAYS5leGFtcGxlLmNvbT47dGFnPTRi
YmExZjBkDQpWaWE6IFNJUC8yLjAvVURQIDEyNy4wLjAuMTo1MDcwO2JyYW5jaD16
OWhHNGJLLWM4NzU0Mi01NTg0MjI4MzQtMS0tYzg3NTQyLTtycG9ydD01MDcwO3Jl
Y2VpdmVkPTEyNy4wLjAuMQ0KQ2FsbC1JRDogMTMyYmI4OTUwMTlkNDUzNg0KQ1Nl
cTogMSBNRVNTQUdFDQpDb250YWN0OiA8c2lwOmJvYkBiLmV4YW1wbGUuY29tOjUw
NjA+DQpDb250ZW50LUxlbmd0aDogMA0KDQo=

The following is the base64 of the signed and encrypted message.

TUVTU0FHRSBzaXA6Ym9iQGIuZXhhbXBsZS5jb20gU0lQLzIuMA0KVG86IDxzaXA6
Ym9iQGIuZXhhbXBsZS5jb20+DQpGcm9tOiA8c2lwOmFsaWNlQGEuZXhhbXBsZS5j
b20+O3RhZz0xZDg2NzNhMw0KVmlhOiBTSVAvMi4wL1VEUCAxMjcuMC4wLjE6NTA3
MDticmFuY2g9ejloRzRiSy1jODc1NDItNDg4ODg0MTA0LTEtLWM4NzU0Mi07cnBv
cnQNCkNhbGwtSUQ6IDQ1MGM4YjExMjcxNWE3MzINCkNTZXE6IDEgTUVTU0FHRQ0K
Q29udGFjdDogPHNpcDphbGljZUBhLmV4YW1wbGUuY29tOjUwNzA+DQpNYXgtRm9y
d2FyZHM6IDcwDQpDb250ZW50LVR5cGU6IG11bHRpcGFydC9zaWduZWQ7Ym91bmRh
cnk9NzViM2Q3M2I0ZTI0ZDNmNjttaWNhbGc9c2hhMTtwcm90b2NvbD1hcHBsaWNh
dGlvbi9wa2NzNy1zaWduYXR1cmUNClVzZXItQWdlbnQ6IFNJUGltcC5vcmcvMC4y
LjIgKGN1cnNlcykNCkNvbnRlbnQtTGVuZ3RoOiAyMTU4DQoNCi0tNzViM2Q3M2I0
ZTI0ZDNmNg0KQ29udGVudC1UeXBlOiBhcHBsaWNhdGlvbi9wa2NzNy1taW1lO3Nt
aW1lLXR5cGU9ZW52ZWxvcGVkLWRhdGE7bmFtZT1zbWltZS5wN20NCkNvbnRlbnQt
RGlzcG9zaXRpb246IGF0dGFjaG1lbnQ7aGFuZGxpbmc9cmVxdWlyZWQ7ZmlsZW5h
bWU9c21pbWUucDcNCkNvbnRlbnQtVHJhbnNmZXItRW5jb2Rpbmc6IGJpbmFyeQ0K
DQowggF9BgkqhkiG9w0BBwOgggFuMIIBagIBADGCARYwggESAgEAMHswcDELMAkG
A1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExETAPBgNVBAcTCFNhbiBKb3Nl
MQ4wDAYDVQQKEwVzaXBpdDEpMCcGA1UECxMgU2lwaXQgVGVzdCBDZXJ0aWZpY2F0
ZSBBdXRob3JpdHkCB1UBgQJJAHIwDQYJKoZIhvcNAQEBBQAEgYBbH0sWpjlXVG3S
OdYb8BXnJx/x/SiFhNbfvEUpPNgX5/CT+xtEoUvftXcHNb7BIUP1l52lXq0fyxRU
TLxgGY2uAaMsWxJkQ2JwcZKlpIg/w+llcKxr3iLhAnZ5g68TTDOQbET8Xr77NiIh
uOufuTthKvUQ6H/NDNbd6wY5Tlrl5zBLBgkqhkiG9w0BBwEwFAYIKoZIhvcNAwcE
CK6ldx+VV8mYgCgzKJcCCnt7e8ToqY/Id+dfAm81r/zVDZRTMP+cpiUplPmlDolL
e47xDQotLTc1YjNkNzNiNGUyNGQzZjYNCkNvbnRlbnQtVHlwZTogYXBwbGljYXRp
b24vcGtjczctc2lnbmF0dXJlO25hbWU9c21pbWUucDdzDQpDb250ZW50LURpc3Bv
c2l0aW9uOiBhdHRhY2htZW50O2hhbmRsaW5nPXJlcXVpcmVkO2ZpbGVuYW1lPXNt
