GENWiki

Premier IT Outsourcing and Support Services within the UK

User Tools

Site Tools


rfc:rfc6216

Internet Engineering Task Force (IETF) C. Jennings Request for Comments: 6216 Cisco Systems Category: Informational K. Ono ISSN: 2070-1721 Columbia University

                                                             R. Sparks
                                                       B. Hibbard, Ed.
                                                               Tekelec
                                                            April 2011
     Example Call Flows Using Session Initiation Protocol (SIP)
                        Security Mechanisms

Abstract

 This document shows example call flows demonstrating the use of
 Transport Layer Security (TLS), and Secure/Multipurpose Internet Mail
 Extensions (S/MIME) in Session Initiation Protocol (SIP).  It also
 provides information that helps implementers build interoperable SIP
 software.  To help facilitate interoperability testing, it includes
 certificates used in the example call flows and processes to create
 certificates for testing.

Status of This Memo

 This document is not an Internet Standards Track specification; it is
 published for informational purposes.
 This document is a product of the Internet Engineering Task Force
 (IETF).  It represents the consensus of the IETF community.  It has
 received public review and has been approved for publication by the
 Internet Engineering Steering Group (IESG).  Not all documents
 approved by the IESG are a candidate for any level of Internet
 Standard; see Section 2 of RFC 5741.
 Information about the current status of this document, any errata,
 and how to provide feedback on it may be obtained at
 http://www.rfc-editor.org/info/rfc6216.

Jennings, et al. Informational [Page 1] RFC 6216 SIP Secure Call Flows April 2011

Copyright Notice

 Copyright (c) 2011 IETF Trust and the persons identified as the
 document authors.  All rights reserved.
 This document is subject to BCP 78 and the IETF Trust's Legal
 Provisions Relating to IETF Documents
 (http://trustee.ietf.org/license-info) in effect on the date of
 publication of this document.  Please review these documents
 carefully, as they describe your rights and restrictions with respect
 to this document.  Code Components extracted from this document must
 include Simplified BSD License text as described in Section 4.e of
 the Trust Legal Provisions and are provided without warranty as
 described in the Simplified BSD License.

Table of Contents

 1.  Introduction . . . . . . . . . . . . . . . . . . . . . . . . .  3
 2.  Certificates . . . . . . . . . . . . . . . . . . . . . . . . .  4
   2.1.  CA Certificates  . . . . . . . . . . . . . . . . . . . . .  4
   2.2.  Host Certificates  . . . . . . . . . . . . . . . . . . . .  8
   2.3.  User Certificates  . . . . . . . . . . . . . . . . . . . . 10
 3.  Call Flow with Message Over TLS  . . . . . . . . . . . . . . . 12
   3.1.  TLS with Server Authentication . . . . . . . . . . . . . . 12
   3.2.  MESSAGE Transaction Over TLS . . . . . . . . . . . . . . . 13
 4.  Call Flow with S/MIME-Secured Message  . . . . . . . . . . . . 15
   4.1.  MESSAGE Request with Signed Body . . . . . . . . . . . . . 15
   4.2.  MESSAGE Request with Encrypted Body  . . . . . . . . . . . 20
   4.3.  MESSAGE Request with Encrypted and Signed Body . . . . . . 22
 5.  Observed Interoperability Issues . . . . . . . . . . . . . . . 27
 6.  Additional Test Scenarios  . . . . . . . . . . . . . . . . . . 29
 7.  Acknowledgments  . . . . . . . . . . . . . . . . . . . . . . . 31
 8.  Security Considerations  . . . . . . . . . . . . . . . . . . . 32
 9.  References . . . . . . . . . . . . . . . . . . . . . . . . . . 32
   9.1.  Normative References . . . . . . . . . . . . . . . . . . . 32
   9.2.  Informative References . . . . . . . . . . . . . . . . . . 34
 Appendix A.  Making Test Certificates  . . . . . . . . . . . . . . 35
   A.1.  makeCA script  . . . . . . . . . . . . . . . . . . . . . . 36
   A.2.  makeCert script  . . . . . . . . . . . . . . . . . . . . . 40
 Appendix B.  Certificates for Testing  . . . . . . . . . . . . . . 42
   B.1.  Certificates Using EKU . . . . . . . . . . . . . . . . . . 42
   B.2.  Certificates NOT Using EKU . . . . . . . . . . . . . . . . 51
   B.3.  Certificate Chaining with a Non-Root CA  . . . . . . . . . 58
 Appendix C.  Message Dumps . . . . . . . . . . . . . . . . . . . . 64

Jennings, et al. Informational [Page 2] RFC 6216 SIP Secure Call Flows April 2011

1. Introduction

 This document is informational and is not normative on any aspect of
 SIP.
 SIP with TLS ([RFC5246]) implementations are becoming very common.
 Several implementations of the S/MIME ([RFC5751]) portion of SIP
 ([RFC3261]) are also becoming available.  After several
 interoperability events, it is clear that it is difficult to write
 these systems without any test vectors or examples of "known good"
 messages to test against.  Furthermore, testing at the events is
 often hindered due to the lack of a commonly trusted certification
 authority to sign the certificates used in the events.  This document
 addresses both of these issues by providing messages that give
 detailed examples that implementers can use for comparison and that
 can also be used for testing.  In addition, this document provides a
 common certificate and private key that can be used to set up a mock
 Certification Authority (CA) that can be used during the SIP
 interoperability events.  Certificate requests from the users will be
 signed by the private key of the mock CA.  The document also provides
 some hints and clarifications for implementers.
 A simple SIP call flow using SIPS URIs and TLS is shown in Section 3.
 The certificates for the hosts used are shown in Section 2.2, and the
 CA certificates used to sign these are shown in Section 2.1.
 The text from Section 4.1 through Section 4.3 shows some simple SIP
 call flows using S/MIME to sign and encrypt the body of the message.
 The user certificates used in these examples are shown in
 Section 2.3.  These host certificates are signed with the same mock
 CA private key.
 Section 5 presents a partial list of items that implementers should
 consider in order to implement systems that will interoperate.
 Scripts and instructions to make certificates that can be used for
 interoperability testing are presented in Appendix A, along with
 methods for converting these to various formats.  The certificates
 used while creating the examples and test messages in this document
 are made available in Appendix B.
 Binary copies of various messages in this document that can be used
 for testing appear in Appendix C.

Jennings, et al. Informational [Page 3] RFC 6216 SIP Secure Call Flows April 2011

2. Certificates

2.1. CA Certificates

 The certificate used by the CA to sign the other certificates is
 shown below.  This is an X.509v3 ([X.509]) certificate.  Note that
 the X.509v3 Basic Constraints in the certificate allows it to be used
 as a CA, certification authority.  This certificate is not used
 directly in the TLS call flow; it is used only to verify user and
 host certificates.
 Version: 3 (0x2)
 Serial Number:
     96:a3:84:17:4e:ef:8a:4c
 Signature Algorithm: sha1WithRSAEncryption
 Issuer: C=US, ST=California, L=San Jose, O=sipit,
         OU=Sipit Test Certificate Authority
 Validity
     Not Before: Jan 27 18:36:05 2011 GMT
     Not After : Jan  3 18:36:05 2111 GMT
 Subject: C=US, ST=California, L=San Jose, O=sipit,
         OU=Sipit Test Certificate Authority
 Subject Public Key Info:
     Public Key Algorithm: rsaEncryption
     RSA Public Key: (2048 bit)
         Modulus (2048 bit):
             00:ab:1f:91:61:f1:1c:c5:cd:a6:7b:16:9b:b7:14:
             79:e4:30:9e:98:d0:ec:07:b7:bd:77:d7:d1:f5:5b:
             2c:e2:ee:e6:b1:b0:f0:85:fa:a5:bc:cb:cc:cf:69:
             2c:4f:fc:50:ef:9d:31:2b:c0:59:ea:fb:64:6f:1f:
             55:a7:3d:fd:70:d2:56:db:14:99:17:92:70:ac:26:
             f8:34:41:70:d9:c0:03:91:6a:ba:d1:11:8f:ac:12:
             31:de:b9:19:70:8d:5d:a7:7d:8b:19:cc:40:3f:ae:
             ff:de:1f:db:94:b3:46:77:6c:ae:ae:ff:3e:d6:84:
             5b:c2:de:0b:26:65:d0:91:c7:70:4b:c7:0a:4a:bf:
             c7:97:04:dd:ba:58:47:cb:e0:2b:23:76:87:65:c5:
             55:34:10:ab:27:1f:1c:f8:30:3d:b0:9b:ca:a2:81:
             72:4c:bd:60:fe:f7:21:fe:0b:db:0b:db:e9:5b:01:
             36:d4:28:15:6b:79:eb:d0:91:1b:21:59:b8:0e:aa:
             bf:d5:b1:6c:70:37:a3:3f:a5:7d:0e:95:46:f6:f6:
             58:67:83:75:42:37:18:0b:a4:41:39:b2:2f:6c:80:
             2c:78:ec:a5:0f:be:9c:10:f8:c0:0b:0d:73:99:9e:
             0d:d7:97:50:cb:cc:45:34:23:49:41:85:22:24:ad:
             29:c3
         Exponent: 65537 (0x10001)
 X509v3 extensions:
     X509v3 Subject Key Identifier:
         95:45:7E:5F:2B:EA:65:98:12:91:04:F3:63:C7:68:9A:58:16:77:27

Jennings, et al. Informational [Page 4] RFC 6216 SIP Secure Call Flows April 2011

     X509v3 Authority Key Identifier:
         95:45:7E:5F:2B:EA:65:98:12:91:04:F3:63:C7:68:9A:58:16:77:27
     X509v3 Basic Constraints:
         CA:TRUE
     Signature Algorithm: sha1WithRSAEncryption
 06:5f:9e:ae:a0:9a:bc:b5:b9:5b:7e:97:33:cc:df:63:98:98:
 94:cb:0d:66:a9:83:e8:aa:58:2a:59:a1:9e:47:31:a6:af:5c:
 3f:a2:25:86:f8:df:05:92:b7:db:69:a1:69:72:87:66:c5:ab:
 35:89:01:37:19:c9:74:eb:09:d1:3f:88:7b:24:13:42:ca:2d:
 fb:45:e6:cc:4b:f8:21:78:f3:f5:97:ec:09:92:24:a2:f0:e6:
 94:8d:97:4a:00:94:00:bd:25:b8:17:2c:52:53:5d:cc:5c:48:
 a4:a1:1d:2d:f6:50:55:13:a4:d3:b2:a2:f4:f1:b9:6d:48:5e:
 5c:f3:de:e0:fc:59:09:a1:d9:14:61:65:bf:d8:3f:b9:ba:2e:
 7c:ed:5c:24:9b:6b:ca:aa:5f:f1:c1:1e:b0:a8:da:82:0f:fb:
 4c:71:3b:4d:7b:38:c8:e3:8a:2a:19:34:44:26:0b:ea:f0:47:
 38:46:28:65:04:e2:01:52:dd:ec:3d:e5:f5:53:74:77:74:75:
 6d:c6:d9:c2:0a:ac:3b:b8:98:5c:55:53:34:74:52:a8:26:b1:
 2f:30:22:d0:8b:b7:f3:a0:dd:68:07:33:d5:ae:b7:81:b2:94:
 58:72:4e:7c:c6:72:2f:bd:6c:69:fb:b5:17:a8:2a:8d:d7:2c:
 91:06:c8:0c
 The certificate content shown above and throughout this document was
 rendered by the OpenSSL "x509" tool.  These dumps are included only
 as informative examples.  Output may vary among future revisions of
 the tool.  At the time of this document's publication, there were
 some irregularities in the presentation of Distinguished Names (DNs).
 In particular, note that in the "Issuer" and "Subject" fields, it
 appears the intent is to present DNs in Lightweight Directory Access
 Protocol (LDAP) format.  If this was intended, the spaces should have
 been omitted after the delimiting commas, and the elements should
 have been presented in order of most-specific to least-specific.
 Please refer to Appendix A of [RFC4514].  Using the "Issuer" DN from
 above as an example and following guidelines in [RFC4514], it should
 have instead appeared as:
 Issuer: OU=Sipit Test Certificate Authority,O=sipit,L=San Jose,
         ST=California,C=US
 The ASN.1 ([X.683]) parse of the CA certificate is shown below.
0:l= 949 cons: SEQUENCE
4:l= 669 cons:  SEQUENCE
8:l=   3 cons:   cont [ 0 ]

10:l= 1 prim: INTEGER :02 13:l= 9 prim: INTEGER :96A384174EEF8A4C 24:l= 13 cons: SEQUENCE

Jennings, et al. Informational [Page 5] RFC 6216 SIP Secure Call Flows April 2011

26:l= 9 prim: OBJECT :sha1WithRSAEncryption 37:l= 0 prim: NULL 39:l= 112 cons: SEQUENCE 41:l= 11 cons: SET 43:l= 9 cons: SEQUENCE 45:l= 3 prim: OBJECT :countryName 50:l= 2 prim: PRINTABLESTRING :US 54:l= 19 cons: SET 56:l= 17 cons: SEQUENCE 58:l= 3 prim: OBJECT :stateOrProvinceName 63:l= 10 prim: UTF8STRING

43 61 6c 69 66 6f 72 6e-69 61                     California

75:l= 17 cons: SET 77:l= 15 cons: SEQUENCE 79:l= 3 prim: OBJECT :localityName 84:l= 8 prim: UTF8STRING

53 61 6e 20 4a 6f 73 65-                          San Jose

94:l= 14 cons: SET 96:l= 12 cons: SEQUENCE 98:l= 3 prim: OBJECT :organizationName 103:l= 5 prim: UTF8STRING

73 69 70 69 74                                    sipit

110:l= 41 cons: SET 112:l= 39 cons: SEQUENCE 114:l= 3 prim: OBJECT :organizationalUnitName 119:l= 32 prim: UTF8STRING

53 69 70 69 74 20 54 65-73 74 20 43 65 72 74 69   Sipit Test Certi
66 69 63 61 74 65 20 41-75 74 68 6f 72 69 74 79   ficate Authority

153:l= 32 cons: SEQUENCE 155:l= 13 prim: UTCTIME :110127183605Z 170:l= 15 prim: GENERALIZEDTIME :21110103183605Z 187:l= 112 cons: SEQUENCE 189:l= 11 cons: SET 191:l= 9 cons: SEQUENCE 193:l= 3 prim: OBJECT :countryName 198:l= 2 prim: PRINTABLESTRING :US 202:l= 19 cons: SET 204:l= 17 cons: SEQUENCE 206:l= 3 prim: OBJECT :stateOrProvinceName 211:l= 10 prim: UTF8STRING

43 61 6c 69 66 6f 72 6e-69 61                     California

223:l= 17 cons: SET 225:l= 15 cons: SEQUENCE 227:l= 3 prim: OBJECT :localityName 232:l= 8 prim: UTF8STRING

53 61 6e 20 4a 6f 73 65-                          San Jose

242:l= 14 cons: SET 244:l= 12 cons: SEQUENCE

Jennings, et al. Informational [Page 6] RFC 6216 SIP Secure Call Flows April 2011

246:l= 3 prim: OBJECT :organizationName 251:l= 5 prim: UTF8STRING

73 69 70 69 74                                    sipit

258:l= 41 cons: SET 260:l= 39 cons: SEQUENCE 262:l= 3 prim: OBJECT :organizationalUnitName 267:l= 32 prim: UTF8STRING

53 69 70 69 74 20 54 65-73 74 20 43 65 72 74 69   Sipit Test Certi
66 69 63 61 74 65 20 41-75 74 68 6f 72 69 74 79   ficate Authority

301:l= 290 cons: SEQUENCE 305:l= 13 cons: SEQUENCE 307:l= 9 prim: OBJECT :rsaEncryption 318:l= 0 prim: NULL 320:l= 271 prim: BIT STRING

00 30 82 01 0a 02 82 01-01 00 ab 1f 91 61 f1 1c   .0...........a..
c5 cd a6 7b 16 9b b7 14-79 e4 30 9e 98 d0 ec 07   ...{....y.0.....
b7 bd 77 d7 d1 f5 5b 2c-e2 ee e6 b1 b0 f0 85 fa   ..w...[,........
a5 bc cb cc cf 69 2c 4f-fc 50 ef 9d 31 2b c0 59   .....i,O.P..1+.Y
ea fb 64 6f 1f 55 a7 3d-fd 70 d2 56 db 14 99 17   ..do.U.=.p.V....
92 70 ac 26 f8 34 41 70-d9 c0 03 91 6a ba d1 11   .p.&.4Ap....j...
8f ac 12 31 de b9 19 70-8d 5d a7 7d 8b 19 cc 40   ...1...p.].}...@
3f ae ff de 1f db 94 b3-46 77 6c ae ae ff 3e d6   ?.......Fwl...>.
84 5b c2 de 0b 26 65 d0-91 c7 70 4b c7 0a 4a bf   .[...&e...pK..J.
c7 97 04 dd ba 58 47 cb-e0 2b 23 76 87 65 c5 55   .....XG..+#v.e.U
34 10 ab 27 1f 1c f8 30-3d b0 9b ca a2 81 72 4c   4..'...0=.....rL
bd 60 fe f7 21 fe 0b db-0b db e9 5b 01 36 d4 28   .`..!......[.6.(
15 6b 79 eb d0 91 1b 21-59 b8 0e aa bf d5 b1 6c   .ky....!Y......l
70 37 a3 3f a5 7d 0e 95-46 f6 f6 58 67 83 75 42   p7.?.}..F..Xg.uB
37 18 0b a4 41 39 b2 2f-6c 80 2c 78 ec a5 0f be   7...A9./l.,x....
9c 10 f8 c0 0b 0d 73 99-9e 0d d7 97 50 cb cc 45   ......s.....P..E
34 23 49 41 85 22 24 ad-29 c3 02 03 01 00 01      4#IA."$.)......

595:l= 80 cons: cont [ 3 ] 597:l= 78 cons: SEQUENCE 599:l= 29 cons: SEQUENCE 601:l= 3 prim: OBJECT :X509v3 Subject Key Identifier 606:l= 22 prim: OCTET STRING

04 14 95 45 7e 5f 2b ea-65 98 12 91 04 f3 63 c7   ...E~_+.e.....c.
68 9a 58 16 77 27                                 h.X.w'

630:l= 31 cons: SEQUENCE 632:l= 3 prim: OBJECT :X509v3 Authority Key Identifier 637:l= 24 prim: OCTET STRING

30 16 80 14 95 45 7e 5f-2b ea 65 98 12 91 04 f3   0....E~_+.e.....
63 c7 68 9a 58 16 77 27-                          c.h.X.w'

663:l= 12 cons: SEQUENCE 665:l= 3 prim: OBJECT :X509v3 Basic Constraints 670:l= 5 prim: OCTET STRING

30 03 01 01 ff                                    0....

677:l= 13 cons: SEQUENCE

Jennings, et al. Informational [Page 7] RFC 6216 SIP Secure Call Flows April 2011

679:l= 9 prim: OBJECT :sha1WithRSAEncryption 690:l= 0 prim: NULL 692:l= 257 prim: BIT STRING

00 06 5f 9e ae a0 9a bc-b5 b9 5b 7e 97 33 cc df   .._.......[~.3..
63 98 98 94 cb 0d 66 a9-83 e8 aa 58 2a 59 a1 9e   c.....f....X*Y..
47 31 a6 af 5c 3f a2 25-86 f8 df 05 92 b7 db 69   G1..\?.%.......i
a1 69 72 87 66 c5 ab 35-89 01 37 19 c9 74 eb 09   .ir.f..5..7..t..
d1 3f 88 7b 24 13 42 ca-2d fb 45 e6 cc 4b f8 21   .?.{$.B.-.E..K.!
78 f3 f5 97 ec 09 92 24-a2 f0 e6 94 8d 97 4a 00   x......$......J.
94 00 bd 25 b8 17 2c 52-53 5d cc 5c 48 a4 a1 1d   ...%..,RS].\H...
2d f6 50 55 13 a4 d3 b2-a2 f4 f1 b9 6d 48 5e 5c   -.PU........mH^\
f3 de e0 fc 59 09 a1 d9-14 61 65 bf d8 3f b9 ba   ....Y....ae..?..
2e 7c ed 5c 24 9b 6b ca-aa 5f f1 c1 1e b0 a8 da   .|.\$.k.._......
82 0f fb 4c 71 3b 4d 7b-38 c8 e3 8a 2a 19 34 44   ...Lq;M{8...*.4D
26 0b ea f0 47 38 46 28-65 04 e2 01 52 dd ec 3d   &...G8F(e...R..=
e5 f5 53 74 77 74 75 6d-c6 d9 c2 0a ac 3b b8 98   ..Stwtum.....;..
5c 55 53 34 74 52 a8 26-b1 2f 30 22 d0 8b b7 f3   \US4tR.&./0"....
a0 dd 68 07 33 d5 ae b7-81 b2 94 58 72 4e 7c c6   ..h.3......XrN|.
72 2f bd 6c 69 fb b5 17-a8 2a 8d d7 2c 91 06 c8   r/.li....*..,...
0c                                                .

2.2. Host Certificates

 The certificate for the host example.com is shown below.  Note that
 the Subject Alternative Name is set to example.com and is a DNS type.
 The certificates for the other hosts are shown in Appendix B.
 Version: 3 (0x2)
 Serial Number:
     96:a3:84:17:4e:ef:8a:4f
 Signature Algorithm: sha1WithRSAEncryption
 Issuer: C=US, ST=California, L=San Jose, O=sipit,
         OU=Sipit Test Certificate Authority
 Validity
     Not Before: Feb  7 19:32:17 2011 GMT
     Not After : Jan 14 19:32:17 2111 GMT
 Subject: C=US, ST=California, L=San Jose, O=sipit, CN=example.com
 Subject Public Key Info:
     Public Key Algorithm: rsaEncryption
     RSA Public Key: (2048 bit)
         Modulus (2048 bit):
             00:dd:74:06:02:10:c2:e7:04:1f:bc:8c:b6:24:e7:
             9b:94:a3:48:37:85:9e:6d:83:12:84:50:1a:8e:48:
             b1:fa:86:8c:a7:80:b9:be:52:ec:a6:ca:63:47:84:
             ad:f6:74:85:82:16:7e:4e:36:40:0a:74:2c:20:a9:
             6a:0e:6a:7f:35:cf:70:71:63:7d:e9:43:67:81:4c:
             ea:b5:1e:b7:4c:a3:35:08:7b:21:0d:2a:73:07:63:
             9d:8d:75:bf:1f:d4:8e:e6:67:60:75:f7:ea:0a:7a:

Jennings, et al. Informational [Page 8] RFC 6216 SIP Secure Call Flows April 2011

             6c:90:af:92:45:e0:62:05:9a:8a:10:98:dc:7c:54:
             8b:e4:61:95:3b:04:fc:10:50:ef:80:45:ba:5e:84:
             97:76:c1:20:25:c1:92:1d:89:0a:f7:55:62:64:fa:
             e8:69:a2:62:4c:67:d3:08:d9:61:b5:3d:16:54:b6:
             b7:44:8d:59:2b:90:d4:e9:fb:c7:7d:87:58:c3:12:
             ac:33:78:00:50:ba:07:05:b3:b9:01:1a:63:55:6c:
             e1:7a:ec:a3:07:ae:3b:02:83:a1:69:e0:c3:dc:2d:
             61:e9:b2:e3:b3:71:c8:a6:cf:da:fb:3e:99:c7:e5:
             71:b9:c9:17:d4:ed:bc:a0:47:54:09:8c:6e:6d:53:
             9a:2c:c9:68:c6:6f:f1:3d:91:1a:24:43:77:7d:91:
             69:4b
         Exponent: 65537 (0x10001)
 X509v3 extensions:
     X509v3 Subject Alternative Name:
         DNS:example.com, URI:sip:example.com
     X509v3 Basic Constraints:
         CA:FALSE
     X509v3 Subject Key Identifier:
         CC:06:59:5B:8B:5E:D6:0D:F2:05:4D:1B:68:54:1E:FC:F9:43:19:17
     X509v3 Authority Key Identifier:
         95:45:7E:5F:2B:EA:65:98:12:91:04:F3:63:C7:68:9A:58:16:77:27
     X509v3 Key Usage:
         Digital Signature, Non Repudiation, Key Encipherment
     X509v3 Extended Key Usage:
         TLS Web Server Authentication, 1.3.6.1.5.5.7.3.20
     Signature Algorithm: sha1WithRSAEncryption
 6a:9a:d1:db:00:4b:90:86:b0:53:ea:6f:30:31:89:1e:9b:09:
 14:bd:6f:b9:02:aa:6f:58:ee:30:03:b8:a1:fd:b3:41:72:ff:
 b3:0d:cb:76:a7:17:c6:57:38:06:13:e5:f3:e4:30:17:4d:f7:
 97:b5:f3:74:e9:81:f8:f4:55:a3:0d:f5:82:38:c3:98:43:52:
 1f:84:cd:1a:b4:a3:45:9f:3d:e2:31:fd:cb:a2:ad:ed:60:7d:
 fa:d2:aa:49:2f:41:a9:80:01:bb:ed:b6:75:c9:97:69:7f:0c:
 91:60:f1:c4:5a:36:e8:5c:ac:e1:a8:e7:9a:55:e5:e0:cd:01:
 f4:de:93:f4:38:6c:c1:71:d2:fd:cd:1b:5d:25:eb:90:7b:31:
 41:e7:37:0e:e5:c0:01:48:91:f7:34:dd:c6:1f:74:e6:34:34:
 e6:cd:93:0f:3f:ce:94:ad:91:d9:e2:72:b1:9f:1d:d3:a5:7d:
 5e:e2:a4:56:c5:b1:71:4d:10:0a:5d:a6:56:e6:57:1f:48:a5:
 5c:75:67:ea:ab:35:3e:f6:b6:fa:c1:f3:8a:c1:80:71:32:18:
 6c:33:b5:fa:16:5a:16:e1:a1:6c:19:67:f5:45:68:64:6f:b2:
 31:dc:e3:5a:1a:b2:d4:87:89:96:fd:87:ba:38:4e:0a:19:07:
 03:4b:9b:b1
 The example host certificate above, as well as all the others
 presented in this document, are signed directly by a root CA.  These
 certificate chains have a length equal to two: the root CA and the
 host certificate.  Non-root CAs exist and may also sign certificates.
 The certificate chains presented by hosts with certificates signed by

Jennings, et al. Informational [Page 9] RFC 6216 SIP Secure Call Flows April 2011

 non-root CAs will have a length greater than two.  For more details
 on how certificate chains are validated, see Sections 6.1 and 6.2 of
 [RFC5280].

2.3. User Certificates

 User certificates are used by many applications to establish user
 identity.  The user certificate for fluffy@example.com is shown
 below.  Note that the Subject Alternative Name has a list of names
 with different URL types such as a sip, im, or pres URL.  This is
 necessary for interoperating with a Common Profile for Instant
 Messaging (CPIM) gateway.  In this example, example.com is the domain
 for fluffy.  The message could be coming from any host in
 *.example.com, and the address-of-record (AOR) in the user
 certificate would still be the same.  The others are shown in
 Appendix B.1.  These certificates make use of the Extended Key Usage
 (EKU) extension discussed in [RFC5924].  Note that the X509v3
 Extended Key Usage attribute refers to the SIP OID introduced in
 [RFC5924], which is 1.3.6.1.5.5.7.3.20.
 Version: 3 (0x2)
 Serial Number:
     96:a3:84:17:4e:ef:8a:4d
 Signature Algorithm: sha1WithRSAEncryption
 Issuer: C=US, ST=California, L=San Jose, O=sipit,
         OU=Sipit Test Certificate Authority
 Validity
     Not Before: Feb  7 19:32:17 2011 GMT
     Not After : Jan 14 19:32:17 2111 GMT
 Subject: C=US, ST=California, L=San Jose, O=sipit,
          CN=fluffy
 Subject Public Key Info:
     Public Key Algorithm: rsaEncryption
     RSA Public Key: (2048 bit)
         Modulus (2048 bit):
             00:a3:2c:59:0c:e9:bc:e4:ec:d3:9e:fb:99:02:ec:
             b1:36:3a:b7:d3:1d:4d:c3:3a:b6:ae:50:bd:5f:55:
             08:77:8c:7e:a4:e9:f0:68:31:28:8f:23:32:56:19:
             c3:22:97:a7:6d:fd:a7:22:2a:01:b5:af:61:bd:5f:
             7e:c1:14:e5:98:29:b4:34:4e:38:8a:26:ee:0d:da:
             db:27:b9:78:d6:ac:ac:04:78:32:98:c2:75:e7:6a:
             b7:2d:b3:3c:e3:eb:97:a5:ef:8b:59:42:50:17:7b:
             fe:a7:81:af:37:a7:e7:e3:1f:b0:8d:d0:72:2f:6c:
             14:42:c6:01:68:e1:8f:fd:56:4d:7d:cf:16:dc:aa:
             05:61:0b:0a:ca:ca:ec:51:ec:53:6e:3d:2b:00:80:
             fe:35:1b:06:0a:61:13:88:0b:44:f3:cc:fd:2b:0e:
             b4:a2:0b:a0:97:84:14:2e:ee:2b:e3:2f:c1:1a:9e:
             86:9a:78:6a:a2:4c:57:93:e7:01:26:d3:56:0d:bd:

Jennings, et al. Informational [Page 10] RFC 6216 SIP Secure Call Flows April 2011

             b0:2f:f8:da:c7:3c:01:dc:cb:2d:31:8c:6c:c6:5c:
             b4:63:e8:b2:a2:40:11:bf:ad:f8:6d:12:01:97:1d:
             47:f8:6a:15:8b:fb:27:96:73:44:46:34:d7:24:1c:
             cf:56:8d:d4:be:d6:94:5b:f0:a6:67:e3:dd:cf:b4:
             f2:d5
         Exponent: 65537 (0x10001)
 X509v3 extensions:
     X509v3 Subject Alternative Name:
         URI:sip:fluffy@example.com, URI:im:fluffy@example.com,
            URI:pres:fluffy@example.com
     X509v3 Basic Constraints:
         CA:FALSE
     X509v3 Subject Key Identifier:
         85:97:09:B8:D3:55:37:24:8A:DC:DE:E3:91:72:E4:22:CF:98:87:52
     X509v3 Authority Key Identifier:
         95:45:7E:5F:2B:EA:65:98:12:91:04:F3:63:C7:68:9A:58:16:77:27
     X509v3 Key Usage:
         Digital Signature, Non Repudiation, Key Encipherment
     X509v3 Extended Key Usage:
         E-mail Protection, 1.3.6.1.5.5.7.3.20
     Signature Algorithm: sha1WithRSAEncryption
 a8:a9:8f:d8:8a:0b:88:ed:ff:4f:bf:e5:cd:8f:9e:7b:b8:e6:
 f2:2c:aa:e3:23:5b:9a:71:5e:fd:20:a3:dd:d9:d3:c1:f2:e8:
 f0:be:77:db:33:cc:8a:7b:4f:91:2b:8d:d6:f7:14:c3:8d:e0:
 60:d3:34:50:bc:be:67:22:cd:f5:74:7b:f4:9a:68:a2:52:2b:
 81:2f:46:d3:09:9f:25:c3:20:e8:10:d5:ef:38:7b:d1:17:d4:
 f1:d7:54:67:56:f1:13:cf:2f:fc:8b:83:fc:14:e7:01:82:59:
 83:cc:b1:8d:f0:c7:da:4e:b1:dc:cc:54:cf:6c:3b:47:47:59:
 87:d9:16:ec:af:af:e1:12:13:23:1e:0a:db:f5:b5:ff:5d:ab:
 15:0e:e3:25:91:00:0e:90:db:d8:07:11:90:81:01:3a:48:a8:
 aa:9e:b0:62:d3:36:f0:0c:b7:2f:a7:17:92:52:36:29:14:0a:
 d6:65:86:67:73:74:6e:aa:3c:ee:47:38:1e:c8:6e:06:81:85:
 1c:2e:f0:b6:04:7d:6c:38:db:81:9c:b8:07:e3:07:be:f5:2f:
 09:68:63:04:6b:87:0e:36:b9:a1:a3:fb:c8:30:0c:a0:63:8d:
 6d:ab:0a:f8:44:b0:78:19:1a:38:7e:fa:6a:a1:d4:4b:4b:75:
 75:bf:6f:09
 Versions of these certificates that do not make use of EKU are also
 included in Appendix B.2

Jennings, et al. Informational [Page 11] RFC 6216 SIP Secure Call Flows April 2011

3. Call Flow with Message Over TLS

3.1. TLS with Server Authentication

 The flow below shows the edited SSLDump output of the host
 example.com forming a TLS [RFC5246] connection to example.net.  In
 this example, mutual authentication is not used.  Note that the
 client proposed three protocol suites including
 TLS_RSA_WITH_AES_128_CBC_SHA defined in [RFC5246].  The certificate
 returned by the server contains a Subject Alternative Name that is
 set to example.net.  A detailed discussion of TLS can be found in SSL
 and TLS [EKR-TLS].  For more details on the SSLDump tool, see the
 SSLDump Manual [ssldump-manpage].
 This example does not use the Server Extended Hello (see [RFC5246]).
 New TCP connection #1: example.com(50738) <-> example.net(5061)
 1 1  0.0004 (0.0004)  C>SV3.1(101)  Handshake
       ClientHello
         Version 3.1
         random[32]=
           4c 09 5b a7 66 77 eb 43 52 30 dd 98 4d 09 23 d3
           ff 81 74 ab 04 69 bb 79 8c dc 59 cd c2 1f b7 ec
         cipher suites
         TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
         TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
         TLS_DHE_RSA_WITH_AES_256_SHA
         TLS_RSA_WITH_AES_256_CBC_SHA
         TLS_DSS_RSA_WITH_AES_256_SHA
         TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
         TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
         TLS_DHE_RSA_WITH_AES_128_CBC_SHA
         TLS_RSA_WITH_AES_128_CBC_SHA
         TLS_DHE_DSS_WITH_AES_128_CBC_SHA
         TLS_ECDHE_RSA_WITH_DES_192_CBC3_SHA
         TLS_ECDH_RSA_WITH_DES_192_CBC3_SHA
         TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
         TLS_RSA_WITH_3DES_EDE_CBC_SHA
         TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
         TLS_ECDHE_RSA_WITH_RC4_128_SHA
         TLS_ECDH_RSA_WITH_RC4_128_SHA
         TLS_RSA_WITH_RC4_128_SHA
         TLS_RSA_WITH_RC4_128_MD5
         TLS_DHE_RSA_WITH_DES_CBC_SHA
         TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA
         TLS_RSA_WITH_DES_CBC_SHA
         TLS_RSA_EXPORT_WITH_DES40_CBC_SHA
         TLS_DHE_DSS_WITH_DES_CBC_SHA

Jennings, et al. Informational [Page 12] RFC 6216 SIP Secure Call Flows April 2011

         TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA
         TLS_RSA_EXPORT_WITH_RC4_40_MD5
         compression methods
                   NULL
 1 2  0.0012 (0.0007)  S>CV3.1(48)  Handshake
       ServerHello
         Version 3.1
         random[32]=
           4c 09 5b a7 30 87 74 c7 16 98 24 d5 af 35 17 a7
           ef c3 78 0c 94 d4 94 d2 7b a6 3f 40 04 25 f6 e0
         session_id[0]=
         cipherSuite         TLS_RSA_WITH_AES_256_CBC_SHA
         compressionMethod                   NULL
 1 3  0.0012 (0.0000)  S>CV3.1(1858)  Handshake
       Certificate
 1 4  0.0012 (0.0000)  S>CV3.1(14)  Handshake
       CertificateRequest
         certificate_types                   rsa_sign
         certificate_types                   dss_sign
         certificate_types                 unknown value
       ServerHelloDone
 1 5  0.0043 (0.0031)  C>SV3.1(7)  Handshake
       Certificate
 1 6  0.0043 (0.0000)  C>SV3.1(262)  Handshake
       ClientKeyExchange
 1 7  0.0043 (0.0000)  C>SV3.1(1)  ChangeCipherSpec
 1 8  0.0043 (0.0000)  C>SV3.1(48)  Handshake
 1 9  0.0129 (0.0085)  S>CV3.1(170)  Handshake
 1 10 0.0129 (0.0000)  S>CV3.1(1)  ChangeCipherSpec
 1 11 0.0129 (0.0000)  S>CV3.1(48)  Handshake
 1 12 0.0134 (0.0005)  C>SV3.1(32)  application_data
 1 13 0.0134 (0.0000)  C>SV3.1(496)  application_data
 1 14 0.2150 (0.2016)  S>CV3.1(32)  application_data
 1 15 0.2150 (0.0000)  S>CV3.1(336)  application_data
 1 16 12.2304 (12.0154)  S>CV3.1(32)  Alert
 1    12.2310 (0.0005)  S>C  TCP FIN
 1 17 12.2321 (0.0011)  C>SV3.1(32)  Alert

3.2. MESSAGE Transaction Over TLS

 Once the TLS session is set up, the following MESSAGE request (as
 defined in [RFC3428] is sent from fluffy@example.com to
 kumiko@example.net.  Note that the URI has a SIPS URL and that the
 VIA indicates that TLS was used.  In order to format this document,
 the <allOneLine> convention from [RFC4475] is used to break long
 lines.  The actual message does not contain the line breaks contained
 within those tags.

Jennings, et al. Informational [Page 13] RFC 6216 SIP Secure Call Flows April 2011

 MESSAGE sips:kumiko@example.net:5061 SIP/2.0
 <allOneLine>
 Via: SIP/2.0/TLS 192.0.2.2:15001;
      branch=z9hG4bK-d8754z-c785a077a9a8451b-1---d8754z-;
      rport=50738
 </allOneLine>
 Max-Forwards: 70
 To: <sips:kumiko@example.net:5061>
 From: <sips:fluffy@example.com:15001>;tag=1a93430b
 Call-ID: OTZmMDE2OWNlYTVjNDkzYzBhMWRlMDU4NDExZmU4ZTQ.
 CSeq: 4308 MESSAGE
 <allOneLine>
 Accept: multipart/signed, text/plain, application/pkcs7-mime,
         application/sdp, multipart/alternative
 </allOneLine>
 Content-Type: text/plain
 Content-Length: 6
 Hello!
 When a User Agent (UA) goes to send a message to example.com, the UA
 can see if it already has a TLS connection to example.com and if it
 does, it may send the message over this connection.  A UA should have
 some scheme for reusing connections as opening a new TLS connection
 for every message results in awful performance.  Implementers are
 encouraged to read [RFC5923] and [RFC3263].
 The response is sent from example.net to example.com over the same
 TLS connection.  It is shown below.
 SIP/2.0 200 OK
 <allOneLine>
 Via: SIP/2.0/TLS 192.0.2.2:15001;
      branch=z9hG4bK-d8754z-c785a077a9a8451b-1---d8754z-;
      rport=50738
 </allOneLine>
 To: <sips:kumiko@example.net:5061>;tag=0d075510
 From: <sips:fluffy@example.com:15001>;tag=1a93430b
 Call-ID: OTZmMDE2OWNlYTVjNDkzYzBhMWRlMDU4NDExZmU4ZTQ.
 CSeq: 4308 MESSAGE
 Content-Length: 0

Jennings, et al. Informational [Page 14] RFC 6216 SIP Secure Call Flows April 2011

4. Call Flow with S/MIME-Secured Message

4.1. MESSAGE Request with Signed Body

 Below is an example of a signed message.  The values on the Content-
 Type line (multipart/signed) and on the Content-Disposition line have
 been broken across lines to fit on the page, but they are not broken
 across lines in actual implementations.
 MESSAGE sip:kumiko@example.net SIP/2.0
 <allOneLine>
 Via: SIP/2.0/TCP 192.0.2.2:15001;
      branch=z9hG4bK-d8754z-3a922b6dc0f0ff37-1---d8754z-;
      rport=50739
 </allOneLine>
 Max-Forwards: 70
 To: <sip:kumiko@example.net>
 From: <sip:fluffy@example.com>;tag=ef6bad5e
 Call-ID: N2NiZjI0NjRjNDQ0MTY1NDRjNWNmMGU1MDA2MDRhYmI.
 CSeq: 8473 MESSAGE
 <allOneLine>
 Accept: multipart/signed, text/plain, application/pkcs7-mime,
         application/sdp, multipart/alternative
 </allOneLine>
 <allOneLine>
 Content-Type: multipart/signed;boundary=3b515e121b43a911;
               micalg=sha1;protocol="application/pkcs7-signature"
 </allOneLine>
 Content-Length: 774
  1. -3b515e121b43a911

Content-Type: text/plain

 Content-Transfer-Encoding: binary
 Hello!
 --3b515e121b43a911
 Content-Type: application/pkcs7-signature;name=smime.p7s
 <allOneLine>
 Content-Disposition: attachment;handling=required;
                      filename=smime.p7s
 </allOneLine>
 Content-Transfer-Encoding: binary
  • BINARY BLOB 1 *
  1. -3b515e121b43a911–

Jennings, et al. Informational [Page 15] RFC 6216 SIP Secure Call Flows April 2011

 It is important to note that the signature ("BINARY BLOB 1") is
 computed over the MIME headers and body, but excludes the multipart
 boundary lines.  The value on the Message-body line ends with CRLF.
 The CRLF is included in the boundary and is not part of the signature
 computation.  To be clear, the signature is computed over data
 starting with the "C" in the "Content-Type" and ending with the "!"
 in the "Hello!".
 Content-Type: text/plain
 Content-Transfer-Encoding: binary
 Hello!
 Following is the ASN.1 parsing of encrypted contents referred to
 above as "BINARY BLOB 1".  Note that at address 30, the hash for the
 signature is specified as SHA-1.  Also note that the sender's
 certificate is not attached as it is optional in [RFC5652].
  0  472: SEQUENCE {
  4    9:   OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
 15  457:   [0] {
 19  453:     SEQUENCE {
 23    1:       INTEGER 1
 26   11:       SET {
 28    9:         SEQUENCE {
 30    5:           OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
 37    0:           NULL
        :           }
        :         }
 39   11:       SEQUENCE {
 41    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
        :         }
 52  420:       SET {
 56  416:         SEQUENCE {
 60    1:           INTEGER 1
 63  125:           SEQUENCE {
 65  112:             SEQUENCE {
 67   11:               SET {
 69    9:                 SEQUENCE {
 71    3:                   OBJECT IDENTIFIER countryName (2 5 4 6)
 76    2:                   PrintableString 'US'
        :                   }
        :                 }
 80   19:               SET {
 82   17:                 SEQUENCE {
 84    3:                   OBJECT IDENTIFIER
        :                     stateOrProvinceName (2 5 4 8)
 89   10:                   UTF8String 'California'

Jennings, et al. Informational [Page 16] RFC 6216 SIP Secure Call Flows April 2011

        :                   }
        :                 }
  101   17:               SET {
  103   15:                 SEQUENCE {
  105    3:                   OBJECT IDENTIFIER localityName (2 5 4 7)
  110    8:                   UTF8String 'San Jose'
        :                   }
        :                 }
  120   14:               SET {
  122   12:                 SEQUENCE {
  124    3:                   OBJECT IDENTIFIER
        :                     organizationName (2 5 4 10)
  129    5:                   UTF8String 'sipit'
        :                   }
        :                 }
  136   41:               SET {
  138   39:                 SEQUENCE {
  140    3:                   OBJECT IDENTIFIER
        :                     organizationalUnitName (2 5 4 11)
  145   32:                   UTF8String 'Sipit Test Certificate
                                          Authority'
        :                   }
        :                 }
        :               }
  179    9:             INTEGER 00 96 A3 84 17 4E EF 8A 4D
        :             }
  190    9:           SEQUENCE {
  192    5:             OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
  199    0:             NULL
        :             }
  201   13:           SEQUENCE {
  203    9:             OBJECT IDENTIFIER
        :               rsaEncryption (1 2 840 113549 1 1 1)
  214    0:             NULL
        :             }
  216  256:           OCTET STRING
        :             74 4D 21 39 D6 E2 E2 2C 30 5A AA BC 4E 60 8D 69
        :             A7 E5 79 50 1A B1 7D 4A D3 C1 03 9F 19 7D A2 76
        :             97 B3 CE 30 CD 62 4B 96 20 35 DB C1 64 D9 33 92
        :             96 CD 28 03 98 6E 2C 0C F6 8D 93 40 F2 88 DA 29
        :             AD 0B C2 0E F9 D3 6A 95 2C 79 6E C2 3D 62 E6 54
        :             A9 1B AC 66 DB 16 B7 44 6C 03 1B 71 9C EE C9 EC
        :             4D 93 B1 CF F5 17 79 C5 C8 BA 2F A7 6C 4B DC CF
        :             62 A3 F3 1A 1B 24 E4 40 66 3C 4F 87 86 BF 09 6A
        :             7A 43 60 2B FC D8 3D 2B 57 17 CB 81 03 2A 56 69
        :             81 82 FA 78 DE D2 3A 2F FA A3 C5 EA 8B E8 0C 36
        :             1B BC DC FD 1B 8C 2E 0F 01 AF D9 E1 04 0E 4E 50
        :             94 75 7C BD D9 0B DD AA FA 36 E3 EC E4 A5 35 46

Jennings, et al. Informational [Page 17] RFC 6216 SIP Secure Call Flows April 2011