aW1lLnA3cw0KQ29udGVudC1UcmFuc2Zlci1FbmNvZGluZzogYmluYXJ5DQoNCjCC
BUsGCSqGSIb3DQEHAqCCBTwwggU4AgEBMQswCQYFKw4DAhoFADALBgkqhkiG9w0B
BwGgggM+MIIDOjCCAqOgAwIBAgIHVQGBAkkAczANBgkqhkiG9w0BAQUFADBwMQsw
CQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTERMA8GA1UEBxMIU2FuIEpv
c2UxDjAMBgNVBAoTBXNpcGl0MSkwJwYDVQQLEyBTaXBpdCBUZXN0IENlcnRpZmlj
YXRlIEF1dGhvcml0eTAeFw0wMzEwMTQyMDI0NTlaFw0wNjEwMTMyMDI0NTlaMGMx
CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMREwDwYDVQQHEwhTYW4g
Sm9zZTEOMAwGA1UEChMFc2lwaXQxHDAaBgNVBAMUE2FsaWNlQGEuZXhhbXBsZS5j
b20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKGMP4FGB2eb/sSi/vGsbzjq
yBR+Sa7kKs3C+gW75LYz15xE6ySnEDnnW++cRCqq03dTA6pvQFybhdcRtM2H9Glh
xM1Fk8SlIEkMDAWM2hRK6Y64IxNFOc0ZTL28ytdAKhrYMxYKuC0v/1l5ntGY+6my
KajIn9eaZQyIP1IyqudfAgMBAAGjgeowgecwHgYDVR0RBBcwFYETYWxpY2VAYS5l
eGFtcGxlLmNvbTAJBgNVHRMEAjAAMB0GA1UdDgQWBBT7wWC71goG+188t5UrMNzm
bXgIXjCBmgYDVR0jBIGSMIGPgBRrRhcU6pR2JYBUbhNU2qHjVBShtqF0pHIwcDEL
MAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExETAPBgNVBAcTCFNhbiBK
b3NlMQ4wDAYDVQQKEwVzaXBpdDEpMCcGA1UECxMgU2lwaXQgVGVzdCBDZXJ0aWZp
Y2F0ZSBBdXRob3JpdHmCAQAwDQYJKoZIhvcNAQEFBQADgYEAX3sfjxJPVSh4TaoE
2bT3HZGIJXhgXbLyub2UfgJjM44Q2Z7PzVUyHLdTeES2dpeGckkOf8tvB9BozTuR
vGw20C6Tnbyf24r6UNgVIrfT0NZRVhoTr6NIbMoLsel1TMqIKfK3unjSYAITeFsT
ZA45Jp9OgWoiM5bJ3FuzXm+3U8gxggHVMIIB0QIBATB7MHAxCzAJBgNVBAYTAlVT
MRMwEQYDVQQIEwpDYWxpZm9ybmlhMREwDwYDVQQHEwhTYW4gSm9zZTEOMAwGA1UE
ChMFc2lwaXQxKTAnBgNVBAsTIFNpcGl0IFRlc3QgQ2VydGlmaWNhdGUgQXV0aG9y
aXR5AgdVAYECSQBzMAkGBSsOAwIaBQCggbEwGAYJKoZIhvcNAQkDMQsGCSqGSIb3
DQEHATAcBgkqhkiG9w0BCQUxDxcNMDMxMDE1MDAwOTIyWjAjBgkqhkiG9w0BCQQx
FgQUFLTFVme+Oh3uIw7w3GTqTnmdRLAwUgYJKoZIhvcNAQkPMUUwQzAKBggqhkiG
9w0DBzAOBggqhkiG9w0DAgICAIAwDQYIKoZIhvcNAwICAUAwBwYFKw4DAgcwDQYI
KoZIhvcNAwICASgwDQYJKoZIhvcNAQEBBQAEgYAoI2BmK6Iv3cbIFJSCkgxQC0f9
yvYT9E0c9MEj1eSEMyG+0iFcxzxmvsnNNVRYub13SU2fPmlHAPWLm80reOWuXbKR
kJinPgs3bbwWBH+xSzmLSiYAWXK/ZlVZtlQcJWL9bQ6DOy7HmaqbthMe007HUR8j
pwqyKeskUIz9kzQ5bA0KLS03NWIzZDczYjRlMjRkM2Y2LS0=