        :             BE A2 97 1D AD BA 44 54 3A ED 94 DA 76 4A 51 BA
        :             A4 7D 7A 62 BF 2A 2F F2 5C 5A FE CA E6 B9 DC 5D
        :             EA 26 F2 35 17 19 20 CE 97 96 4E 72 9C 72 FD 1F
        :             68 C1 6A 5C 86 42 F2 ED F2 70 65 4C C7 44 C5 7C
        :           }
        :         }
        :       }
        :     }
        :   }
 SHA-1 parameters may be omitted entirely, instead of being set to
 NULL, as mentioned in [RFC3370].  The above dump of Blob 1 has SHA-1
 parameters set to NULL.  Below are the same contents signed with the
 same key, but omitting the NULL according to [RFC3370].  This is the
 preferred encoding.  This is covered in greater detail in Section 5.
  0  468: SEQUENCE {
  4    9:   OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
 15  453:   [0] {
 19  449:     SEQUENCE {
 23    1:       INTEGER 1
 26    9:       SET {
 28    7:         SEQUENCE {
 30    5:           OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
        :           }
        :         }
 37   11:       SEQUENCE {
 39    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
        :         }
 50  418:       SET {
 54  414:         SEQUENCE {
 58    1:           INTEGER 1
 61  125:           SEQUENCE {
 63  112:             SEQUENCE {
 65   11:               SET {
 67    9:                 SEQUENCE {
 69    3:                   OBJECT IDENTIFIER countryName (2 5 4 6)
 74    2:                   PrintableString 'US'
        :                   }
        :                 }
 78   19:               SET {
 80   17:                 SEQUENCE {
 82    3:                   OBJECT IDENTIFIER
        :                     stateOrProvinceName (2 5 4 8)
 87   10:                   UTF8String 'California'
        :                   }
        :                 }
 99   17:               SET {

Jennings, et al. Informational [Page 18] RFC 6216 SIP Secure Call Flows April 2011

  101   15:                 SEQUENCE {
  103    3:                   OBJECT IDENTIFIER localityName (2 5 4 7)
  108    8:                   UTF8String 'San Jose'
        :                   }
        :                 }
  118   14:               SET {
  120   12:                 SEQUENCE {
  122    3:                   OBJECT IDENTIFIER
        :                     organizationName (2 5 4 10)
  127    5:                   UTF8String 'sipit'
        :                   }
        :                 }
  134   41:               SET {
  136   39:                 SEQUENCE {
  138    3:                   OBJECT IDENTIFIER
        :                     organizationalUnitName (2 5 4 11)
  143   32:                   UTF8String 'Sipit Test Certificate
                                          Authority'
        :                   }
        :                 }
        :               }
  177    9:             INTEGER 00 96 A3 84 17 4E EF 8A 4D
        :             }
  188    7:           SEQUENCE {
  190    5:             OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
        :             }
  197   13:           SEQUENCE {
  199    9:             OBJECT IDENTIFIER
        :               rsaEncryption (1 2 840 113549 1 1 1)
  210    0:             NULL
        :             }
  212  256:           OCTET STRING
        :             74 4D 21 39 D6 E2 E2 2C 30 5A AA BC 4E 60 8D 69
        :             A7 E5 79 50 1A B1 7D 4A D3 C1 03 9F 19 7D A2 76
        :             97 B3 CE 30 CD 62 4B 96 20 35 DB C1 64 D9 33 92
        :             96 CD 28 03 98 6E 2C 0C F6 8D 93 40 F2 88 DA 29
        :             AD 0B C2 0E F9 D3 6A 95 2C 79 6E C2 3D 62 E6 54
        :             A9 1B AC 66 DB 16 B7 44 6C 03 1B 71 9C EE C9 EC
        :             4D 93 B1 CF F5 17 79 C5 C8 BA 2F A7 6C 4B DC CF
        :             62 A3 F3 1A 1B 24 E4 40 66 3C 4F 87 86 BF 09 6A
        :             7A 43 60 2B FC D8 3D 2B 57 17 CB 81 03 2A 56 69
        :             81 82 FA 78 DE D2 3A 2F FA A3 C5 EA 8B E8 0C 36
        :             1B BC DC FD 1B 8C 2E 0F 01 AF D9 E1 04 0E 4E 50
        :             94 75 7C BD D9 0B DD AA FA 36 E3 EC E4 A5 35 46
        :             BE A2 97 1D AD BA 44 54 3A ED 94 DA 76 4A 51 BA
        :             A4 7D 7A 62 BF 2A 2F F2 5C 5A FE CA E6 B9 DC 5D
        :             EA 26 F2 35 17 19 20 CE 97 96 4E 72 9C 72 FD 1F
        :             68 C1 6A 5C 86 42 F2 ED F2 70 65 4C C7 44 C5 7C

Jennings, et al. Informational [Page 19] RFC 6216 SIP Secure Call Flows April 2011

        :           }
        :         }
        :       }
        :     }
        :   }

4.2. MESSAGE Request with Encrypted Body

 Below is an example of an encrypted text/plain message that says
 "Hello!".  The binary encrypted contents have been replaced with the
 block "BINARY BLOB 2".
 MESSAGE sip:kumiko@example.net SIP/2.0
 <allOneLine>
 Via: SIP/2.0/TCP 192.0.2.2:15001;
      branch=z9hG4bK-d8754z-c276232b541dd527-1---d8754z-;
      rport=50741
 </allOneLine>
 Max-Forwards: 70
 To: <sip:kumiko@example.net>
 From: <sip:fluffy@example.com>;tag=7a2e3025
 Call-ID: MDYyMDhhODA3NWE2ZjEyYzAwOTZlMjExNWI2ZWQwZGM.
 CSeq: 3260 MESSAGE
 <allOneLine>
 Accept: multipart/signed, text/plain, application/pkcs7-mime,
         application/sdp, multipart/alternative
 </allOneLine>
 <allOneLine>
 Content-Disposition: attachment;handling=required;
                      filename=smime.p7
 </allOneLine>
 Content-Transfer-Encoding: binary
 <allOneLine>
 Content-Type: application/pkcs7-mime;smime-type=enveloped-data;
               name=smime.p7m
 </allOneLine>
 Content-Length: 565
  • BINARY BLOB 2 *
 Following is the ASN.1 parsing of "BINARY BLOB 2".  Note that at
 address 454, the encryption is set to aes128-CBC.
  0  561: SEQUENCE {
  4    9:   OBJECT IDENTIFIER envelopedData (1 2 840 113549 1 7 3)
 15  546:   [0] {

Jennings, et al. Informational [Page 20] RFC 6216 SIP Secure Call Flows April 2011

 19  542:     SEQUENCE {
 23    1:       INTEGER 0
 26  409:       SET {
 30  405:         SEQUENCE {
 34    1:           INTEGER 0
 37  125:           SEQUENCE {
 39  112:             SEQUENCE {
 41   11:               SET {
 43    9:                 SEQUENCE {
 45    3:                   OBJECT IDENTIFIER countryName (2 5 4 6)
 50    2:                   PrintableString 'US'
        :                   }
        :                 }
 54   19:               SET {
 56   17:                 SEQUENCE {
 58    3:                   OBJECT IDENTIFIER
        :                     stateOrProvinceName (2 5 4 8)
 63   10:                   UTF8String 'California'
        :                   }
        :                 }
 75   17:               SET {
 77   15:                 SEQUENCE {
 79    3:                   OBJECT IDENTIFIER localityName (2 5 4 7)
 84    8:                   UTF8String 'San Jose'
        :                   }
        :                 }
 94   14:               SET {
 96   12:                 SEQUENCE {
 98    3:                   OBJECT IDENTIFIER
        :                     organizationName (2 5 4 10)
  103    5:                   UTF8String 'sipit'
        :                   }
        :                 }
  110   41:               SET {
  112   39:                 SEQUENCE {
  114    3:                   OBJECT IDENTIFIER
        :                     organizationalUnitName (2 5 4 11)
  119   32:                   UTF8String 'Sipit Test Certificate
                                          Authority'
        :                   }
        :                 }
        :               }
  153    9:             INTEGER 00 96 A3 84 17 4E EF 8A 4E
        :             }
  164   13:           SEQUENCE {
  166    9:             OBJECT IDENTIFIER
        :               rsaEncryption (1 2 840 113549 1 1 1)
  177    0:             NULL

Jennings, et al. Informational [Page 21] RFC 6216 SIP Secure Call Flows April 2011

        :             }
  179  256:           OCTET STRING
        :             B9 12 8F 32 AB 4A E2 38 C1 E0 53 69 88 D6 25 E7
        :             40 03 B1 DE 79 21 A3 E8 23 5A 1B CB FB 58 F4 97
        :             48 A7 C8 F0 3D DF 41 A3 5A 90 32 70 82 FA B0 DE
        :             D8 94 7C 6C 2E 01 FE 33 BD 62 CB 07 4F 58 DE 6F
        :             EA 3F EF B4 FB 46 72 58 9A 88 A0 85 BC 23 D7 C8
        :             09 0B 90 8D 4A 5F 3F 96 7C AC D4 E2 19 E8 02 B6
        :             0E F3 0D F2 91 4A 67 A9 EE 51 6A 97 D7 86 6D EC
        :             78 6E C6 E0 83 7C E1 00 1F 5A 40 59 60 0C D7 EB
        :             A3 FB 04 B3 C9 A5 EB 79 ED B3 56 F8 F6 51 B2 5E
        :             58 E2 D8 17 28 33 A6 B8 35 8C 0E 14 7F 90 D0 7B
        :             03 00 6C 3D 81 29 F5 D7 E5 AC 75 5E E0 F0 DD E3
        :             3E B2 06 97 D6 49 A9 CB 38 08 F1 84 05 F5 C0 BC
        :             55 A6 D4 C9 D8 FD A4 AC 40 9F 9D 51 5B F7 3A C3
        :             C3 CD 3A E7 6D 21 05 D0 50 75 4F 14 D8 77 76 C6
        :             13 A6 48 12 7B 25 CC 22 5D 73 BD 40 E4 15 02 A2
        :             39 4A CB D9 55 08 A4 EE 4E 8A 5E BA C4 4A 46 9C
        :           }
        :         }
  439  124:       SEQUENCE {
  441    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
  452   29:         SEQUENCE {
  454    9:           OBJECT IDENTIFIER
        :             aes128-CBC (2 16 840 1 101 3 4 1 2)
  465   16:           OCTET STRING
        :             CA 35 CA BD 1E 78 83 D9 20 6C 47 B9 9F DC 91 88
        :           }
  483   80:         [0]
        :           1B AE 12 C4 0E 55 96 AB 99 CC 1C 7F B5 98 A4 BF
        :           D2 D8 7F 94 BB B5 38 05 59 F2 38 A1 CD 29 75 17
        :           1D 63 1B 0B B0 2D 88 06 7F 78 80 F3 5A 3E DC 35
        :           BF 22 1E 03 32 59 98 DA FD 81 5F D9 41 63 3A 18
        :           FD B5 84 14 01 46 0B 40 EB 56 29 86 47 8B D1 EE
        :         }
        :       }
        :     }
        :   }

4.3. MESSAGE Request with Encrypted and Signed Body

 In the example below, some of the header values have been split
 across multiple lines.  Where the lines have been broken, the
 <allOneLine> convention has been used.  This was only done to make it
 fit in the RFC format.  Specifically, the application/pkcs7-mime
 Content-Type line is one line with no whitespace between the "mime;"
 and the "smime-type".  The values are split across lines for
 formatting, but are not split in the real message.  The binary

Jennings, et al. Informational [Page 22] RFC 6216 SIP Secure Call Flows April 2011

 encrypted content has been replaced with "BINARY BLOB 3", and the
 binary signed content has been replaced with "BINARY BLOB 4".
 MESSAGE sip:kumiko@example.net SIP/2.0
 <allOneLine>
 Via: SIP/2.0/TCP 192.0.2.2:15001;
      branch=z9hG4bK-d8754z-97a26e59b7262b34-1---d8754z-;
      rport=50742
 </allOneLine>
 Max-Forwards: 70
 To: <sip:kumiko@example.net>
 From: <sip:fluffy@example.com>;tag=379f5b27
 Call-ID: MjYwMzdjYTY3YWRkYzgzMjU0MGI4Mzc2Njk1YzJlNzE.
 CSeq: 5449 MESSAGE
 <allOneLine>
 Accept: multipart/signed, text/plain, application/pkcs7-mime,
         application/sdp, multipart/alternative
 </allOneLine>
 <allOneLine>
 Content-Type: multipart/signed;boundary=e8df6e1ce5d1e864;
               micalg=sha1;protocol="application/pkcs7-signature"
 </allOneLine>
 Content-Length: 1455
  1. -e8df6e1ce5d1e864

<allOneLine>

 Content-Type: application/pkcs7-mime;smime-type=enveloped-data;
               name=smime.p7m
 </allOneLine>
 <allOneLine>
 Content-Disposition: attachment;handling=required;
                      filename=smime.p7
 </allOneLine>
 Content-Transfer-Encoding: binary
  • BINARY BLOB 3 *
  1. -e8df6e1ce5d1e864

Content-Type: application/pkcs7-signature;name=smime.p7s

 <allOneLine>
 Content-Disposition: attachment;handling=required;
                      filename=smime.p7s
 </allOneLine>
 Content-Transfer-Encoding: binary
  • BINARY BLOB 4 *

Jennings, et al. Informational [Page 23] RFC 6216 SIP Secure Call Flows April 2011

  1. -e8df6e1ce5d1e864–
 Below is the ASN.1 parsing of "BINARY BLOB 3".
  0  561: SEQUENCE {
  4    9:   OBJECT IDENTIFIER envelopedData (1 2 840 113549 1 7 3)
 15  546:   [0] {
 19  542:     SEQUENCE {
 23    1:       INTEGER 0
 26  409:       SET {
 30  405:         SEQUENCE {
 34    1:           INTEGER 0
 37  125:           SEQUENCE {
 39  112:             SEQUENCE {
 41   11:               SET {
 43    9:                 SEQUENCE {
 45    3:                   OBJECT IDENTIFIER countryName (2 5 4 6)
 50    2:                   PrintableString 'US'
        :                   }
        :                 }
 54   19:               SET {
 56   17:                 SEQUENCE {
 58    3:                   OBJECT IDENTIFIER
        :                     stateOrProvinceName (2 5 4 8)
 63   10:                   UTF8String 'California'
        :                   }
        :                 }
 75   17:               SET {
 77   15:                 SEQUENCE {
 79    3:                   OBJECT IDENTIFIER localityName (2 5 4 7)
 84    8:                   UTF8String 'San Jose'
        :                   }
        :                 }
 94   14:               SET {
 96   12:                 SEQUENCE {
 98    3:                   OBJECT IDENTIFIER
        :                     organizationName (2 5 4 10)
  103    5:                   UTF8String 'sipit'
        :                   }
        :                 }
  110   41:               SET {
  112   39:                 SEQUENCE {
  114    3:                   OBJECT IDENTIFIER
        :                     organizationalUnitName (2 5 4 11)
  119   32:                   UTF8String 'Sipit Test Certificate
                                          Authority'
        :                   }

Jennings, et al. Informational [Page 24] RFC 6216 SIP Secure Call Flows April 2011

        :                 }
        :               }
  153    9:             INTEGER 00 96 A3 84 17 4E EF 8A 4E
        :             }
  164   13:           SEQUENCE {
  166    9:             OBJECT IDENTIFIER
        :               rsaEncryption (1 2 840 113549 1 1 1)
  177    0:             NULL
        :             }
  179  256:           OCTET STRING
        :             49 11 0B 11 52 A9 9D E3 AA FB 86 CB EB 12 CC 8E
        :             96 9D 85 3E 80 D2 7C C4 9B B7 81 4B B5 FA 13 80
        :             6A 6A B2 34 72 D8 C0 82 60 DA B3 43 F8 51 8C 32
        :             8B DD D0 76 6D 9C 46 73 C1 44 A0 10 FF 16 A4 83
        :             74 85 21 74 7D E0 FD 42 C0 97 00 82 A2 80 81 22
        :             9C A2 82 0A 85 F0 68 EF 9A D7 6D 1D 24 2B A9 5E
        :             B3 9A A0 3E A7 D9 1D 1C D7 42 CB 6F A5 81 66 23
        :             28 00 7C 99 6A B6 03 3F 7E F6 48 EA 91 49 35 F1
        :             FD 40 54 5D AC F7 84 EA 3F 27 43 FD DE E2 10 DD
        :             63 C4 35 4A 13 63 0B 6D 0D 9A D5 AB 72 39 69 8C
        :             65 4C 44 C4 A3 31 60 79 B9 A8 A3 A1 03 FD 41 25
        :             12 E5 F3 F8 47 CE 8C 42 D9 26 77 A5 57 AF 1A 95
        :             BF 05 A5 E9 47 F2 D1 AE DC 13 7E 1B 83 5C 8C C4
        :             1F 31 BC 59 E6 FD 6E 9A B0 91 EC 71 A6 7F 28 3E
        :             23 1B 40 E2 C0 60 CF 5E 5B 86 08 06 82 B4 B7 DB
        :             00 DD AC 3A 39 27 E2 7C 96 AD 8A E9 C3 B8 06 5E
        :           }
        :         }
  439  124:       SEQUENCE {
  441    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
  452   29:         SEQUENCE {
  454    9:           OBJECT IDENTIFIER
        :             aes128-CBC (2 16 840 1 101 3 4 1 2)
  465   16:           OCTET STRING
        :             88 9B 13 75 A7 66 14 C3 CF CD C6 FF D2 91 5D A0
        :           }
  483   80:         [0]
        :           80 0B A3 B7 57 89 B4 F4 70 AE 1D 14 A9 35 DD F9
        :           1D 66 29 46 52 40 13 E1 3B 4A 23 E5 EC AB F9 35
        :           A6 B6 A4 BE C0 02 31 06 19 C4 39 22 7D 10 4C 0D
        :           F4 96 04 78 11 85 4E 7E E3 C3 BC B2 DF 55 17 79
        :           5F F2 4E E5 25 42 37 45 39 5D F6 DA 57 9A 4E 0B
        :         }
        :       }
        :     }
        :   }

Jennings, et al. Informational [Page 25] RFC 6216 SIP Secure Call Flows April 2011

 Below is the ASN.1 parsing of "BINARY BLOB 4".
  0  472: SEQUENCE {
  4    9:   OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
 15  457:   [0] {
 19  453:     SEQUENCE {
 23    1:       INTEGER 1
 26   11:       SET {
 28    9:         SEQUENCE {
 30    5:           OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
 37    0:           NULL
        :           }
        :         }
 39   11:       SEQUENCE {
 41    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
        :         }
 52  420:       SET {
 56  416:         SEQUENCE {
 60    1:           INTEGER 1
 63  125:           SEQUENCE {
 65  112:             SEQUENCE {
 67   11:               SET {
 69    9:                 SEQUENCE {
 71    3:                   OBJECT IDENTIFIER countryName (2 5 4 6)
 76    2:                   PrintableString 'US'
        :                   }
        :                 }
 80   19:               SET {
 82   17:                 SEQUENCE {
 84    3:                   OBJECT IDENTIFIER
        :                     stateOrProvinceName (2 5 4 8)
 89   10:                   UTF8String 'California'
        :                   }
        :                 }
  101   17:               SET {
  103   15:                 SEQUENCE {
  105    3:                   OBJECT IDENTIFIER localityName (2 5 4 7)
  110    8:                   UTF8String 'San Jose'
        :                   }
        :                 }
  120   14:               SET {
  122   12:                 SEQUENCE {
  124    3:                   OBJECT IDENTIFIER
        :                     organizationName (2 5 4 10)
  129    5:                   UTF8String 'sipit'
        :                   }
        :                 }
  136   41:               SET {

Jennings, et al. Informational [Page 26] RFC 6216 SIP Secure Call Flows April 2011

  138   39:                 SEQUENCE {
  140    3:                   OBJECT IDENTIFIER
        :                     organizationalUnitName (2 5 4 11)
  145   32:                   UTF8String 'Sipit Test Certificate
                                          Authority'
        :                   }
        :                 }
        :               }
  179    9:             INTEGER 00 96 A3 84 17 4E EF 8A 4D
        :             }
  190    9:           SEQUENCE {
  192    5:             OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
  199    0:             NULL
        :             }
  201   13:           SEQUENCE {
  203    9:             OBJECT IDENTIFIER
        :               rsaEncryption (1 2 840 113549 1 1 1)
  214    0:             NULL
        :             }
  216  256:           OCTET STRING
        :             6E 51 AC 24 2E BA 7C A1 EE 80 A8 55 BC D4 64 5D
        :             E5 29 09 5F B2 AF AA 6F 91 D2 97 79 32 5B AF CA
        :             FE A1 73 FC E5 57 4E C6 3B 67 35 AA E4 78 1E 59
        :             93 EE 67 63 77 1E 7A 82 BC 1E 26 0F 39 75 0C A6
        :             26 92 01 6A B7 5D F0 C0 2C 51 46 FB A7 36 44 E3
        :             64 C6 11 CB 0B 6B FD F3 6D 7C FD 3E AE 2E 91 BB
        :             78 9E F4 1B A1 20 68 B9 DE D3 E3 0C FC F7 14 9A
        :             2C 64 AB 27 52 BD 52 EC 27 88 14 BD DB C3 54 C7
        :             EA 48 DB 07 E9 9B 2E C8 BE 62 A2 76 83 53 37 E8
        :             02 4B D1 86 E9 DF 2E BD 93 39 EC 2F 01 53 A0 7F
        :             1A B9 A6 31 FC E7 91 1C DB 22 4A 67 83 94 B2 4E
        :             28 A9 CD DE 4A 04 6A E0 86 90 7B 58 5F DB 7A 96
        :             96 A0 25 61 C2 58 A2 28 E5 B3 B2 F1 6D 51 06 9C
        :             78 61 0D D8 3A A7 9F A3 B5 87 0B 80 11 C2 A9 1A
        :             E5 17 1C EB 82 55 AB CD 04 E7 D9 5B 11 E8 B7 47
        :             FE FD CC B7 DB 47 6F 77 85 9E 24 D8 11 E1 E4 7D
        :           }
        :         }
        :       }
        :     }
        :   }

5. Observed Interoperability Issues

 This section describes some common interoperability problems.  These
 were observed by the authors at SIPit interoperability events.
 Implementers should be careful to verify that their systems do not
 introduce these common problems, and, when possible, make their

Jennings, et al. Informational [Page 27] RFC 6216 SIP Secure Call Flows April 2011

 clients forgiving in what they receive.  Implementations should take
 extra care to produce reasonable error messages when interacting with
 software that has these problems.
 Some SIP clients incorrectly only do SSLv3 and do not support TLS.
 See Section 26.2.1 of [RFC3261].
 Many SIP clients were found to accept expired certificates with no
 warning or error.  See Section 4.1.2.5 of [RFC5280].
 When used with SIP, TLS and S/MIME provide the identity of the peer
 that a client is communicating with in the Subject Alternative Name
 in the certificate.  The software checks that this name corresponds
 to the identity the server is trying to contact.  Normative text
 describing path validation can be found in Section 7 of [RFC5922] and
 Section 6 of [RFC5280].  If a client is trying to set up a TLS
 connection to good.example.com and it gets a TLS connection set up
 with a server that presents a valid certificate but with the name
 evil.example.com, it will typically generate an error or warning of
 some type.  Similarly with S/MIME, if a user is trying to communicate
 with sip:fluffy@example.com, one of the items in the Subject
 Alternate Name set in the certificate will need to match according to
 the certificate validation rules in Section 23 of [RFC3261] and
 Section 6 of [RFC5280].
 Some implementations used binary MIME encodings while others used
 base64.  It is advisable that implementations send only binary and
 are prepared to receive either.  See Section 3.2 of [RFC5621].
 In several places in this document, the messages contain the encoding
 for the SHA-1 digest algorithm identifier.  The preferred form for
 encoding as set out in Section 2 of [RFC3370] is the form in which
 the optional AlgorithmIdentifier parameter field is omitted.
 However, [RFC3370] also says the recipients need to be able to
 receive the form in which the AlgorithmIdentifier parameter field is
 present and set to NULL.  Examples of the form using NULL can be
 found in Section 4.2 of [RFC4134].  Receivers really do need to be
 able to receive the form that includes the NULL because the NULL
 form, while not preferred, is what was observed as being generated by
 most implementations.  Implementers should also note that if the
 algorithm is MD5 instead of SHA-1, then the form that omits the
 AlgorithmIdentifier parameters field is not allowed and the sender
 has to use the form where the NULL is included.
 The preferred encryption algorithm for S/MIME in SIP is AES as
 defined in [RFC3853].

Jennings, et al. Informational [Page 28] RFC 6216 SIP Secure Call Flows April 2011

 Observed S/MIME interoperability has been better when UAs did not
 attach the senders' certificates.  Attaching the certificates
 significantly increases the size of the messages, which should be
 considered when sending over UDP.  Furthermore, the receiver cannot
 rely on the sender to always send the certificate, so it does not
 turn out to be useful in most situations.
 Please note that the certificate path validation algorithm described
 in Section 6 of [RFC5280] is a complex algorithm for which all of the
 details matter.  There are numerous ways in which failing to
 precisely implement the algorithm as specified in Section 6 of
 [RFC5280] can create a security flaw, a simple example of which is
 the failure to check the expiration date that is already mentioned
 above.  It is important for developers to ensure that this validation
 is performed and that the results are verified by their applications
 or any libraries that they use.

6. Additional Test Scenarios

 This section provides a non-exhaustive list of tests that
 implementations should perform while developing systems that use
 S/MIME and TLS for SIP.
 Much of the required behavior for inspecting certificates when using
 S/MIME and TLS with SIP is currently underspecified.  The non-
 normative recommendations in this document capture the current
 folklore around that required behavior, guided by both related
 normative works such as [RFC4474] (particularly, Section 13.4 Domain
 Names and Subordination) and informative works such as [RFC2818],
 Section 3.1.  To summarize, test plans should:
 o  For S/MIME secured bodies, ensure that the peer's URI (address-of-
    record, as per [RFC3261], Section 23.3) appears in the
    subjectAltName of the peer's certificate as a
    uniformResourceIdentifier field.
 o  For TLS, ensure that the peer's hostname appears as described in
    [RFC5922].  Also:
  • ensure an exact match in a dNSName entry in the subjectAltName

if there are any dNSNames in the subjectAltName. Wildcard

       matching is not allowed against these dNSName entries.  See
       Section 7.1 of [RFC5922].
  • ensure that the most specific CommonName in the Subject field

matches if there are no dNSName entries in the subjectAltName

       at all (which is not the same as there being no matching

Jennings, et al. Informational [Page 29] RFC 6216 SIP Secure Call Flows April 2011

       dNSName entries).  This match can be either exact, or against
       an entry that uses the wildcard matching character '*'.
    The peer's hostname is discovered from the initial DNS query in
    the server location process [RFC3263].
 o  IP addresses can appear in subjectAltName ([RFC5280]) of the
    peer's certificate, e.g., "IP:192.168.0.1".  Note that if IP
    addresses are used in subjectAltName, there are important
    ramifications regarding the use of Record-Route headers that also
    need to be considered.  See Section 7.5 of [RFC5922].  Use of IP
    addresses instead of domain names is inadvisable.
 For each of these tests, an implementation will proceed past the
 verification point only if the certificate is "good".  S/MIME
 protected requests presenting bad certificate data will be rejected.
 S/MIME protected responses presenting bad certificate information
 will be ignored.  TLS connections involving bad certificate data will
 not be completed.
 1.   S/MIME : Good peer certificate
 2.   S/MIME : Bad peer certificate (peer URI does not appear in
      subjectAltName)
 3.   S/MIME : Bad peer certificate (valid authority chain does not
      end at a trusted CA)
 4.   S/MIME : Bad peer certificate (incomplete authority chain)
 5.   S/MIME : Bad peer certificate (the current time does not fall
      within the period of validity)
 6.   S/MIME : Bad peer certificate (certificate, or certificate in
      authority chain, has been revoked)
 7.   S/MIME : Bad peer certificate ("Digital Signature" is not
      specified as an X509v3 Key Usage)
 8.   TLS : Good peer certificate (hostname appears in dNSName in
      subjectAltName)
 9.   TLS : Good peer certificate (no dNSNames in subjectAltName,
      hostname appears in Common Name (CN) of Subject)

Jennings, et al. Informational [Page 30] RFC 6216 SIP Secure Call Flows April 2011

 10.  TLS : Good peer certificate (CN of Subject empty, and
      subjectAltName extension contains an iPAddress stored in the
      octet string in network byte order form as specified in RFC 791
      [RFC0791])
 11.  TLS : Bad peer certificate (no match in dNSNames or in the
      Subject CN)
 12.  TLS : Bad peer certificate (valid authority chain does not end
      at a trusted CA)
 13.  TLS : Bad peer certificate (incomplete authority chain)
 14.  TLS : Bad peer certificate (the current time does not fall
      within the period of validity)
 15.  TLS : Bad peer certificate (certificate, or certificate in
      authority chain, has been revoked)
 16.  TLS : Bad peer certificate ("TLS Web Server Authentication" is
      not specified as an X509v3 Key Usage)
 17.  TLS : Bad peer certificate (Neither "SIP Domain" nor "Any
      Extended Key Usage" specified as an X509v3 Extended Key Usage,
      and X509v3 Extended Key Usage is present)

7. Acknowledgments

 Many thanks to the developers of all the open source software used to
 create these call flows.  This includes the underlying crypto and TLS
 software used from openssl.org, the SIP stack from
 www.resiprocate.org, and the SIP for Instant Messaging and Presence
 Leveraging Extensions (SIMPLE) Instant Messaging and Presence
 Protocol (IMPP) agent from www.sipimp.org.  The TLS flow dumps were
 done with SSLDump from http://www.rtfm.com/ssldump.  The book "SSL
 and TLS" [EKR-TLS] was a huge help in developing the code for these
 flows.  It's sad there is no second edition.
 Thanks to Jim Schaad, Russ Housley, Eric Rescorla, Dan Wing, Tat
 Chan, and Lyndsay Campbell, who all helped find and correct mistakes
 in this document.
 Vijay Gurbani and Alan Jeffrey contributed much of the additional
 test scenario content.

Jennings, et al. Informational [Page 31] RFC 6216 SIP Secure Call Flows April 2011

8. Security Considerations

 Implementers must never use any of the certificates provided in this
 document in anything but a test environment.  Installing the CA root
 certificates used in this document as a trusted root in operational
 software would completely destroy the security of the system while
 giving the user the impression that the system was operating
 securely.
 This document recommends some things that implementers might test or
 verify to improve the security of their implementations.  It is
 impossible to make a comprehensive list of these, and this document
 only suggests some of the most common mistakes that have been seen at
 the SIPit interoperability events.  Just because an implementation
 does everything this document recommends does not make it secure.
 This document does not show any messages to check certificate
 revocation status (see Sections 3.3 and 6.3 of [RFC5280]) as that is
 not part of the SIP call flow.  The expectation is that revocation
 status is checked regularly to protect against the possibility of
 certificate compromise or repudiation.  For more information on how
 certificate revocation status can be checked, see [RFC2560] (Online
 Certificate Status Protocol) and [RFC5055] (Server-Based Certificate
 Validation Protocol).

9. References

9.1. Normative References

 [RFC0791]          Postel, J., "Internet Protocol", STD 5, RFC 791,
                    September 1981.
 [RFC2560]          Myers, M., Ankney, R., Malpani, A., Galperin, S.,
                    and C. Adams, "X.509 Internet Public Key
                    Infrastructure Online Certificate Status Protocol
                    - OCSP", RFC 2560, June 1999.
 [RFC3261]          Rosenberg, J., Schulzrinne, H., Camarillo, G.,
                    Johnston, A., Peterson, J., Sparks, R., Handley,
                    M., and E. Schooler, "SIP: Session Initiation
                    Protocol", RFC 3261, June 2002.
 [RFC3263]          Rosenberg, J. and H. Schulzrinne, "Session
                    Initiation Protocol (SIP): Locating SIP Servers",
                    RFC 3263, June 2002.
 [RFC3370]          Housley, R., "Cryptographic Message Syntax (CMS)
                    Algorithms", RFC 3370, August 2002.

Jennings, et al. Informational [Page 32] RFC 6216 SIP Secure Call Flows April 2011

 [RFC3428]          Campbell, B., Rosenberg, J., Schulzrinne, H.,
                    Huitema, C., and D. Gurle, "Session Initiation
                    Protocol (SIP) Extension for Instant Messaging",
                    RFC 3428, December 2002.
 [RFC3853]          Peterson, J., "S/MIME Advanced Encryption Standard
                    (AES) Requirement for the Session Initiation
                    Protocol (SIP)", RFC 3853, July 2004.
 [RFC4474]          Peterson, J. and C. Jennings, "Enhancements for
                    Authenticated Identity Management in the Session
                    Initiation Protocol (SIP)", RFC 4474, August 2006.
 [RFC5055]          Freeman, T., Housley, R., Malpani, A., Cooper, D.,
                    and W. Polk, "Server-Based Certificate Validation
                    Protocol (SCVP)", RFC 5055, December 2007.
 [RFC5246]          Dierks, T. and E. Rescorla, "The Transport Layer
                    Security (TLS) Protocol Version 1.2", RFC 5246,
                    August 2008.
 [RFC5280]          Cooper, D., Santesson, S., Farrell, S., Boeyen,
                    S., Housley, R., and W. Polk, "Internet X.509
                    Public Key Infrastructure Certificate and
                    Certificate Revocation List (CRL) Profile",
                    RFC 5280, May 2008.
 [RFC5621]          Camarillo, G., "Message Body Handling in the
                    Session Initiation Protocol (SIP)", RFC 5621,
                    September 2009.
 [RFC5652]          Housley, R., "Cryptographic Message Syntax (CMS)",
                    STD 70, RFC 5652, September 2009.
 [RFC5751]          Ramsdell, B. and S. Turner, "Secure/Multipurpose
                    Internet Mail Extensions (S/MIME) Version 3.2
                    Message Specification", RFC 5751, January 2010.
 [RFC5922]          Gurbani, V., Lawrence, S., and A. Jeffrey, "Domain
                    Certificates in the Session Initiation Protocol
                    (SIP)", RFC 5922, June 2010.
 [RFC5923]          Gurbani, V., Mahy, R., and B. Tate, "Connection
                    Reuse in the Session Initiation Protocol (SIP)",
                    RFC 5923, June 2010.

Jennings, et al. Informational [Page 33] RFC 6216 SIP Secure Call Flows April 2011

 [RFC5924]          Lawrence, S. and V. Gurbani, "Extended Key Usage
                    (EKU) for Session Initiation Protocol (SIP) X.509
                    Certificates", RFC 5924, June 2010.
 [X.509]            International Telecommunications Union,
                    "Information technology - Open Systems
                    Interconnection - The Directory: Public-key and
                    attribute certificate frameworks",
                    ITU-T Recommendation X.509 (2005), ISO/
                    IEC 9594-8:2005.
 [X.683]            International Telecommunications Union,
                    "Information technology - Abstract Syntax Notation
                    One (ASN.1): Parameterization of ASN.1
                    specifications", ITU-T Recommendation X.683
                    (2002), ISO/IEC 8824-4:2002, 2002.

9.2. Informative References

 [EKR-TLS]          Rescorla, E., "SSL and TLS - Designing and
                    Building Secure Systems", Addison-Wesley, ISBN
                    0-201-61598-3, 2001.
 [RFC2818]          Rescorla, E., "HTTP Over TLS", RFC 2818, May 2000.
 [RFC4134]          Hoffman, P., "Examples of S/MIME Messages",
                    RFC 4134, July 2005.
 [RFC4475]          Sparks, R., Hawrylyshen, A., Johnston, A.,
                    Rosenberg, J., and H. Schulzrinne, "Session
                    Initiation Protocol (SIP) Torture Test Messages",
                    RFC 4475, May 2006.
 [RFC4514]          Zeilenga, K., "Lightweight Directory Access
                    Protocol (LDAP): String Representation of
                    Distinguished Names", RFC 4514, June 2006.
 [ssldump-manpage]  Rescorla, E., "SSLDump manpage",
                    <http://www.rtfm.com/ssldump/Ssldump.html>.

Jennings, et al. Informational [Page 34] RFC 6216 SIP Secure Call Flows April 2011

Appendix A. Making Test Certificates

 These scripts allow you to make certificates for test purposes.  The
 certificates will all share a common CA root so that everyone running
 these scripts can have interoperable certificates.  WARNING - these
 certificates are totally insecure and are for test purposes only.
 All the CAs created by this script share the same private key to
 facilitate interoperability testing, but this totally breaks the
 security since the private key of the CA is well known.
 The instructions assume a Unix-like environment with openssl
 installed, but openssl does work in Windows too.  OpenSSL version
 0.9.8j was used to generate the certificates used in this document.
 Make sure you have openssl installed by trying to run "openssl".  Run
 the makeCA script found in Appendix A.1; this creates a subdirectory
 called demoCA.  If the makeCA script cannot find where your openssl
 is installed you will have to set an environment variable called
 OPENSSLDIR to whatever directory contains the file openssl.cnf.  You
 can find this with a "locate openssl.cnf".  You are now ready to make
 certificates.
 To create certificates for use with TLS, run the makeCert script
 found in Appendix A.2 with the fully qualified domain name of the
 proxy you are making the certificate for, e.g., "makeCert
 host.example.net domain eku".  This will generate a private key and a
 certificate.  The private key will be left in a file named
 domain_key_example.net.pem in Privacy Enhanced Mail (PEM) format.
 The certificate will be in domain_cert_example.net.pem.  Some
 programs expect both the certificate and private key combined
 together in a Public-Key Cryptography Standards (PKCS) #12 format
 file.  This is created by the script and left in a file named
 example.net.p12.  Some programs expect this file to have a .pfx
 extension instead of .p12 -- just rename the file if needed.  A file
 with a certificate signing request, called example.net.csr, is also
 created and can be used to get the certificate signed by another CA.
 A second argument indicating the number of days for which the
 certificate should be valid can be passed to the makeCert script.  It
 is possible to make an expired certificate using the command
 "makeCert host.example.net 0".
 Anywhere that a password is used to protect a certificate, the
 password is set to the string "password".
 The root certificate for the CA is in the file
 root_cert_fluffyCA.pem.

Jennings, et al. Informational [Page 35] RFC 6216 SIP Secure Call Flows April 2011

 For things that need DER format certificates, a certificate can be
 converted from PEM to DER with "openssl x509 -in cert.pem -inform PEM
 -out cert.der -outform DER".
 Some programs expect certificates in PKCS #7 format (with a file
 extension of .p7c).  You can convert these from PEM format to PKCS #7
 with "openssl crl2pkcs7 -nocrl -certfile cert.pem -certfile demoCA/
 cacert.pem -outform DER -out cert.p7c".
 IE (version 8), Outlook Express (version 6), and Firefox (version
 3.5) can import and export .p12 files and .p7c files.  You can
 convert a PKCS #7 certificate to PEM format with "openssl pkcs7 -in
 cert.p7c -inform DER -outform PEM -out cert.pem".
 The private key can be converted to PKCS #8 format with "openssl
 pkcs8 -in a_key.pem -topk8 -outform DER -out a_key.p8c".
 In general, a TLS client will just need the root certificate of the
 CA.  A TLS server will need its private key and its certificate.
 These could be in two PEM files, a single file with both certificate
 and private key PEM sections, or a single .p12 file.  An S/MIME
 program will need its private key and certificate, the root
 certificate of the CA, and the certificate for every other user it
 communicates with.

A.1. makeCA script

 #!/bin/sh
 set -x
 rm -rf demoCA
 mkdir demoCA
 mkdir demoCA/certs
 mkdir demoCA/crl
 mkdir demoCA/newcerts
 mkdir demoCA/private
 # This is done to generate the exact serial number used for the RFC
 echo "4902110184015C" > demoCA/serial
 touch demoCA/index.txt
 # You may need to modify this for where your default file is
 # you can find where yours in by typing "openssl ca"
 for D in /etc/ssl /usr/local/ssl /sw/etc/ssl /sw/share/ssl; do
   CONF=${OPENSSLDIR:=$D}/openssl.cnf
   [ -f ${CONF} ] && break
 done

Jennings, et al. Informational [Page 36] RFC 6216 SIP Secure Call Flows April 2011

 CONF=${OPENSSLDIR}/openssl.cnf
 if [ ! -f $CONF  ]; then
     echo "Can not find file $CONF - set your OPENSSLDIR variable"
     exit
 fi
 cp $CONF openssl.cnf
 cat >> openssl.cnf  <<EOF
 [ sipdomain_cert ]
 subjectAltName=\${ENV::ALTNAME}
 basicConstraints=CA:FALSE
 subjectKeyIdentifier=hash
 authorityKeyIdentifier=keyid,issuer
 keyUsage = nonRepudiation,digitalSignature,keyEncipherment
 extendedKeyUsage=serverAuth,1.3.6.1.5.5.7.3.20
 [ sipdomain_req ]
 basicConstraints = CA:FALSE
 subjectAltName=\${ENV::ALTNAME}
 subjectKeyIdentifier=hash
 [ sipuser_cert ]
 subjectAltName=\${ENV::ALTNAME}
 basicConstraints=CA:FALSE
 subjectKeyIdentifier=hash
 authorityKeyIdentifier=keyid,issuer
 keyUsage = nonRepudiation,digitalSignature,keyEncipherment
 extendedKeyUsage=emailProtection,1.3.6.1.5.5.7.3.20
 [ sipuser_req ]
 basicConstraints = CA:FALSE
 subjectAltName=\${ENV::ALTNAME}
 subjectKeyIdentifier=hash
 [ sipdomain_noeku_cert ]
 subjectAltName=\${ENV::ALTNAME}
 basicConstraints=CA:FALSE
 subjectKeyIdentifier=hash
 authorityKeyIdentifier=keyid,issuer
 keyUsage = nonRepudiation,digitalSignature,keyEncipherment
 [ sipdomain_noeku_req ]
 basicConstraints = CA:FALSE
 subjectAltName=\${ENV::ALTNAME}
 subjectKeyIdentifier=hash

Jennings, et al. Informational [Page 37] RFC 6216 SIP Secure Call Flows April 2011

 [ sipuser_noeku_cert ]
 subjectAltName=\${ENV::ALTNAME}
 basicConstraints=CA:FALSE
 subjectKeyIdentifier=hash
 authorityKeyIdentifier=keyid,issuer
 keyUsage = nonRepudiation,digitalSignature,keyEncipherment
 [ sipuser_noeku_req ]
 basicConstraints = CA:FALSE
 subjectAltName=\${ENV::ALTNAME}
 subjectKeyIdentifier=hash
 EOF
 cat > demoCA/private/cakey.pem <<EOF
 -----BEGIN ENCRYPTED PRIVATE KEY-----
 MIIFDjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIlwtc771DlNUCAggA
 MBQGCCqGSIb3DQMHBAhRD3Z1i2TavwSCBMgXoXo0H/dTplHwnqfW7Uh1dr776z7B
 lsNxlenMA6lYmALF/4E1tqOE2/aEbr8W3wTVjNpew9r5TBsbA1I9/FMMe+USc1ra
 5pIdDLx7ynzHvxcUWJ1xbWGeLcEmXGOvzkwW/oOg49Yq1ce1GtlLSV2L7Wi93TUQ
 Q8i5l0X0xjx7cB7kaHTOTyaN0sxUE3qlQ2sXTbbHWUfIaNpEZUI5ITrDUflfMnxb
 RogQGv+5owsM7zwzfyGz3QocM9WaZwKFOEOqBvEfGaaZ9ml+cn1Rz/1Id7tSBlRH
 3ucN2mGdEVIUvzSACZ9LPuIO7WBGM56enDRsqZji4WfqDHdXa4gkJKqPEJeBnLVA
 jxCmLJSyikM25kHDm8LWuOckO/Rk+7999h13Qv1Ynm7yCincorqdlTrAdmq1Z8Tj
 QPgXioTlx6++6yxiDCV7Mwkydox31K9y/Tf2cZ//dWuf/lfMaaq8HfpSNl4RKqsz
 ufL41K5sCzPRIugUdooUQSGPC0JgcskPcifT6zvrI62KLPFVrwG5HT9PdevQvC6O
 VgglxbEGJ7I4vllzmY62/0LtQKIA6bh8pszvvmHjGo9s+f+p7KJVYygEHNEmRTm+
 8M2owk67033sV6IClDOAdRL8siTHmcmM+r1x9VVIppsDrzjqQqYVGYBbjEJW8eQp
 t7kAjuN48tDD1mS8E6DstPv/6S0AjzAqCbjkuPJ0WU5fD1cY+iTpo9vcunohcj+i
 KVXsM34wOsBpMBjFQ+Aww5bsIkEV1liOYLav1F7/BvP2s0gc3puM5W35y1cbKLu2
 ThJV7mIWoV770aQYpJba0UAk9OzBVEvPNahrDI1NucbEkFrhN2pfnOs7k4UvrjiK
 uknKrm3gocDOdstyMZX81Beyj06NhpcJH+bOSvROk/d68aAsapy6qS9hLijNNbcd
 itQ/fo+1o9MDujT/huj7ZFqdzNM3KA6vxf0kmmVM+GJbYke+cjXk6WB80lF9lYcB
 0pWPd+fgwFL252FUoFcjvUWFXkvbR1+IMkv6sNdKcXHHazAE6nl6yPl9bVwCaS1I
 WNqEfHntblNZbeW+3qH8ov1ZXVCqEmaHkajSAhFJKXCgpSXaIx2FSntzpVFbRpnw
 Yd9eml9xwgE3l9aRuvR6p61fd051LzCh7KjvorV1CemPUT6YRBamFNCBoT7cqjhE
 kqMQfowKkMEY0p2dzMnGzsSPKk10nI53RgPyD/8FT5dPuq073SyjxTKhAbvl+kVl
 lrfZ6b7P/UKwLBCT3bLG6uU/Es84euWN+U2JXIADPoCcVeWrUqkf4j368c2Z8Zdd
 A27X4ZJ+q+YfsFNiOA7vshHi3Am3gBzQhEEGsRdzgkf8qmtlRGhq/823GEexoUfu
 8SiOOjoU08HGAkTtPWjV5+0C6Q6RW9SmNMwz7msZHoKTQ8kz2LKXUwb6DBwWcw6/
 UTUgzVXqhA8HmjsnVe9ftDKL66v9zlp4RVRdDzm4TYUybYh5uigFbjJFLlnJnJho
 TcnusHO80Cxgs64khLRzM46Oi+JSEPv7o7zHcfWNOVtNW908EKCubtEDZtnQn9VC
 0Sky9R/WzunaLlG3LZ3BRUhWpyyvdNxlNq3ie4tcRMlXIEe14UZN0sPCKZY//NEn
 BEc=
 -----END ENCRYPTED PRIVATE KEY-----
 EOF