The base64 of the response was:

U0lQLzIuMCAyMDAgT0sNClRvOiA8c2lwOmJvYkBiLmV4YW1wbGUuY29tPjt0YWc9
NDBkNzEzMWINCkZyb206IDxzaXA6YWxpY2VAYS5leGFtcGxlLmNvbT47dGFnPTFk
ODY3M2EzDQpWaWE6IFNJUC8yLjAvVURQIDEyNy4wLjAuMTo1MDcwO2JyYW5jaD16
OWhHNGJLLWM4NzU0Mi00ODg4ODQxMDQtMS0tYzg3NTQyLTtycG9ydD01MDcwO3Jl
Y2VpdmVkPTEyNy4wLjAuMQ0KQ2FsbC1JRDogNDUwYzhiMTEyNzE1YTczMg0KQ1Nl
cTogMSBNRVNTQUdFDQpDb250YWN0OiA8c2lwOmJvYkBiLmV4YW1wbGUuY29tOjUw
NjA+DQpDb250ZW50LUxlbmd0aDogMA0KDQo=

TOC

20 Open Issues

Should the type of the subjectAltName be URI or RFC822 in S/MIME examples?

Is the encrypted and signed example in this draft correct with respect to what the signature in a detached signature is computed over?

The examples here attach the sender's certificates - is this how we want to go? Need more text on when or should or should not do this.

Need to added Accept with multipart to all examples.Might also want to request congestion safety on all of them.

TOC

21 Still To Do

The examples here attached the sender's certificates - is that the way we want to go. Need more text on when or should or should not do this.

Examples showing keywrap stuff.

Redo examples in 3261.

Would be nice to add example showing encrypted SDP with SRTP key examples.

Would be nice to add example showing securing a refer.

TOC

22 Acknowledgments

Many thanks to the developers of all the open source software used to create these call flows. This includes the underling crypto and TLS software used from openssl.org, the SIP stack from www.resiprocate.org, and the SIMPLE IMPP agent from www.sipimp.org. The TLS flow dumps were done with SSLDump from http://www.rtfm.com/ssldump. The book SSL and TLS [9] was a huge help in developing the code for these flows and is a great resource for anyone trying to implement TLS with SIP.

Thanks to Dan Wing and Robert Sparks for catching many silly mistakes and Tat Chan who caught a key problem in what the signature was being computed over.

TOC

Normative References

[1]	Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997.
[2]	Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A., Peterson, J., Sparks, R., Handley, M. and Schooler, E., "SIP: Session Initiation Protocol", RFC 3261, June 2002.
[3]	Housley, R., Polk, W., Ford, W. and Solo, D., "Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile", RFC 3280, April 2002.
[4]	Dusse, S., Hoffman, P., Ramsdell, B., Lundblade, L. and Repka, L., "S/MIME Version 2 Message Specification", RFC 2311, March 1998.
[5]	Dierks, T., Allen, C., Treese, W., Karlton, P.L., Freier, A.O. and Kocher, P.C., "The TLS Protocol Version 1.0", RFC 2246, January 1999.
[6]	Chown, P., "Advanced Encryption Standard (AES) Ciphersuites for Transport Layer Security (TLS)", RFC 3268, June 2002.
[7]	Ramsdell, B, "S/MIME Version 3.1 Message Specification", Internet-Draft draft-ietf-smime-rfc2633bis-03, January 2003.

TOC

Informative References

[8]	Campbell, B., Rosenberg, J., Schulzrinne, H., Huitema, C. and Gurle, D., "Session Initiation Protocol (SIP) Extension for Instant Messaging", RFC 3428, December 2002.
[9]	Rescorla, E.K., "SSL and TLS - Designing and Building Secure Systems", 2001.

TOC

Author's Address

	Cullen Jennings
	Cisco Systems
	170 West Tasman Drive Mailstop SJC-21/3
	San Jose, CA 95134
	USA
Phone:	+1 408 527-9132
EMail:	mailto:fluffy@cisco.com