Jennings, et al. Informational [Page 38] RFC 6216 SIP Secure Call Flows April 2011

 cat > demoCA/cacert.pem <<EOF
 -----BEGIN CERTIFICATE-----
 MIIDtTCCAp2gAwIBAgIJAJajhBdO74pMMA0GCSqGSIb3DQEBBQUAMHAxCzAJBgNV
 BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMREwDwYDVQQHDAhTYW4gSm9zZTEO
 MAwGA1UECgwFc2lwaXQxKTAnBgNVBAsMIFNpcGl0IFRlc3QgQ2VydGlmaWNhdGUg
 QXV0aG9yaXR5MCAXDTExMDEyNzE4MzYwNVoYDzIxMTEwMTAzMTgzNjA1WjBwMQsw
 CQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTERMA8GA1UEBwwIU2FuIEpv
 c2UxDjAMBgNVBAoMBXNpcGl0MSkwJwYDVQQLDCBTaXBpdCBUZXN0IENlcnRpZmlj
 YXRlIEF1dGhvcml0eTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKsf
 kWHxHMXNpnsWm7cUeeQwnpjQ7Ae3vXfX0fVbLOLu5rGw8IX6pbzLzM9pLE/8UO+d
 MSvAWer7ZG8fVac9/XDSVtsUmReScKwm+DRBcNnAA5FqutERj6wSMd65GXCNXad9
 ixnMQD+u/94f25SzRndsrq7/PtaEW8LeCyZl0JHHcEvHCkq/x5cE3bpYR8vgKyN2
 h2XFVTQQqycfHPgwPbCbyqKBcky9YP73If4L2wvb6VsBNtQoFWt569CRGyFZuA6q
 v9WxbHA3oz+lfQ6VRvb2WGeDdUI3GAukQTmyL2yALHjspQ++nBD4wAsNc5meDdeX
 UMvMRTQjSUGFIiStKcMCAwEAAaNQME4wHQYDVR0OBBYEFJVFfl8r6mWYEpEE82PH
 aJpYFncnMB8GA1UdIwQYMBaAFJVFfl8r6mWYEpEE82PHaJpYFncnMAwGA1UdEwQF
 MAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAAZfnq6gmry1uVt+lzPM32OYmJTLDWap
 g+iqWCpZoZ5HMaavXD+iJYb43wWSt9tpoWlyh2bFqzWJATcZyXTrCdE/iHskE0LK
 LftF5sxL+CF48/WX7AmSJKLw5pSNl0oAlAC9JbgXLFJTXcxcSKShHS32UFUTpNOy
 ovTxuW1IXlzz3uD8WQmh2RRhZb/YP7m6LnztXCSba8qqX/HBHrCo2oIP+0xxO017
 OMjjiioZNEQmC+rwRzhGKGUE4gFS3ew95fVTdHd0dW3G2cIKrDu4mFxVUzR0Uqgm
 sS8wItCLt/Og3WgHM9Wut4GylFhyTnzGci+9bGn7tReoKo3XLJEGyAw=
 -----END CERTIFICATE-----
 EOF
 # uncomment the following lines to generate your own key pair
 # openssl req -newkey rsa:2048 -passin pass:password \
 #     -passout pass:password -set_serial 0x96a384174eef8a4c \
 #     -sha1 -x509 -keyout demoCA/private/cakey.pem \
 #     -out demoCA/cacert.pem -days 36500 -config ${CONF} <<EOF
 # US
 # California
 # San Jose
 # sipit
 # Sipit Test Certificate Authority
 #
 #
 # EOF
 # either randomly generate a serial number, or set it manually
 # hexdump -n 4 -e '4/1 "%04u"' /dev/random > demoCA/serial
 echo 96a384174eef8a4d > demoCA/serial

Jennings, et al. Informational [Page 39] RFC 6216 SIP Secure Call Flows April 2011

 openssl crl2pkcs7 -nocrl -certfile demoCA/cacert.pem \
         -outform DER -out demoCA/cacert.p7c
 cp demoCA/cacert.pem root_cert_fluffyCA.pem

A.2. makeCert script

#!/bin/sh
set -x
# Make a symbolic link to this file called "makeUserCert"
# if you wish to use it to make certs for users.
# ExecName=$(basename $0)
#
# if [ ${ExecName} == "makeUserCert" ]; then
#   ExtPrefix="sipuser"
# elif [ ${ExecName} == "makeEkuUserCert" ]; then
#   ExtPrefix="sipuser_eku"
# elif [ ${ExecName} == "makeEkuCert" ]; then
#   ExtPrefix="sipdomain_eku"
# else
#   ExtPrefix="sipdomain"
# fi
if [  $# == 3  ]; then
  DAYS=36500
elif [ $# == 4 ]; then
  DAYS=$4
else
  echo "Usage: makeCert test.example.org user|domain eku|noeku [days]"
  echo "       makeCert alice@example.org [days]"
  echo "days is how long the certificate is valid"
  echo "days set to 0 generates an invalid certificate"
  exit 0
fi
ExtPrefix="sip"${2}
if [ $3 == "noeku" ]; then
  ExtPrefix=${ExtPrefix}"_noeku"
fi
DOMAIN=`echo $1 | perl -ne '{print "$1\n" if (/(\w+\..*)$/)}'   `
USER=`echo $1 | perl -ne '{print "$1\n" if (/(\w+)\@(\w+\..*)$/)}'   `
ADDR=$1
echo "making cert for $DOMAIN ${ADDR}"

Jennings, et al. Informational [Page 40] RFC 6216 SIP Secure Call Flows April 2011

if [ $2 == "user" ]; then
  CNVALUE=$USER
else
  CNVALUE=$DOMAIN
fi
rm -f ${ADDR}_*.pem
rm -f ${ADDR}.p12
case ${ADDR} in
*:*) ALTNAME="URI:${ADDR}" ;;
*@*) ALTNAME="URI:sip:${ADDR},URI:im:${ADDR},URI:pres:${ADDR}" ;;
*)   ALTNAME="DNS:${DOMAIN},URI:sip:${ADDR}" ;;
esac
rm -f demoCA/index.txt
touch demoCA/index.txt
rm -f demoCA/newcerts/*
export ALTNAME
openssl genrsa  -out ${ADDR}_key.pem 2048
openssl req -new  -config openssl.cnf -reqexts ${ExtPrefix}_req \
        -sha1 -key ${ADDR}_key.pem \
        -out ${ADDR}.csr -days ${DAYS} <<EOF
US
California
San Jose
sipit
${CNVALUE}
EOF
if [ $DAYS == 0 ]; then
openssl ca -extensions ${ExtPrefix}_cert -config openssl.cnf \
    -passin pass:password -policy policy_anything \
    -md sha1 -batch -notext -out ${ADDR}_cert.pem \
    -startdate 990101000000Z \
    -enddate 000101000000Z \
     -infiles ${ADDR}.csr
else
openssl ca -extensions ${ExtPrefix}_cert -config openssl.cnf \
    -passin pass:password -policy policy_anything \
    -md sha1 -days ${DAYS} -batch -notext -out ${ADDR}_cert.pem \
     -infiles ${ADDR}.csr
fi

Jennings, et al. Informational [Page 41] RFC 6216 SIP Secure Call Flows April 2011

openssl pkcs12 -passin pass:password \
    -passout pass:password -export \
    -out ${ADDR}.p12 -in ${ADDR}_cert.pem \
    -inkey ${ADDR}_key.pem -name ${ADDR} -certfile demoCA/cacert.pem
openssl x509 -in ${ADDR}_cert.pem -noout -text
case ${ADDR} in
*@*) mv ${ADDR}_key.pem user_key_${ADDR}.pem; \
     mv ${ADDR}_cert.pem user_cert_${ADDR}.pem ;;
*)   mv ${ADDR}_key.pem domain_key_${ADDR}.pem; \
     mv ${ADDR}_cert.pem domain_cert_${ADDR}.pem ;;
esac

Appendix B. Certificates for Testing

 This section contains various certificates used for testing in PEM
 format.

B.1. Certificates Using EKU

 These certificates make use of the EKU specification described in
 [RFC5924].

Jennings, et al. Informational [Page 42] RFC 6216 SIP Secure Call Flows April 2011

 Fluffy's user certificate for example.com:
  1. —-BEGIN CERTIFICATE—–

MIIEGTCCAwGgAwIBAgIJAJajhBdO74pNMA0GCSqGSIb3DQEBBQUAMHAxCzAJBgNV

 BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMREwDwYDVQQHDAhTYW4gSm9zZTEO
 MAwGA1UECgwFc2lwaXQxKTAnBgNVBAsMIFNpcGl0IFRlc3QgQ2VydGlmaWNhdGUg
 QXV0aG9yaXR5MCAXDTExMDIwNzE5MzIxN1oYDzIxMTEwMTE0MTkzMjE3WjBWMQsw
 CQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTERMA8GA1UEBxMIU2FuIEpv
 c2UxDjAMBgNVBAoTBXNpcGl0MQ8wDQYDVQQDEwZmbHVmZnkwggEiMA0GCSqGSIb3
 DQEBAQUAA4IBDwAwggEKAoIBAQCjLFkM6bzk7NOe+5kC7LE2OrfTHU3DOrauUL1f
 VQh3jH6k6fBoMSiPIzJWGcMil6dt/aciKgG1r2G9X37BFOWYKbQ0TjiKJu4N2tsn
 uXjWrKwEeDKYwnXnarctszzj65el74tZQlAXe/6nga83p+fjH7CN0HIvbBRCxgFo
 4Y/9Vk19zxbcqgVhCwrKyuxR7FNuPSsAgP41GwYKYROIC0TzzP0rDrSiC6CXhBQu
 7ivjL8EanoaaeGqiTFeT5wEm01YNvbAv+NrHPAHcyy0xjGzGXLRj6LKiQBG/rfht
 EgGXHUf4ahWL+yeWc0RGNNckHM9WjdS+1pRb8KZn493PtPLVAgMBAAGjgc0wgcow
 UQYDVR0RBEowSIYWc2lwOmZsdWZmeUBleGFtcGxlLmNvbYYVaW06Zmx1ZmZ5QGV4
 YW1wbGUuY29thhdwcmVzOmZsdWZmeUBleGFtcGxlLmNvbTAJBgNVHRMEAjAAMB0G
 A1UdDgQWBBSFlwm401U3JIrc3uORcuQiz5iHUjAfBgNVHSMEGDAWgBSVRX5fK+pl
 mBKRBPNjx2iaWBZ3JzALBgNVHQ8EBAMCBeAwHQYDVR0lBBYwFAYIKwYBBQUHAwQG
 CCsGAQUFBwMUMA0GCSqGSIb3DQEBBQUAA4IBAQCoqY/YiguI7f9Pv+XNj557uOby
 LKrjI1uacV79IKPd2dPB8ujwvnfbM8yKe0+RK43W9xTDjeBg0zRQvL5nIs31dHv0
 mmiiUiuBL0bTCZ8lwyDoENXvOHvRF9Tx11RnVvETzy/8i4P8FOcBglmDzLGN8Mfa
 TrHczFTPbDtHR1mH2Rbsr6/hEhMjHgrb9bX/XasVDuMlkQAOkNvYBxGQgQE6SKiq
 nrBi0zbwDLcvpxeSUjYpFArWZYZnc3RuqjzuRzgeyG4GgYUcLvC2BH1sONuBnLgH
 4we+9S8JaGMEa4cONrmho/vIMAygY41tqwr4RLB4GRo4fvpqodRLS3V1v28J
 -----END CERTIFICATE-----

Jennings, et al. Informational [Page 43] RFC 6216 SIP Secure Call Flows April 2011

 Fluffy's private key for user certificate for example.com:
  1. —-BEGIN RSA PRIVATE KEY—–

MIIEpQIBAAKCAQEAoyxZDOm85OzTnvuZAuyxNjq30x1Nwzq2rlC9X1UId4x+pOnw

 aDEojyMyVhnDIpenbf2nIioBta9hvV9+wRTlmCm0NE44iibuDdrbJ7l41qysBHgy
 mMJ152q3LbM84+uXpe+LWUJQF3v+p4GvN6fn4x+wjdByL2wUQsYBaOGP/VZNfc8W
 3KoFYQsKysrsUexTbj0rAID+NRsGCmETiAtE88z9Kw60ogugl4QULu4r4y/BGp6G
 mnhqokxXk+cBJtNWDb2wL/jaxzwB3MstMYxsxly0Y+iyokARv634bRIBlx1H+GoV
 i/snlnNERjTXJBzPVo3UvtaUW/CmZ+Pdz7Ty1QIDAQABAoIBAH+bSvjiQir1WnnW
 YM78s4mpWeDr5chrvjmMQsyu/zQe11u4551T9FgcOl1DQGtpFjLaTz5Ug4nGYjVq
 3QG6ieL5mkfddDH2R+zl3sWuMmYQG2ZTaZ41VWdo+V/v8Ap+T9YhA2UGiwQSoA/3
 R0PLN3lTaws8nE+hwiaGGsweujBvcaIJu4RQrGHRHaeEplU+tfjcHHElfzUAmKyM
 cMgF8IpdUcA1pyHe3Pyc0oGnLyEVnv291xGWQfWT7nqf7K0QDLA6+TvbG3fGEYIw
 WK4DMraUbZ66Jlnj1XfADoxWOTsygV+KYhZcbwjBWAUSOSduAtfwa6b72OnWd28J
 8KYvrXECgYEA1eCJZZSavxhlfxqsWC/WdQ8S3SimI62KSLrN3bI0RO/60KiU2ap3
 16ZhNLq8t3DjpkWiZrukixs2odsU7k3z6q+qm++P0TUwL7z3Bri0FimqUeVSYgAf
 ZmFgGz7wLAM29zhv0hTZjGrrwMlNSyJ2tjyqpiO1XqkbdBpPBxKPrdcCgYEAw09f
 4M2QKQBFzjecPeQpwJqnh8cuoHS+2CNLYGjlmjd/zAUgVF2+WPA1R1DmjAqJ9iwh
 15Yx3CbknpKbfhfilmHkcGyA+fjQaisq/NzN3Ya0FP9Waht0FoBsAHt9X5xFwXH6
 YBKUrqoPF5DAy427EL1nsIRa+LtoPaTdqpphFzMCgYEAlgSOO0s2FA43uyTpeF3t
 rmQpVilaB7KFSaiGGBgUY7p0koF9DwRsVT4l9sd48a7kb09ur2K08sHe2z8BenoB
 Oj+HiyNJHHSTXRjNqNBLuTP2fMU+uPDfFX/92n6WFjkXB+d1P8VSJxUkUjCg36/H
 1uHMzQZFBKXXVOPTROG3GDcCgYEAoPFmq8QZOIA+BbnzqVi8QzfuN8geFyE9JrSm
 55JpKdT0HbZXts3tDjMbZGI5KUuB9nbViGb/PVBbcoSTV6vtD0kpyq7O9a5gaCyc
 ZvS5PARFn0vt9NAcsHIxDZC1drU7EjaPQN3u4aPHff7NsK9haGD78gyPPoqIUsvp
 0i0XNtsCgYEAxIUikI+5wXIrnC1FUt0gt6+4T0zc7qEO0EpQRtktZ/1saNXEhA6N
 EUqWLJMOnClhp72V5IvXsKgjxU8VpgIZeHIIt5jZb8XMmBiSQxiVTf6rp3s8PqlM
 EtXfh7TdJzKuRP7d0g2uG4boJMFf590nqNjrxj9VeSxEWUrSK3YG/h8=
 -----END RSA PRIVATE KEY-----

Jennings, et al. Informational [Page 44] RFC 6216 SIP Secure Call Flows April 2011

 Kumiko's user certificate for example.net:
  1. —-BEGIN CERTIFICATE—–

MIIEGTCCAwGgAwIBAgIJAJajhBdO74pOMA0GCSqGSIb3DQEBBQUAMHAxCzAJBgNV

 BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMREwDwYDVQQHDAhTYW4gSm9zZTEO
 MAwGA1UECgwFc2lwaXQxKTAnBgNVBAsMIFNpcGl0IFRlc3QgQ2VydGlmaWNhdGUg
 QXV0aG9yaXR5MCAXDTExMDIwNzE5MzIxN1oYDzIxMTEwMTE0MTkzMjE3WjBWMQsw
 CQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTERMA8GA1UEBxMIU2FuIEpv
 c2UxDjAMBgNVBAoTBXNpcGl0MQ8wDQYDVQQDEwZrdW1pa28wggEiMA0GCSqGSIb3
 DQEBAQUAA4IBDwAwggEKAoIBAQDL5odVdA3gFf/MuGIqbMY8Kl7g7kUfexWkpXbT
 ptxlxf2D8hzUX8/PUn2XXcTbP019DqA+MkMiX4NNGpDZyeoIrcquKUXK7UQlRoKy
 Q6Va11DijHTqdPTWFIrRhbRUhPjj0WvG1AFPYRRG/IZfRQcH8Aw1w8XSp614m1mY
 9XwL5LuHNimAgjADHMrSk1obmHws0thU9nV0t1UG1SA1lA32JZX81bqKDg3Tq1Ho
 fsKU3GwoBZG507lVG5bcV2ByA5HnCFpFeDTDYE23197USLhqRtIqrxxr64SFo9Dn
 P0mYH6e3lRveAZhdKIbCHgGaKqIr7+SZDnLdCyKDrFSPC/lbAgMBAAGjgc0wgcow
 UQYDVR0RBEowSIYWc2lwOmt1bWlrb0BleGFtcGxlLm5ldIYVaW06a3VtaWtvQGV4
 YW1wbGUubmV0hhdwcmVzOmt1bWlrb0BleGFtcGxlLm5ldDAJBgNVHRMEAjAAMB0G
 A1UdDgQWBBQ02bNX/rnbbYoEy6wU7oyst63WbDAfBgNVHSMEGDAWgBSVRX5fK+pl
 mBKRBPNjx2iaWBZ3JzALBgNVHQ8EBAMCBeAwHQYDVR0lBBYwFAYIKwYBBQUHAwQG
 CCsGAQUFBwMUMA0GCSqGSIb3DQEBBQUAA4IBAQCTN2SNTLUcvgtVnBi3RBRtD0+p
 aiFPtWQ+YWbyCG/+NetesegCwi7xBOgSK+GxUWpTVuDW5smyTTZyvrMQhpkckcyO
 KvuUVz0/yK67oSume1vo75KY8BvgfeZXZG4PjqqelJ3czB0XLfeb6KFmtoiHQ/R7
 4i/O9+MhB3Zoeg5bm5f2g9ljYwRbD1Uav/aH9WeGEX992d9XJ/bpGGPrAdgmV3jo
 KDFKh8ys1yfmM3xVdU0qPtos2nlzGNaqoceeFZoYaMf8uTzoaan6KZkQDTiMDRpt
 YKxyS721re/840FwDvt67w+GIfFf7ISrAlkHwroYt0NMnLv610rka8qnVvaQ
 -----END CERTIFICATE-----

Jennings, et al. Informational [Page 45] RFC 6216 SIP Secure Call Flows April 2011

 Kumiko's private key for user certificate for example.net:
  1. —-BEGIN RSA PRIVATE KEY—–

MIIEpAIBAAKCAQEAy+aHVXQN4BX/zLhiKmzGPCpe4O5FH3sVpKV206bcZcX9g/Ic

 1F/Pz1J9l13E2z9NfQ6gPjJDIl+DTRqQ2cnqCK3KrilFyu1EJUaCskOlWtdQ4ox0
 6nT01hSK0YW0VIT449FrxtQBT2EURvyGX0UHB/AMNcPF0qeteJtZmPV8C+S7hzYp
 gIIwAxzK0pNaG5h8LNLYVPZ1dLdVBtUgNZQN9iWV/NW6ig4N06tR6H7ClNxsKAWR
 udO5VRuW3FdgcgOR5whaRXg0w2BNt9fe1Ei4akbSKq8ca+uEhaPQ5z9JmB+nt5Ub
 3gGYXSiGwh4BmiqiK+/kmQ5y3Qsig6xUjwv5WwIDAQABAoIBAHCXmrGgRS0xWLBW
 PLbKm+iLSRsR14+bqwbg663SHTAB1Yzvu+W2Bo2oMnvMJrEe0o407l2J6bJoZZvF
 CKmKqrYiKaJkXgrBW/jtZ6xCWGPCNAL1pnX1IWG5tDIgj8SALOO4N7hyR0rrA4Rz
 W0vuVQSYFFX4BhvdxZesyRwCqn3x0pPSff95Ad+vuJd5CYuFZCuyGkszQ3fi+Nia
 Gqs01EuyolEv72rsw2E5+wtx3qXB8Z4HXr+Yq9NbE8lp2CWd1Uh1qIHl8kwWmnIG
 V3oLKiIowV+M6Zx/uzwAMF0Rdn5kET+b5DOlIksUAAa8LZsf95rOvkLgw7aZaj5e
 sXhAdGECgYEA8930YqU2+AcEkjC5hygw1M/X5k/IcvZp0a8/in2hJW7iZgGh0AFE
 jjxuoIVXbxSf9cZ+M6g76Svww9ecmovLArqbhFaLfbZCsrLeEAhQtGcu3wv7o6px
 N0EbbF5FmOK7qaQ1Sgqj0NF5zP2JsrxGNoRmgFFwVdcpP/3Jp/IlZEsCgYEA1guI
 /7I8h9og1dmTPzMpvpnANdRF/iuMX9AE4LNRp09Hjx0B7Vuat1ABtx09/ZN1hLhZ
 BTZ5R2R2RjbzSHXZ3FdoMgSx9Q3qa+xuPel4RcppHNjdYkPDhPLnOUwQBqFL6kyU
 nTEF+k6VIZvNsmGbB6wpHU1cjDAZUx71p6W49TECgYAMHpa7pExUDT076rH9tpCe
 sume544lsHtX0WbOAipVCuqzeRdKmBWJIBW7YoUS3yqH82JoPM8lamqfwQJmZ9Yh
 /5YlAIwUJk+wQ9VnZJJmNM6OhTDvVFQmE9VCEHlS/Mmox6FiWZ8EjLSJ7HvAZzzy
 Dqhtbh6wFW5WYM15zD3xewKBgQCRmIkY/QGFm0+Ih5ZMgB3eI7GGLB1sNe0nY1Ve
 Dzv0pc3UQHQGI7CLDuYLy91V9o8St17+V76JXIHDYy97U4bdBau/kkgGm++gd9PJ
 U11Xg8aaM73rUJLXhW7ZH68rA16jQnI4tpcNW5S/pr51n0UYI/hXkT7psPIZA08w
 OV8lkQKBgQDaGzCYC/6WumGJUerVCzZd/H6+E3ntZmtz273c8+wV89oRtZzUoJY4
 bVNrYFs9iKFxLtNGRECEU2VzDXHUAguqe05rbzPudAZ4wSsrNchUyw8LkIXHDckt
 pVLs0vhRK2gW/W2I+p2exSPQPt3Uy8tT6IsB9ZbNg/H4D160heHkuQ==
 -----END RSA PRIVATE KEY-----

Jennings, et al. Informational [Page 46] RFC 6216 SIP Secure Call Flows April 2011

 Domain certificate for example.com:
  1. —-BEGIN CERTIFICATE—–

MIID9DCCAtygAwIBAgIJAJajhBdO74pPMA0GCSqGSIb3DQEBBQUAMHAxCzAJBgNV

 BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMREwDwYDVQQHDAhTYW4gSm9zZTEO
 MAwGA1UECgwFc2lwaXQxKTAnBgNVBAsMIFNpcGl0IFRlc3QgQ2VydGlmaWNhdGUg
 QXV0aG9yaXR5MCAXDTExMDIwNzE5MzIxN1oYDzIxMTEwMTE0MTkzMjE3WjBbMQsw
 CQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTERMA8GA1UEBxMIU2FuIEpv
 c2UxDjAMBgNVBAoTBXNpcGl0MRQwEgYDVQQDEwtleGFtcGxlLmNvbTCCASIwDQYJ
 KoZIhvcNAQEBBQADggEPADCCAQoCggEBAN10BgIQwucEH7yMtiTnm5SjSDeFnm2D
 EoRQGo5IsfqGjKeAub5S7KbKY0eErfZ0hYIWfk42QAp0LCCpag5qfzXPcHFjfelD
 Z4FM6rUet0yjNQh7IQ0qcwdjnY11vx/UjuZnYHX36gp6bJCvkkXgYgWaihCY3HxU
 i+RhlTsE/BBQ74BFul6El3bBICXBkh2JCvdVYmT66GmiYkxn0wjZYbU9FlS2t0SN
 WSuQ1On7x32HWMMSrDN4AFC6BwWzuQEaY1Vs4XrsoweuOwKDoWngw9wtYemy47Nx
 yKbP2vs+mcflcbnJF9TtvKBHVAmMbm1TmizJaMZv8T2RGiRDd32RaUsCAwEAAaOB
 ozCBoDAnBgNVHREEIDAeggtleGFtcGxlLmNvbYYPc2lwOmV4YW1wbGUuY29tMAkG
 A1UdEwQCMAAwHQYDVR0OBBYEFMwGWVuLXtYN8gVNG2hUHvz5QxkXMB8GA1UdIwQY
 MBaAFJVFfl8r6mWYEpEE82PHaJpYFncnMAsGA1UdDwQEAwIF4DAdBgNVHSUEFjAU
 BggrBgEFBQcDAQYIKwYBBQUHAxQwDQYJKoZIhvcNAQEFBQADggEBAGqa0dsAS5CG
 sFPqbzAxiR6bCRS9b7kCqm9Y7jADuKH9s0Fy/7MNy3anF8ZXOAYT5fPkMBdN95e1
 83Tpgfj0VaMN9YI4w5hDUh+EzRq0o0WfPeIx/cuire1gffrSqkkvQamAAbvttnXJ
 l2l/DJFg8cRaNuhcrOGo55pV5eDNAfTek/Q4bMFx0v3NG10l65B7MUHnNw7lwAFI
 kfc03cYfdOY0NObNkw8/zpStkdnicrGfHdOlfV7ipFbFsXFNEApdplbmVx9IpVx1
 Z+qrNT72tvrB84rBgHEyGGwztfoWWhbhoWwZZ/VFaGRvsjHc41oastSHiZb9h7o4
 TgoZBwNLm7E=
 -----END CERTIFICATE-----

Jennings, et al. Informational [Page 47] RFC 6216 SIP Secure Call Flows April 2011

 Private key for domain certificate for example.com:
  1. —-BEGIN RSA PRIVATE KEY—–

MIIEpQIBAAKCAQEA3XQGAhDC5wQfvIy2JOeblKNIN4WebYMShFAajkix+oaMp4C5

 vlLspspjR4St9nSFghZ+TjZACnQsIKlqDmp/Nc9wcWN96UNngUzqtR63TKM1CHsh
 DSpzB2OdjXW/H9SO5mdgdffqCnpskK+SReBiBZqKEJjcfFSL5GGVOwT8EFDvgEW6
 XoSXdsEgJcGSHYkK91ViZProaaJiTGfTCNlhtT0WVLa3RI1ZK5DU6fvHfYdYwxKs
 M3gAULoHBbO5ARpjVWzheuyjB647AoOhaeDD3C1h6bLjs3HIps/a+z6Zx+VxuckX
 1O28oEdUCYxubVOaLMloxm/xPZEaJEN3fZFpSwIDAQABAoIBAB9s231ni4Dk4OwM
 u7w48acCFLlsSLMZqoMEKwCN6FO4zDTo23LaqaJxje0UMuuKVXfEYWAP6r6RBcIM
 yHQLQMoOCdLNX4y+d+2tUJErLq+9aUUu093ebDxcMntkfh6yNyUS/mk/KQMbpFRT
 1dn8oWxSJc19I6yxArkB7/9UEcDut6vzdbz+agXpHZH4Tje5OWZQXkHzsYobM8Y8
 c2XwudP1zdQtvOrrOeirexxpOQf4CBQnBxoGmbae9Wf27Kw2bBm5+blZFgdqNxoh
 6Q3rJ9EDyWkrVMAq9a67a59wST1ymyC0c6FmfToCMGlgoMPHcEdvuNYPWd2322oK
 ZdfsawECgYEA+AewMiTdhAE+9TId2qilLQV+y8bdTHQ9rSqW9SF+q5ShOpZa79ER
 asuDuqxU+TiewS0ircrkIyzQmCc1fnfBJh5y6GukpUk8HdLLkA29fV3ZJe+Y4ZbL
 b4TEy/RxEECQREgtnQiaw08yOlT1dobNwxzVsi3mrhtOpfbPBERZUSsCgYEA5JG2
 aGRCkyzASGAnZmqqXCP/pImU+tJb2OCgQ6/3gsxi/l91LwtRhFgx/ptYCgZWlpbz
 +mpnDqexKtowldbjorrUADw84zG4u9d+uWOCXEpCVIEu4DZsRURdy3OzpK1vJaUm
 NLgBiDj8JkUFrXTi4Rzx1Xysf6ndWAxDPDdI+GECgYEAoyFrYY+dohSvs9UijY4e
 FV5n5t8E7iQF7L72SoOdLHy1DjOV2+VF71erbDusJ751q9hj1qp7Iid3ips/M87P
 2qJsMTGbOJrST0s1V6mx16LCD5Fmm/jyFIbeaMZ9FpNgT4ipd38RSyPrhTIbv7kp
 3Ao7AtXtwtVzBPUvcz8A/8ECgYEAw2ps2F13qdql3nsO1Ho3gqVoaGUUUUlOK2MI
 wjYM1/AkZrR4PKthm1PIEpT/tTpsBz2yBBO6XoYya5+10DWz0yoGHNljeR7GgRqh
 hqC0EHGQuizkRd9hu+rSgiI+oXmCQF4tBv+Wl7+YnKOAUidP3gTgIZUA6fjxe9io
 FzBxG6ECgYEAyAHvSeqqwmdotdpWgR3Fk1CmtH7ZPnF2rsuRBaBoYnWtU619ote+
 +Bmd4fBUB9tQOzUC9desRtoK3+wlJKHEPjm/0FxtQQi9ogHEn4e6P9jOwXJNkSsa
 GjGUfzQ3Vm2baeNMg7sH8C5mQ9nskDuCzdlVAB2bMp23oPl6cvPIb0E=
 -----END RSA PRIVATE KEY-----

Jennings, et al. Informational [Page 48] RFC 6216 SIP Secure Call Flows April 2011

 Domain certificate for example.net:
  1. —-BEGIN CERTIFICATE—–

MIID9DCCAtygAwIBAgIJAJajhBdO74pQMA0GCSqGSIb3DQEBBQUAMHAxCzAJBgNV

 BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMREwDwYDVQQHDAhTYW4gSm9zZTEO
 MAwGA1UECgwFc2lwaXQxKTAnBgNVBAsMIFNpcGl0IFRlc3QgQ2VydGlmaWNhdGUg
 QXV0aG9yaXR5MCAXDTExMDIwNzE5MzIxOFoYDzIxMTEwMTE0MTkzMjE4WjBbMQsw
 CQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTERMA8GA1UEBxMIU2FuIEpv
 c2UxDjAMBgNVBAoTBXNpcGl0MRQwEgYDVQQDEwtleGFtcGxlLm5ldDCCASIwDQYJ
 KoZIhvcNAQEBBQADggEPADCCAQoCggEBAOwsdgPVSPMweLWsBDHUSXJS6Vk6pu6K
 sVg8IWMf1g0TWTPc5jUAQlWlLNtmN4gcSzq5z1ecvf3rLMomJPZaWbektTTg1KZl
 2wQgyP+vx/Hf1BByj3s2DE/KZoLnQjFQawHHMc+kCtSa6dCFTmD9nA5cYDVxNmKG
 Kz/+5HYxe6ByI6NZGNlSB8ADPULcFg6UchO06JvrGFt1n9tAtMf5C31+YYGpqXBl
 qZOV8Wo0Gp6Vlnd4LrvDZkwjpQ/o7EuFbiK34Gvh3cuh9EkMbk+IPgVv7ohjWPDl
 6WygTkE2VXHDhhdN4MXPKyenXX35sB52fNytN+2qM8bo4QPfTZlGrx0CAwEAAaOB
 ozCBoDAnBgNVHREEIDAeggtleGFtcGxlLm5ldIYPc2lwOmV4YW1wbGUubmV0MAkG
 A1UdEwQCMAAwHQYDVR0OBBYEFNiNYjKOu6f046JHy28GDRVMeR7sMB8GA1UdIwQY
 MBaAFJVFfl8r6mWYEpEE82PHaJpYFncnMAsGA1UdDwQEAwIF4DAdBgNVHSUEFjAU
 BggrBgEFBQcDAQYIKwYBBQUHAxQwDQYJKoZIhvcNAQEFBQADggEBAHUzR2H2IWrQ
 ls3iqNlG7815mOjm9mgQX6WP2ILwBOTOqtPJ9uE2XZU9qw6d9vdcbAgLpp4Em4T7
 Whcs0zVTrgKpWjDlho/boRS1gP2Qu9I86zJzf2R3mhTHUsbpxIwMCcHQg/fdIIeP
 5Ar8R5DZXx/Q9zdQLE+cjMSjxo7q7uOV8DRkgMpYtp7BURg5ZXhnkAhEHxa3/SbU
 YGfy3PzRoAMQmRZieAXArsIxEfkaC4Dtox/D4XLvY7njBFv8H6wqlvQyDsKXWlUH
 8dS9i/3wFEpQtymUUeXwk8gzf2ytT6hgrX70s6BLy/IeRU+wLJ3k5YZpopQZjDm1
 fNQG/O8TJlQ=
 -----END CERTIFICATE-----

Jennings, et al. Informational [Page 49] RFC 6216 SIP Secure Call Flows April 2011

 Private key for domain certificate for example.net:
  1. —-BEGIN RSA PRIVATE KEY—–

MIIEogIBAAKCAQEA7Cx2A9VI8zB4tawEMdRJclLpWTqm7oqxWDwhYx/WDRNZM9zm

 NQBCVaUs22Y3iBxLOrnPV5y9/essyiYk9lpZt6S1NODUpmXbBCDI/6/H8d/UEHKP
 ezYMT8pmgudCMVBrAccxz6QK1Jrp0IVOYP2cDlxgNXE2YoYrP/7kdjF7oHIjo1kY
 2VIHwAM9QtwWDpRyE7Tom+sYW3Wf20C0x/kLfX5hgampcGWpk5XxajQanpWWd3gu
 u8NmTCOlD+jsS4VuIrfga+Hdy6H0SQxuT4g+BW/uiGNY8OXpbKBOQTZVccOGF03g
 xc8rJ6ddffmwHnZ83K037aozxujhA99NmUavHQIDAQABAoIBABfBYR2BlpTfi0S6
 yLE6aSjWriILhD76NFxrr/AIg79M8uwEjCNIo2N5+ckXvv4x2l9N0U0+tt2Tii3L
 KGyfKecO6isncjxKgn0nzw/o3nO1z97Xpxb9mL9t3GHOYRoUvK6xGpGILo60BlCz
 F+8pk0jegc7eVFoUpMULHm/FCmpY30N5cvCHcAE/ncW49bZmH3gQ+cmr5UcKKDUY
 baJyLd8Q1f+uSmtrfYZzRT5c+4wmrBUjv3w9poMJuEo4slRaDnyeKJPSNR/6/LJk
 tqnqgNif9cj9wqF6hWA23dDmmU/kSRtn1KOz5XmV9Jbo4Fu64Fvn/m/hj5Og4CP9
 hZUWIQECgYEA+nV2pzspCfS7jSebVnvjChvqJ0nJAilSqCmrSQIT5PRmO+GQs6UT
 PVN4GE0Ms8TTJyvxVkpoagQ36VLw/Wr0jUm+Z+dv1TIlFWTas8RNmdZHMv0LvfEe
 Qu2fTI68l2d/L9GBMUCYa/sucX5E9q+3LC+Qo9jw8ehWjQZsWYER4dsCgYEA8WYX
 AqDdKjHRqu2h248gZsuogiZq05iuzXhk2VTQoiM92mu8m1Htak+eov3/3wojqxuw
 TAQbf/t8EfQ7LIGjaKqAua7mgG/aNB6MGGwdpBAPUZDL+DuKfbDbzTOL/IuaW0Fp
 40RC0Up5nTU9wzIKB7a6n5S5R0KXxiGUIphfcGcCgYA6IYdPmziUOfxJ79ZrBUgV
 8ZKwWbzQxpyLsVgzEsthSaRs45a9S2QiyLvIECIRm25S2i0ilRSU/rOncPvEJc3q
 +SG7Zgkb146p34WvUbGdMhHGcNsH0+3tJM/jagG1tmzbwWmV7+MwtNT7vI3vH6uJ
 EuUkUlbiHsXv53zAbWekHwKBgBy5HwfLCEXbA62o9NdhImPY28YQuClRQ4tjReyu
 MNz6AIQayahZiTxbGO8f9fAeDrxvYPzKiFMkI1EnlFrpWf48O3DcpMSninklIVpO
 kwBQgOIdrods3j+yaZTzCzcTjVxKXkUSfDjW+b2A9kZhj9v3HCGc2qbl/5Utraio
 JMMFAoGAHb+k+C4e8WrW+jXbbG/DgAkSokK5vZwZLHeWBig9bEi626xN/oFEQVXp
 zqwyNo6zQaofmS6anT6P2M7NClSGJxh27eBTiTLp1NCXlGTWAQEtXmYtvnAZNzXC
 5Ur0wvS5bLx0nbhJwN8ZBwzJhYup0kU3pn99GcF+vkj5Eg7Zftg=
 -----END RSA PRIVATE KEY-----

Jennings, et al. Informational [Page 50] RFC 6216 SIP Secure Call Flows April 2011

B.2. Certificates NOT Using EKU

 These certificates do not make use of the EKU specification described
 in [RFC5924].  Most existing certificates fall in this category.
 Fluffy's user certificate for example.com:
  1. —-BEGIN CERTIFICATE—–

MIID+jCCAuKgAwIBAgIJAJajhBdO74pRMA0GCSqGSIb3DQEBBQUAMHAxCzAJBgNV

 BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMREwDwYDVQQHDAhTYW4gSm9zZTEO
 MAwGA1UECgwFc2lwaXQxKTAnBgNVBAsMIFNpcGl0IFRlc3QgQ2VydGlmaWNhdGUg
 QXV0aG9yaXR5MCAXDTExMDIwNzE5MzIxOFoYDzIxMTEwMTE0MTkzMjE4WjBWMQsw
 CQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTERMA8GA1UEBxMIU2FuIEpv
 c2UxDjAMBgNVBAoTBXNpcGl0MQ8wDQYDVQQDEwZmbHVmZnkwggEiMA0GCSqGSIb3
 DQEBAQUAA4IBDwAwggEKAoIBAQC6VyOIP6UANXy766KHiYDxyOpYEFboLJv6SEtw
 UWQoZS3hQurFidOu4gkCspblzaMoty7lnUexbFxUKdbJOWGMcB2hrezJ+6rwJPK/
 bF5YDijVtVqMRd5lv/Ni5yzteHfrMszWnz3t+ojgak4XTjBJmP2RO0T67GUpEbFV
 sDeYtWi+G1ebDAR6bf6Jdba2K6DnmkxT5Rr6oYJHIApYbubk28asBQN6EGBBgPEO
 RReJYrjoJR/rBDDe1bxK+ONdFXPlwjI/TRPMpvUYraWgTjJ18tXISgF1htaa/Y1K
 YP79Yun2Nl/3UQcPIc/C6CXBs3yAUK3qQO1G6C5pXH9KMMlNAgMBAAGjga4wgasw
 UQYDVR0RBEowSIYWc2lwOmZsdWZmeUBleGFtcGxlLmNvbYYVaW06Zmx1ZmZ5QGV4
 YW1wbGUuY29thhdwcmVzOmZsdWZmeUBleGFtcGxlLmNvbTAJBgNVHRMEAjAAMB0G
 A1UdDgQWBBT7CTXlQ5GKWvxGZNY24mmmVuEnRDAfBgNVHSMEGDAWgBSVRX5fK+pl
 mBKRBPNjx2iaWBZ3JzALBgNVHQ8EBAMCBeAwDQYJKoZIhvcNAQEFBQADggEBAKL9
 wUWGRhCQdhjzY4bx0R5Kwz+NHvsb8rjlPqfdcbNujBCw+rD+/uux0G3HwW+Mraj5
 U2tUehwz87k6SgdqADzL/CP2mjzCJo5uDhi+tzjeg6ZklTSZYQrL3FSv/AgcUfFI
 9HuCGkix/htaoEMy2zNZnZOjdtFME9w7wb3GxxqWTUzl9TToloCXYmLeQo/jwuad
 40ybun1P5CWkO5Md2Y5zuNfCsRRz5lLYtAVfANtLBfeFV+S87AwrrdeITT+iyB7H
 Jj+t24U4IMC8MttcHBlPPBuRVc2kmhNEQuTzelCsldXgY2+kn8ItnLdv1mvLpXA2
 2Y41CPLCSj9AlqqZL9I=
 -----END CERTIFICATE-----

Jennings, et al. Informational [Page 51] RFC 6216 SIP Secure Call Flows April 2011

 Fluffy's private key for user certificate for example.com:
  1. —-BEGIN RSA PRIVATE KEY—–

MIIEogIBAAKCAQEAulcjiD+lADV8u+uih4mA8cjqWBBW6Cyb+khLcFFkKGUt4ULq

 xYnTruIJArKW5c2jKLcu5Z1HsWxcVCnWyTlhjHAdoa3syfuq8CTyv2xeWA4o1bVa
 jEXeZb/zYucs7Xh36zLM1p897fqI4GpOF04wSZj9kTtE+uxlKRGxVbA3mLVovhtX
 mwwEem3+iXW2tiug55pMU+Ua+qGCRyAKWG7m5NvGrAUDehBgQYDxDkUXiWK46CUf
 6wQw3tW8SvjjXRVz5cIyP00TzKb1GK2loE4ydfLVyEoBdYbWmv2NSmD+/WLp9jZf
 91EHDyHPwuglwbN8gFCt6kDtRuguaVx/SjDJTQIDAQABAoIBABtIBLi+8K5eJlvw
 /MOxOwKrMrwf8ElftppnGTxhfjN31MbFIFA5hJd3GnCdqwAMIlYks6YEZ+mu/rmH
 wp2FXCXOiFgSebd8tCMilbO27v0fXZUkTxR4aj4lY0HYrLg7yfrSXjER8WQ1KPMK
 PVKmLOWpk34+2jOOhqUDpR3xhcJClQ81fC1hKe2JoixNDoPdfM3azTq8QUPLQD2I
 mjww1IH1677G5o/6qMloOM0Feqv/3cUWiRmvPv4eyGHdNtuFXKFpB4DQQMQL7TD8
 FoOHBymHIOzSSF+gYgBFOb0YNgu2CqZrfED9cf0rRotrbXf6tM+akclxfHhkfKaa
 JPZosbUCgYEA4MaetKsa7azhEYMc4TK0xhhV5Hi6lj1xR/6h++uYF0OIOBjM9yU3
 5n6vLpyghNbW2bK08OIWPO0F4syvyKYR2elmUDraH29DKAtRLEkU9K82RG4AmXmk
 G6ZsWOfx6Jf35OnAKVj/7aN9jc4K1v6EFyQGYEXbp4I0fhFfbJBAe28CgYEA1Dmx
 iKJD+jWW9ypHk51YJ3r+a5qPPNVmjGKQQje3Y6+rSlxmW0hMwXoCBOYRwhHBRA//
 SxH93PZ8rECjNkhxp6Ao87X2Gcol5U6kH+rwfd/3+SsHqPrugaDIwNlgkcu8VRrP
 8uP2CgJoDBi5UY2UR97GVK98x8k2Sf6kDT32mQMCgYB/KH3R8VY7jOiKcqTc1UWl
 J1E3/gB4S+wQ8YELth0FVCP0sDsLuZdlItfRw7OfUraa01k/SHeSIfiJdIghN6mz
 oDFMQ+7vh47zUWurZPCg95n4nk5ihIkNR1nV9elJTudjLcWS3pFyC2JU3XIObE+n
 k66zufFoUuWFSCi2juibqwKBgCT6RHe1JjkDe2FniX8r7D88y/W9wXVtDWgqiE4x
 XQ/OfP8A6IjBKTaQ5qcp2zBAXbdZPjc7VEta21A8FvQPXVZCrsAAFXha4413zVsO
 WYblLlTI7ZXA2yvU8wW/Gnds00zU1iTRGX6W+sAY0rll/M8k/tOknA5HfeEYsEbq
 Y/w3AoGASjoC9Fjy2aBvH8SQaimn/Rx3hOFR4myOGWtHxrXmezoO2YdcMO1d8rlz
 A/sQRvVofHRwyoaIkZkALprEGyxEqCdMmEs1h9xYAcxfW23RfqC39DYb9RTrRkwa
 ArJmcEdRESOsIYhhXGfE1QMGiwj1UXMWeYcLtqQKWiLLDTYYfQE=
 -----END RSA PRIVATE KEY-----

Jennings, et al. Informational [Page 52] RFC 6216 SIP Secure Call Flows April 2011

 Kumiko's user certificate for example.net:
  1. —-BEGIN CERTIFICATE—–

MIID+jCCAuKgAwIBAgIJAJajhBdO74pSMA0GCSqGSIb3DQEBBQUAMHAxCzAJBgNV

 BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMREwDwYDVQQHDAhTYW4gSm9zZTEO
 MAwGA1UECgwFc2lwaXQxKTAnBgNVBAsMIFNpcGl0IFRlc3QgQ2VydGlmaWNhdGUg
 QXV0aG9yaXR5MCAXDTExMDIwNzE5MzIxOFoYDzIxMTEwMTE0MTkzMjE4WjBWMQsw
 CQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTERMA8GA1UEBxMIU2FuIEpv
 c2UxDjAMBgNVBAoTBXNpcGl0MQ8wDQYDVQQDEwZrdW1pa28wggEiMA0GCSqGSIb3
 DQEBAQUAA4IBDwAwggEKAoIBAQDE/QVN7nxDDu5ov6b0cmHIFH93KhNbTEyCisir
 i4OeUBiCv9dgRgPBXffrIIVQdIlCoDeLDusHdsC9EfFWvg+pRlKVEDgwccO0F5AV
 bq3MK2Njma5I0lwpIa0RXYQ0K//oX/+jZeakhFty/R9yer0KaXWdLRd6KtncISui
 z9rFhlTB9lHg6vNJUN9+Xonbcs7siXbj3qZdhb7oipI4PoQlXVetyu+SzAVe6MsU
 5lwLmpQpIzQdSsJyxaAsW+AsyxunhWWiPZ888UM4vXjacZuj8GvJ8w2XjgJilQvV
 s8ojWMKnAGLaR7grTBmGQ90e6+cg7hWuoGBlQA0R0h8zWQz5AgMBAAGjga4wgasw
 UQYDVR0RBEowSIYWc2lwOmt1bWlrb0BleGFtcGxlLm5ldIYVaW06a3VtaWtvQGV4
 YW1wbGUubmV0hhdwcmVzOmt1bWlrb0BleGFtcGxlLm5ldDAJBgNVHRMEAjAAMB0G
 A1UdDgQWBBR6WwH61Ul7BIWeiKM35fMAiE9xazAfBgNVHSMEGDAWgBSVRX5fK+pl
 mBKRBPNjx2iaWBZ3JzALBgNVHQ8EBAMCBeAwDQYJKoZIhvcNAQEFBQADggEBAKE8
 y9YyoZlkFw4WxPalK087sSEveKBfzh4TuYQf5YcSIPw0coZGj/gNxn1juiYhE93G
 F+Si/hJM0M6cc7SLB5Spq06Tt3PyPBIOZOWk9koh92kDI3axSr6II9Plsvp+Xsrl
 bz5Zy8njy/YZrk/qOaHqQ5J6nPNp5qwF+ns2t+5Zl88Lli5nkBgOXFOuE0RIkcdF
 CUFRUj026GxAILR6wUThOzfq55Azwl5Y9Y9QmEjFhkbYLls00HxcJdnt+6Sdm/vN
 MeMJZdTzp1x+8pfPhJgHoyz7nkAxhgzC9RT33ra33BNkMQ6esRlQONJ+ZRsRLhHP
 O7+kvXvmj9AAsA291wY=
 -----END CERTIFICATE-----

Jennings, et al. Informational [Page 53] RFC 6216 SIP Secure Call Flows April 2011

 Kumiko's private key for user certificate for example.net:
  1. —-BEGIN RSA PRIVATE KEY—–

MIIEpAIBAAKCAQEAxP0FTe58Qw7uaL+m9HJhyBR/dyoTW0xMgorIq4uDnlAYgr/X

 YEYDwV336yCFUHSJQqA3iw7rB3bAvRHxVr4PqUZSlRA4MHHDtBeQFW6tzCtjY5mu
 SNJcKSGtEV2ENCv/6F//o2XmpIRbcv0fcnq9Cml1nS0XeirZ3CEros/axYZUwfZR
 4OrzSVDffl6J23LO7Il2496mXYW+6IqSOD6EJV1XrcrvkswFXujLFOZcC5qUKSM0
 HUrCcsWgLFvgLMsbp4Vloj2fPPFDOL142nGbo/BryfMNl44CYpUL1bPKI1jCpwBi
 2ke4K0wZhkPdHuvnIO4VrqBgZUANEdIfM1kM+QIDAQABAoIBADuLR+kwp3sVrlcX
 Z34IfSofmBALNeKpA4+KJ/JCr7xQ9bfACXhecZAnuWLnZ6TUNRFgoKl2DvEookYE
 gHD57n36dcf9KR7rpH5xiOoRlJNcoiRfNeFpRNZiCZBwNiAXFLnHGtznVnpwT7xI
 axMNqsrU6epi0O/quAPkOu5x6e0+j+j3ZauI4EfD1w2R6moBMUtATauZEEyLuC9A
 6bFz2AFDchPVLwSjNMu0tAJc8Fss8xKls9HUXGS22eUfHxWfkCGwChuW60obGmas
 E7GS7h4g9QvvQ4hGSVy9/MmQ88GmT0LynOyzFBCpuwjOQTHwsD674ldMSL4kXYVK
 jcnTAkkCgYEA4bjN2ILis3uWTjvTNnrmWn1QoZBZDhg1LuNs5o1XtOJ7CdkckUvs
 nqqQYOzNk/9N8vUs12ds3csXHypuuGrJwAVf648RSPDUUQ2XOoPSL9NeuZt5V1fT
 1VyVWanKCBZ5sztISNVPt7Pu8DtGLHch4S/7M+gEUQB1Ogz7fyJHvFsCgYEA32mE
 6lN67aHkqMLa06ZI9JIk/3SsFIPpjwZ4tk+sQCqEzawPvkT7qF2+U8lVt0XXKJZL
 aexsopsULCGS86TEAPoYtjjk91p6ZZj8mgRZLU55g+gRdTpAFhXMgIctU7U6cDIw
 SPa6UxJp9XCa/Gf6YLfas9VBhc/8OC7I4ygjLDsCgYEAgAG7yuM/CSY3MRrARw8f
 f4W9qkIgHtwfnP2gjobtjEk8GXOkvcle4QQ9aJoiY6HPZM8hpO6kUIuSCzyXGcKF
 s33Yzc+Or9zTqzuX3blQA4tNFtlS0POf0En28KhXSIrmbXxbG+LMmJNUF6yluSW+
 cuQxA1i6ye0Gjes63Phl0i0CgYEAuEcILGQpTGMyAYWgC93n5Vu6ir+IxO89sgyL
 ew1irhakLiWTYsTxsyGHwQKb4i0IWOEHWVp7DPDPhcs3tCIezhN8WKm7KtAFj1HO
 YZfemsFU99lutPwUKmNWqFlXqOkeR7cOHtDsRWM15Q45uKJnYmmkSptHjYFNsGXe
 q4fK40sCgYBoAYtsLfMlqt7s3htx4hZSMFbLP/iMGW2DMMAzDW+Xxsvw86ibrcWY
 8c3hbohuJBpyAzba4QoR2G+gtRmodLca+tQFMrObETHFglNCY+WoHRSNRImbCS8w
 dsszPgHWf1nrxBLBiDFlHZwSqbZtLyBjPlHJ+fTiPNo6UTx8aDQ4Pw==
 -----END RSA PRIVATE KEY-----

Jennings, et al. Informational [Page 54] RFC 6216 SIP Secure Call Flows April 2011

 Domain certificate for example.com:
  1. —-BEGIN CERTIFICATE—–

MIID1TCCAr2gAwIBAgIJAJajhBdO74pTMA0GCSqGSIb3DQEBBQUAMHAxCzAJBgNV

 BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMREwDwYDVQQHDAhTYW4gSm9zZTEO
 MAwGA1UECgwFc2lwaXQxKTAnBgNVBAsMIFNpcGl0IFRlc3QgQ2VydGlmaWNhdGUg
 QXV0aG9yaXR5MCAXDTExMDIwNzE5MzIxOVoYDzIxMTEwMTE0MTkzMjE5WjBbMQsw
 CQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTERMA8GA1UEBxMIU2FuIEpv
 c2UxDjAMBgNVBAoTBXNpcGl0MRQwEgYDVQQDEwtleGFtcGxlLmNvbTCCASIwDQYJ
 KoZIhvcNAQEBBQADggEPADCCAQoCggEBAKEVuYyZlaqfqks9u9yWQRp9WfI+VsQg
 GpJH3vAfastElCdxlBV7+R2CaQ/GnXDnE0lAC5SiKRcvPHq5OLx1VnDADMWmcXBv
 wK5n1zN+7MUCy/MISMr7E2Nd+py8Ft3XhjWDIuUljAh4HDO4fxS/BFy8zozADxvP
 OfpE40EABF5aj7e+xjtkErdkMybAcSYyo53IHP3wDPxmMzCsOw/fi8bfy9j1GiUD
 uz01F9qT/Opz9K1snxgT1IK6GRlktG4JawSiohW1QbARfj9//hR7ZgeB0gO6LLGX
 cGXdl87JdA4ZHMZNinN4Cv8ctZYSQZ3dbt1pRRbGtq7elPskiinDuUkCAwEAAaOB
 hDCBgTAnBgNVHREEIDAeggtleGFtcGxlLmNvbYYPc2lwOmV4YW1wbGUuY29tMAkG
 A1UdEwQCMAAwHQYDVR0OBBYEFFNu6jHPsItA+vy/Jqv81MW7wLJpMB8GA1UdIwQY
 MBaAFJVFfl8r6mWYEpEE82PHaJpYFncnMAsGA1UdDwQEAwIF4DANBgkqhkiG9w0B
 AQUFAAOCAQEANH+wX56VJd0vVB9+Mef1xItWrSQUyNYZZCBq+y/5vIoOp6Chaupn
 xjTjWf50zg6CK8yKBWq8pGlG45GTUx+uCx+nVIbHpyTT5+YDDUzlIhhAUzIOOB33
 Fd/XI/1PK5p5ftuJIYXU0rGuaoH8ud/p2nhIf9mwicUHxViTX3PUwlFC7eMbevBo
 8/dMYnHb2i40ug6hsiYggsmQDbhHLVLo/yqkpvgzPLSSlkXS4sv2oIoJ/ISuSjhP
 QkQ7mh7h01ct/LOa53qWfbCVogQDhMEqPTVdPm+JzTrMlWeZdrk4KbnXGp64Jtpu
 xTVI4GcVAGWUT0cmpspDmHbPOKm5kcltkg==
 -----END CERTIFICATE-----

Jennings, et al. Informational [Page 55] RFC 6216 SIP Secure Call Flows April 2011

 Private key for domain certificate for example.com:
  1. —-BEGIN RSA PRIVATE KEY—–

MIIEpAIBAAKCAQEAoRW5jJmVqp+qSz273JZBGn1Z8j5WxCAakkfe8B9qy0SUJ3GU

 FXv5HYJpD8adcOcTSUALlKIpFy88erk4vHVWcMAMxaZxcG/ArmfXM37sxQLL8whI
 yvsTY136nLwW3deGNYMi5SWMCHgcM7h/FL8EXLzOjMAPG885+kTjQQAEXlqPt77G
 O2QSt2QzJsBxJjKjncgc/fAM/GYzMKw7D9+Lxt/L2PUaJQO7PTUX2pP86nP0rWyf
 GBPUgroZGWS0bglrBKKiFbVBsBF+P3/+FHtmB4HSA7ossZdwZd2Xzsl0Dhkcxk2K
 c3gK/xy1lhJBnd1u3WlFFsa2rt6U+ySKKcO5SQIDAQABAoIBABI9gIZAOedZLxJY
 Cja/ON4EBbRdhLuumvOnecIc/J3JxTD2Nnt8T0gdJUJpDhjjwZZQzz7kYdzDN4j6
 Akeszb30sT2MTFob/WiCT6cAH1VrrKZ3cK6zYY2l7aPj1H8IUaUrlT73UnT/DMp6
 gMFbo+XQZ18evFc8zubc+BK7KsN4Nb6/zMhw+PXEiyg2EGDN1Fo4TMhxPD4wBIMU
 8oLlE8A6GKimxAk3gMuIiS6Ruau2HpGkjkkHkAx/yzU1s8BCMoLDJjyyH19PRISr
 n0VFfe0gM0aZpdZ/94ynFPdMnBXTq8BabT09eiycuLKlL0g/ERmj6jIImGSYRWED
 GzlzX0UCgYEA0FDUek2uLhyltXwlzhDTldyuItiYZq/MeXaq2eA96zhJlD6aX+55
 PQIxEEfhgTNf4e4cKjXQSD7aixy7jp/kFGowFRlB4pwbLDuhlniYSxa8Kv0OpJM4
 DTAGue4QFZId5Z43KH755Ub7tjrCEIdQnij44DA3gPnjqXk973pdyVcCgYEAxfUx
 /zMXgTp7HxW+QHZD7xXEs4Fp1xjzL5BaHoJnM7WbmkWvUvcMaEE/i9RqpyGlXRiN
 jX6KBZ9UVgh/B0/AcYMa3DImTa0+Uie9kN7jTi5pzvIUAdFh+RyQ4tULWr5cgrzv
 PjGG9tXMthuIbILSumVEwvC+P6Ksi1r4xp1ezl8CgYEArF51sk2clqM1qpnzXjMm
 IJbdsA+w6ycD9m1uqaGXGo8UswmqCz70KrspheM0gQfVisjPnU2x7lWz1/AKcdVz
 kEDdUFf54FxzT4J4Dl3zBg7l3FxQRXVbp+3ZYvfNb0vcWSc1VNjcRg8aMIsmES8m
 UfhtFnRPOPWMn6qmyQVjnTkCgYB/3zlinkBKq9ooZEU3Iq4TXL5pLemOloFQcjCk
 kJvVnTRcXTM5pngPSEaiLp6OQ3+sOVYG1nyV0SwLPwW/VVb8fDH3lzWC66vcKeuc
 Dz5JnFWg5mLiIbzly/wTaochIOJlWWI5jIigHc9Uu0hOv9sbqJrYSea6+Hv4sNUO
 h01chQKBgQCKLEH7vWQX8fkw+yKnmvAFoZ5H3IHUQw/WYsoCOVnWoY+vowcuuTTt
 cbW1VkrtEjJPuYeEPa5NI2kmsNUZGrKCpx/3uq2JfMVopJzJN9biFM4ulcKqf9ie
 hiVIFVVmxq+dVmXBgXCknhYK1Mnt9b3BK6mDqerQjK1TKryqAJ2QpQ==
 -----END RSA PRIVATE KEY-----

Jennings, et al. Informational [Page 56] RFC 6216 SIP Secure Call Flows April 2011

 Domain certificate for example.net:
  1. —-BEGIN CERTIFICATE—–

MIID1TCCAr2gAwIBAgIJAJajhBdO74pUMA0GCSqGSIb3DQEBBQUAMHAxCzAJBgNV

 BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMREwDwYDVQQHDAhTYW4gSm9zZTEO
 MAwGA1UECgwFc2lwaXQxKTAnBgNVBAsMIFNpcGl0IFRlc3QgQ2VydGlmaWNhdGUg
 QXV0aG9yaXR5MCAXDTExMDIwNzE5MzIxOVoYDzIxMTEwMTE0MTkzMjE5WjBbMQsw
 CQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTERMA8GA1UEBxMIU2FuIEpv
 c2UxDjAMBgNVBAoTBXNpcGl0MRQwEgYDVQQDEwtleGFtcGxlLm5ldDCCASIwDQYJ
 KoZIhvcNAQEBBQADggEPADCCAQoCggEBAKoWx8g1KbnGX2YEOXrbod2pbR0fpkYW
 V7O/tIWHddl+ACLlqqNPKSmIqwAFbZ2uf7S95OkXhkgRJGw3BugftUJS7zDhqVqi
 dgPLMUPrdzpFazeh/AwBjc0wNBz/6tkUXrm7y/FwwzaCoKw+8Qm4Ibn2E3bNqWlm
 iyKOXnYt4LGmy6J5e64hfQ3Vqe0ze5cfLKcpBbjF/TF75utbnH25zE0C/o1b+x1f
 dwyDjsH0NN+A1ZFrI2NdleVAuH6F2vx4ctwZUzUJXyXezFmw5SRzhtWkb0iHO0ER
 Ne7hCHLCv2Z6/GfIuHirCsGtNKSQIC6k74MyD7D75nltnLVgJ7Oxt28CAwEAAaOB
 hDCBgTAnBgNVHREEIDAeggtleGFtcGxlLm5ldIYPc2lwOmV4YW1wbGUubmV0MAkG
 A1UdEwQCMAAwHQYDVR0OBBYEFC1TKpLjuKa/dPumVbeFXEW4UR6EMB8GA1UdIwQY
 MBaAFJVFfl8r6mWYEpEE82PHaJpYFncnMAsGA1UdDwQEAwIF4DANBgkqhkiG9w0B
 AQUFAAOCAQEAJry8LukecUv4DUs5u/s6IymyqDLpeNvm94yrIIk/eRW72Jtr9rf5
 6zF0Pd/+NzDXRYPe99HQgF3EKYndKIfnRUStJzIqiba2UszypDVRTQ6W9cH9e/1q
 FdCjjeoVkRvnGo91S8DkgWM4boNRUgZtYwP+1I8hR+0717tp0f4fKjYX+NxPe30r
 WzbLYXFDEiPndEgcxHc84Eeupit7VBQm7jxtF+XbaVGiLPGKCiYqdVS08h2ZakRK
 8T3xL8Ecs4/rQn7PNPyEfS52R8hC70r66aAxZqLbKNpth/SZ3/hdeAyJ/NnFMW1J
 uq3kB5YAJSwMYAUXaQhB1BvxKzXqstzJHQ==
 -----END CERTIFICATE-----

Jennings, et al. Informational [Page 57] RFC 6216 SIP Secure Call Flows April 2011

 Private key for domain certificate for example.net:
  1. —-BEGIN RSA PRIVATE KEY—–

MIIEowIBAAKCAQEAqhbHyDUpucZfZgQ5etuh3altHR+mRhZXs7+0hYd12X4AIuWq

 o08pKYirAAVtna5/tL3k6ReGSBEkbDcG6B+1QlLvMOGpWqJ2A8sxQ+t3OkVrN6H8
 DAGNzTA0HP/q2RReubvL8XDDNoKgrD7xCbghufYTds2paWaLIo5edi3gsabLonl7
 riF9DdWp7TN7lx8spykFuMX9MXvm61ucfbnMTQL+jVv7HV93DIOOwfQ034DVkWsj
 Y12V5UC4foXa/Hhy3BlTNQlfJd7MWbDlJHOG1aRvSIc7QRE17uEIcsK/Znr8Z8i4
 eKsKwa00pJAgLqTvgzIPsPvmeW2ctWAns7G3bwIDAQABAoIBAHIjpV+B5YVITL59
 +UCr4JyKVLGlioQf/CygafjtZTVVa6v/aRn8Rkgb8XyrJ9sXvZVBlTqiUbdM4Z9I
 8faVSKLAWsj3thkfSojTMzU77x+IdCG6LxSzekAGqAIJ7sRL+iEzl/Fm1WlgEYhl
 GIWILgHH01n3O0eCy72dwmAV+2Hazn8eBggkWxMp0fblRC9pVh0FCo+jy1lHasjL
 oOBkH51lbmZ4PUuUY072j2665gPm7i0nr25igef842JkbqAV8rAoNlQ26Y7tYLEw
 6QyLv0odeb0rHZ8IEzahWAdmIPGCIUcFM7RmyInOatGA0dVEU3uYnkUQQVOi/JTx
 46CCMbECgYEA4c1Dv/IVz9pdW1o/0MaJ94zfeg7Pgn5DRXnNMjCsSxVHSMINwlUl
 BcYozs77vWbIuXiXO2xQe9mGA2ss3+vNxB0eu6EBQ/fK16cQQQH52nXdrV1sqnkN
 5B5elFKcZKPfNVWrg0BC6csDndTcHp9STIKsxWkesLzC3Vz5UXZMsocCgYEAwNYV
 +SsCIQGLT8ZZfKyE2nHqRUFknKc/tWQJop5gnE4ws3Lql3SNyCUQr/sDYelxQDE3
 6COm197JcZ7jggDq7grigIxMznRxLMeG7bb7FfwPE/SKV0H5uagEB7ktFl8xIJKt
 yOCK1ulillQjToSs4uetHLRXKCDSEpRiSw7wRdkCgYEAkDKBXYa/nykYDUqpDi57
 1PbFkDD9G5x+YVPTUoX6wUgpabFjEANHzVQqo0dTRDTrYmY8Tdpx22WiS3SaB7WS
 hfcCtVewczM++lDZ9GnKoVQ76IaM6qC72j36sEXBUhPEa072ZK8ZDCx1dsmEeJnN
 +MZKhxcGXl9tIehJ31foyukCgYB9AUs1PwAeTVX13OrduyhUQ0xOoNmMA491Euh8
 FpciPD2t1mzkyZWvjPeIXPwQWLglmMJZJeNeRPnpQcrR165zqXKzSj/wBePn12BM
 cTXLRp6vnPKhJg+wno4eQ5hKzGKYbv1hHs5iCuDx+pD4sWExpmW+Gdn2FXCYwsAF
 UCXJ4QKBgAKSrm8Y5xQhd8RAMg9JZLGUpPnmTKNU98f3fUFnX7jZEZETasnn18vd
 65x04h58cohJJkNxqeL6k3lc3Mw0pzZrvsIha3ZMEoJPCgwBa8zLzrR13YQin6yf
 +bAmfTDmhigpORB36ODY4B1kcwxKzQ0n3XAtlrL7NRV5wHr2ejkY
 -----END RSA PRIVATE KEY-----

B.3. Certificate Chaining with a Non-Root CA

 Following is a certificate for a non-root CA in example.net.  The
 certificate was signed by the root CA shown in Section 2.1.  As
 indicated in Sections 4.2.1.9 and 4.2.1.3 [RFC5280], "cA" is set in
 Basic Constraints, and "keyCertSign" is set in Key Usage.  This
 identifies the certificate holder as a signing authority.
 Version: 3 (0x2)
 Serial Number:
     96:a3:84:17:4e:ef:8a:52
 Signature Algorithm: sha1WithRSAEncryption
 Issuer: C=US, ST=California, L=San Jose, O=sipit,
          OU=Sipit Test Certificate Authority
 Validity
     Not Before: Feb  7 20:21:13 2011 GMT
     Not After : Jan 14 20:21:13 2111 GMT
 Subject: C=US, ST=California, L=San Jose, O=sipit,

Jennings, et al. Informational [Page 58] RFC 6216 SIP Secure Call Flows April 2011

          OU=Test CA for example.net, CN=example.net
 Subject Public Key Info:
     Public Key Algorithm: rsaEncryption
     RSA Public Key: (2048 bit)
         Modulus (2048 bit):
             00:d4:46:65:51:f8:84:1c:b5:93:47:a5:15:14:06:
             ec:dc:2a:77:93:11:5e:75:14:d2:88:54:bd:16:50:
             dd:41:3f:7e:2a:e4:26:d5:a3:33:b0:5e:37:1d:e5:
             96:37:1c:1c:69:80:a4:ef:fd:22:78:d7:ce:d3:c3:
             de:96:fb:87:30:88:bc:06:14:80:5d:f3:ab:d7:64:
             3e:07:31:dc:97:c5:d6:19:26:bc:7d:0b:f8:de:5e:
             f9:0f:dc:9a:45:0f:28:8d:dd:fa:15:56:d5:35:17:
             28:80:d2:fc:1f:d6:95:95:42:0e:2c:47:38:53:ad:
             fd:0e:24:fd:a3:43:33:83:52:65:54:da:48:d8:dc:
             86:42:d5:26:ac:1d:52:54:08:52:e5:3f:4a:76:95:
             77:8d:c6:f2:33:f0:18:87:c8:fc:5b:54:5d:dd:65:
             f1:5c:f5:c8:f4:36:54:8a:b6:7b:6f:f8:55:f8:d8:
             d8:df:a9:7b:40:45:4c:92:0f:aa:b2:2c:a1:a8:64:
             d5:99:22:1e:28:78:a0:d8:e5:51:64:3f:03:14:a9:
             12:47:61:84:d6:b0:69:1a:6b:a3:6e:d8:ca:ce:43:
             50:ad:57:96:2b:87:15:d9:c2:11:03:b0:82:d4:f0:
             80:bf:dd:44:f4:f6:39:0a:2b:e3:4d:d3:f5:e7:aa:
             34:e5
         Exponent: 65537 (0x10001)
 X509v3 extensions:
     X509v3 Basic Constraints:
         CA:TRUE
     X509v3 Subject Key Identifier:
         72:70:CF:66:1E:23:A5:38:FC:6F:40:8F:86:8A:AF:E0:B9:6F:E9:C3
     X509v3 Authority Key Identifier:
         95:45:7E:5F:2B:EA:65:98:12:91:04:F3:63:C7:68:9A:58:16:77:27
     X509v3 Key Usage:
         Certificate Sign
     Signature Algorithm: sha1WithRSAEncryption
 70:73:c0:65:9c:2f:09:39:39:d6:a4:5b:95:e7:7b:43:34:b5:
 b9:b2:5d:76:eb:ef:87:e0:25:b6:68:ab:ee:f8:f7:85:c4:21:
 47:bb:6c:68:62:ff:f8:84:1e:44:5a:30:4e:ce:97:91:cc:3d:
 43:4a:8b:b7:25:26:08:63:c6:71:4a:c1:94:35:81:66:de:23:
 9d:e3:37:de:31:80:ed:58:b7:07:a7:ea:87:d3:cc:da:1b:62:
 c9:82:c2:17:e6:2d:20:e4:b2:69:14:cb:05:43:34:6f:b5:2c:
 60:d8:44:43:f9:e6:e9:3d:7c:54:a2:b9:d9:1e:7d:67:bb:3f:
 32:31:0d:c1:88:78:a8:67:39:f5:d2:3e:08:f7:38:84:a6:8f:
 c2:3e:00:ce:5f:b4:c8:da:a1:b5:2f:c2:89:60:a4:3a:2b:be:
 98:e0:44:34:af:ec:7f:73:26:f1:94:5b:39:09:b9:9f:93:c2:
 9d:7a:96:2f:82:66:c8:4d:f6:db:87:00:8e:bc:2a:b9:51:73:
 6c:cc:ff:e5:31:25:b1:4a:d0:9a:a9:c3:65:35:21:89:76:3d:
 39:f8:84:42:a6:03:0e:b5:c9:2f:5d:18:bc:9d:b9:82:f6:83:

Jennings, et al. Informational [Page 59] RFC 6216 SIP Secure Call Flows April 2011

 dd:2b:29:6c:8d:2c:8c:47:d4:7d:be:de:32:13:85:92:32:bc:
 61:62:6b:e5
 Robert's certificate was signed by the non-root CA in example.net:
 Version: 3 (0x2)
 Serial Number:
     96:a3:84:17:4e:ef:8a:53
 Signature Algorithm: sha1WithRSAEncryption
 Issuer: C=US, ST=California, L=San Jose, O=sipit,
          OU=Test CA for example.net,
          CN=example.net
 Validity
     Not Before: Feb  7 20:21:13 2011 GMT
     Not After : Jan 14 20:21:13 2111 GMT
 Subject: C=US, ST=California, L=San Jose, O=sipit, CN=robert
 Subject Public Key Info:
     Public Key Algorithm: rsaEncryption
     RSA Public Key: (2048 bit)
         Modulus (2048 bit):
             00:d3:dc:14:69:6b:71:09:2c:0b:0f:9d:95:08:c1:
             64:20:66:ef:9f:9c:30:06:30:39:eb:14:16:da:19:
             cc:41:4d:b1:cf:f8:53:5b:a5:0d:76:ec:97:ba:16:
             10:9f:ed:57:b5:fb:6d:4b:9f:8f:d0:9f:0e:15:a7:
             3e:88:c4:e4:ef:35:d1:63:91:20:68:18:f4:8e:3b:
             b4:0f:03:3e:a0:00:d6:c3:26:e7:57:8e:21:92:a3:
             7a:2d:21:44:48:db:01:b9:54:e8:dc:d6:e3:d1:b3:
             f2:4b:26:0f:3f:d4:99:63:e4:7e:14:0a:b2:73:1c:
             5f:3b:41:36:e9:9a:70:be:f7:4f:08:6b:4a:db:44:
             02:e8:bb:50:66:2c:98:94:45:9e:7e:01:0e:9d:c3:
             a9:03:b7:28:15:28:c3:cd:a2:ad:ab:07:f6:ff:69:
             f4:ec:ba:7f:4b:bd:9b:28:8c:0d:87:e2:66:d1:24:
             34:e5:77:be:89:f1:c9:76:4c:37:34:3a:bc:d9:9c:
             36:f5:28:60:01:29:5c:f4:1e:7a:15:19:34:81:1c:
             cf:1a:06:5c:0f:f9:81:67:dc:50:09:e2:a8:d7:9d:
             9f:35:6e:ff:a6:a8:80:74:6c:f8:a1:0a:f3:bb:2b:
             b6:51:8c:21:bc:06:72:59:d0:95:42:d3:02:2c:ce:
             f9:23
         Exponent: 65537 (0x10001)
 X509v3 extensions:
     X509v3 Subject Alternative Name:
         URI:sip:robert@example.net, URI:im:robert@example.net,
            URI:pres:robert@example.net
     X509v3 Basic Constraints:
         CA:FALSE
     X509v3 Subject Key Identifier:
         A6:42:BD:62:0D:6B:BF:EE:67:D4:C7:BC:09:3F:0B:3A:12:AB:19:CE
     X509v3 Authority Key Identifier:

Jennings, et al. Informational [Page 60] RFC 6216 SIP Secure Call Flows April 2011

         72:70:CF:66:1E:23:A5:38:FC:6F:40:8F:86:8A:AF:E0:B9:6F:E9:C3
     X509v3 Key Usage:
         Digital Signature, Non Repudiation, Key Encipherment
     X509v3 Extended Key Usage:
         E-mail Protection, 1.3.6.1.5.5.7.3.20
     Signature Algorithm: sha1WithRSAEncryption
 25:99:ea:1a:1e:96:6d:4e:b1:9c:5a:43:77:ea:3a:a7:a1:b7:
 22:db:b9:d4:9a:1e:17:f7:13:2e:b2:ca:80:dd:c9:a5:db:61:
 41:c6:8b:65:ae:0e:fc:9a:46:77:16:e0:e2:3d:1d:20:3c:e5:
 d5:e0:b8:03:41:4f:e7:69:bf:e0:4c:dd:cc:c4:51:b1:da:2f:
 ad:58:e1:ed:c6:5b:04:ea:1e:af:9a:89:cd:be:60:3c:9a:30:
 51:7f:99:5a:6b:5c:8f:5a:d4:b8:ce:b5:8b:31:74:70:b3:cc:
 5c:04:90:d8:8d:b6:75:55:fb:c1:d8:e8:db:cf:3d:80:e4:8d:
 2f:7e:b9:2b:a2:9e:9f:1e:6f:d0:4e:6e:f7:f0:a6:61:3b:9e:
 9b:4b:78:6b:84:37:ad:93:19:0d:7f:46:5a:18:74:89:8b:a8:
 1a:75:bf:db:df:25:43:4b:57:ab:a1:19:2e:7c:7b:b9:b5:50:
 ef:2c:1f:5c:18:8f:6c:66:83:61:eb:25:a3:21:81:2c:61:3b:
 ee:8c:18:1a:89:9a:29:0d:5c:5b:38:f3:71:3d:61:f0:3f:80:
 33:90:f2:60:53:48:fb:7a:65:c9:5f:1f:a3:e8:75:42:42:f5:
 ad:db:60:29:c6:0f:3c:68:00:7a:2b:38:db:c7:17:b9:4e:d8:
 90:d8:52:bc
 Certificate for CA for example.net in PEM format:
  1. —-BEGIN CERTIFICATE—–

MIIDzzCCAregAwIBAgIJAJajhBdO74pSMA0GCSqGSIb3DQEBBQUAMHAxCzAJBgNV

 BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMREwDwYDVQQHDAhTYW4gSm9zZTEO
 MAwGA1UECgwFc2lwaXQxKTAnBgNVBAsMIFNpcGl0IFRlc3QgQ2VydGlmaWNhdGUg
 QXV0aG9yaXR5MCAXDTExMDIwNzIwMjExM1oYDzIxMTEwMTE0MjAyMTEzWjB9MQsw
 CQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTERMA8GA1UEBxMIU2FuIEpv
 c2UxDjAMBgNVBAoTBXNpcGl0MSAwHgYDVQQLExdUZXN0IENBIGZvciBleGFtcGxl
 Lm5ldDEUMBIGA1UEAxMLZXhhbXBsZS5uZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
 DwAwggEKAoIBAQDURmVR+IQctZNHpRUUBuzcKneTEV51FNKIVL0WUN1BP34q5CbV
 ozOwXjcd5ZY3HBxpgKTv/SJ4187Tw96W+4cwiLwGFIBd86vXZD4HMdyXxdYZJrx9
 C/jeXvkP3JpFDyiN3foVVtU1FyiA0vwf1pWVQg4sRzhTrf0OJP2jQzODUmVU2kjY
 3IZC1SasHVJUCFLlP0p2lXeNxvIz8BiHyPxbVF3dZfFc9cj0NlSKtntv+FX42Njf
 qXtARUySD6qyLKGoZNWZIh4oeKDY5VFkPwMUqRJHYYTWsGkaa6Nu2MrOQ1CtV5Yr
 hxXZwhEDsILU8IC/3UT09jkKK+NN0/XnqjTlAgMBAAGjXTBbMAwGA1UdEwQFMAMB
 Af8wHQYDVR0OBBYEFHJwz2YeI6U4/G9Aj4aKr+C5b+nDMB8GA1UdIwQYMBaAFJVF
 fl8r6mWYEpEE82PHaJpYFncnMAsGA1UdDwQEAwICBDANBgkqhkiG9w0BAQUFAAOC
 AQEAcHPAZZwvCTk51qRbled7QzS1ubJdduvvh+Altmir7vj3hcQhR7tsaGL/+IQe
 RFowTs6Xkcw9Q0qLtyUmCGPGcUrBlDWBZt4jneM33jGA7Vi3B6fqh9PM2htiyYLC
 F+YtIOSyaRTLBUM0b7UsYNhEQ/nm6T18VKK52R59Z7s/MjENwYh4qGc59dI+CPc4
 hKaPwj4Azl+0yNqhtS/CiWCkOiu+mOBENK/sf3Mm8ZRbOQm5n5PCnXqWL4JmyE32
 24cAjrwquVFzbMz/5TElsUrQmqnDZTUhiXY9OfiEQqYDDrXJL10YvJ25gvaD3Ssp
 bI0sjEfUfb7eMhOFkjK8YWJr5Q==
 -----END CERTIFICATE-----

Jennings, et al. Informational [Page 61] RFC 6216 SIP Secure Call Flows April 2011

 Private key for CA for example.net:
  1. —-BEGIN RSA PRIVATE KEY—–

MIIEpAIBAAKCAQEA1EZlUfiEHLWTR6UVFAbs3Cp3kxFedRTSiFS9FlDdQT9+KuQm

 1aMzsF43HeWWNxwcaYCk7/0ieNfO08PelvuHMIi8BhSAXfOr12Q+BzHcl8XWGSa8
 fQv43l75D9yaRQ8ojd36FVbVNRcogNL8H9aVlUIOLEc4U639DiT9o0Mzg1JlVNpI
 2NyGQtUmrB1SVAhS5T9KdpV3jcbyM/AYh8j8W1Rd3WXxXPXI9DZUirZ7b/hV+NjY
 36l7QEVMkg+qsiyhqGTVmSIeKHig2OVRZD8DFKkSR2GE1rBpGmujbtjKzkNQrVeW
 K4cV2cIRA7CC1PCAv91E9PY5CivjTdP156o05QIDAQABAoIBADp/7/pIH7h9vcn3
 z7hGNE50kaGBHuPrSh3yJG4a+O67XbzaRW2I3XzUaiIeHGixoY7duha9Txu4dbJc
 f2JijR4uAIs4aSv7NDdW09VNw3o8NkWWLEnV288Eo2Tgqc8wXz/BleL9nCJWcH4Y
 Jw1rKKwKmTdQpVBCWcPlI9UzduXQdZfBbrsL6+OZ+F3kbvUwYAVhhUuBS9sf4Xib
 5GA2CDLPm433giOS3yr9KigpcLvbhAhMiPTXJ6i65m9xGGCcjhxP/drOH0cNczRD
 yW0FCbaNRJUg9kEVu+n3uG1aVfOnU7RqcblFXgO7ea7G+mfp3Cfm744kvFEXz04k
 8WLW6gECgYEA9lK9mKhMUeB1+xPJB4Za5QvrFc7nLt8ee7/aTNcyMI0l3uXyPDPj
 TNEfgaRobptmwd2HVtXjlQ54fE+pE+qS8dOORh2VFoWi91zI4C8WnM/6j5P+QiXY
 tcZDPF22bmsSW7uaQyaOhUfIMhzox1BbUH5q5YrcA5DmmQtaxcIZ+IECgYEA3J07
 6DamIgy0eJO2GKHU/Hy8RvQZgauzCtmqmLQrWZeOmx9hORe1a71QU5F6Y3HQRcTD
 RDDdJua9Y8BJ0WTkasbRgxjmHQlf4pUdT6ycfWgISbcCNFTosgPH+/OZPEh4DKlO
 rbldUzHPuZdo2Q72KtSPMk+ikny2lCZ9cm2mKmUCgYEAsGoX4fJ/HpDMzrKf4qTG
 Co8bojXZ+wbPVT/Vf/0LtBwTCG3VrGpZG5YWo4n1RWpFEQmwuW9cnE+N2TJQXLQ+
 47Vpiyv6r/OsAM9SCsWOw2ZtBFGw4v0qFR3W37AaTUCgGFTnKbq+jhQX/FQaH02c
 6KxxsM5fvqoTjX7FVycp5IECgYA4Tq1WpHQcpq99Qv4sJUnuM4v+dBj6fq9Q6qNf
 HEUgNc2BDC5NWx7D4+rXmX7qWMc2t3S7N9mKL0RRbGeq2RxvoFUjJ7y71oOxmiuE
 BWNfoqjS37HhV3aY0Nw/EzqeJ0T0vlXFg1Utgb4p+VoaZHYyElSGG8s7pjcXcwd7
 qD7L/QKBgQCeDLKx5T1d/EqwW8KNK5qD/5lG/T0zu3MCDlzCjfs2BHMasv5RALd+
 unMMANDElPHOFs7fSmCfspN8Y7+W15/k9WugpwQfST2Y8dSRVdPFp1FRt8u25yX2
 mdRbU3vJSiAqPEEpKpBolXPxLOeLGvoTHFWSazgmCPIKKxq0wL+0+w==
 -----END RSA PRIVATE KEY-----

Jennings, et al. Informational [Page 62] RFC 6216 SIP Secure Call Flows April 2011

 Robert's certificate:
  1. —-BEGIN CERTIFICATE—–

MIIEJjCCAw6gAwIBAgIJAJajhBdO74pTMA0GCSqGSIb3DQEBBQUAMH0xCzAJBgNV

 BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMREwDwYDVQQHEwhTYW4gSm9zZTEO
 MAwGA1UEChMFc2lwaXQxIDAeBgNVBAsTF1Rlc3QgQ0EgZm9yIGV4YW1wbGUubmV0
 MRQwEgYDVQQDEwtleGFtcGxlLm5ldDAgFw0xMTAyMDcyMDIxMTNaGA8yMTExMDEx
 NDIwMjExM1owVjELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExETAP
 BgNVBAcTCFNhbiBKb3NlMQ4wDAYDVQQKEwVzaXBpdDEPMA0GA1UEAxMGcm9iZXJ0
 MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA09wUaWtxCSwLD52VCMFk
 IGbvn5wwBjA56xQW2hnMQU2xz/hTW6UNduyXuhYQn+1XtfttS5+P0J8OFac+iMTk
 7zXRY5EgaBj0jju0DwM+oADWwybnV44hkqN6LSFESNsBuVTo3Nbj0bPySyYPP9SZ
 Y+R+FAqycxxfO0E26ZpwvvdPCGtK20QC6LtQZiyYlEWefgEOncOpA7coFSjDzaKt
 qwf2/2n07Lp/S72bKIwNh+Jm0SQ05Xe+ifHJdkw3NDq82Zw29ShgASlc9B56FRk0
 gRzPGgZcD/mBZ9xQCeKo152fNW7/pqiAdGz4oQrzuyu2UYwhvAZyWdCVQtMCLM75
 IwIDAQABo4HNMIHKMFEGA1UdEQRKMEiGFnNpcDpyb2JlcnRAZXhhbXBsZS5uZXSG
 FWltOnJvYmVydEBleGFtcGxlLm5ldIYXcHJlczpyb2JlcnRAZXhhbXBsZS5uZXQw
 CQYDVR0TBAIwADAdBgNVHQ4EFgQUpkK9Yg1rv+5n1Me8CT8LOhKrGc4wHwYDVR0j
 BBgwFoAUcnDPZh4jpTj8b0CPhoqv4Llv6cMwCwYDVR0PBAQDAgXgMB0GA1UdJQQW
 MBQGCCsGAQUFBwMEBggrBgEFBQcDFDANBgkqhkiG9w0BAQUFAAOCAQEAJZnqGh6W
 bU6xnFpDd+o6p6G3Itu51JoeF/cTLrLKgN3JpdthQcaLZa4O/JpGdxbg4j0dIDzl
 1eC4A0FP52m/4EzdzMRRsdovrVjh7cZbBOoer5qJzb5gPJowUX+ZWmtcj1rUuM61
 izF0cLPMXASQ2I22dVX7wdjo2889gOSNL365K6Kenx5v0E5u9/CmYTuem0t4a4Q3
 rZMZDX9GWhh0iYuoGnW/298lQ0tXq6EZLnx7ubVQ7ywfXBiPbGaDYesloyGBLGE7
 7owYGomaKQ1cWzjzcT1h8D+AM5DyYFNI+3plyV8fo+h1QkL1rdtgKcYPPGgAeis4
 28cXuU7YkNhSvA==
 -----END CERTIFICATE-----

Jennings, et al. Informational [Page 63] RFC 6216 SIP Secure Call Flows April 2011

 Robert's private key:
  1. —-BEGIN RSA PRIVATE KEY—–

MIIEowIBAAKCAQEA09wUaWtxCSwLD52VCMFkIGbvn5wwBjA56xQW2hnMQU2xz/hT

 W6UNduyXuhYQn+1XtfttS5+P0J8OFac+iMTk7zXRY5EgaBj0jju0DwM+oADWwybn
 V44hkqN6LSFESNsBuVTo3Nbj0bPySyYPP9SZY+R+FAqycxxfO0E26ZpwvvdPCGtK
 20QC6LtQZiyYlEWefgEOncOpA7coFSjDzaKtqwf2/2n07Lp/S72bKIwNh+Jm0SQ0
 5Xe+ifHJdkw3NDq82Zw29ShgASlc9B56FRk0gRzPGgZcD/mBZ9xQCeKo152fNW7/
 pqiAdGz4oQrzuyu2UYwhvAZyWdCVQtMCLM75IwIDAQABAoIBAAv+Q3GMUYPRaHbj
 1tH+EKr86MfCUb2n8T9rjbefCj8QJOa/CgkAGPkIf7ZbFWnYR8TXjOJhEAUhW+zB
 4PphGwynoUjfqFP8RavfmVvYNS1dnsrBYwtD0oa4lmwDnBf7vec99Ui7KX5vj2HN
 r8NPR7et8a00xdFaY9G46WDkC0nkH8AqMMymY/Vu2KpH0f01hTpFLmxS7We+d3Uq
 mva15GUc8+EL079uphokchr4E0036Ce4luCnqQfOUAKcXCMYK27lG5uue620IXLE
 CqeevZPEn8eqWhSNGl981CF15AEb0tApMcMwrfcbpnQMHQuyQHm2XVewgF0gQGLn
 UA0i6NECgYEA9TrFg3Kuw1Vfi+kztX6IMjW07YgN443NtB/9+sXKoc0Iz6LoPbOT
 VHSVqHHpjicicBUyUa77Kr61HAv7AV0s2FRHAb3M7wOVYGkT52+12o4FH6EMU42G
 ISAcsS4vCfHhYq1T0hC91bIY1XXxuBrpo0yb1RkEaSALHN6arAEgWccCgYEA3Sod
 gEcahQEnu5P8UY5j9yFaBRqVxdQKWnO2trkfLkyVgtvn7ES31EGojVHg23nr5IsK
 IpwFgBiQvEGUgV3dR0Jc5sZTETOweWBLebC/CtZfnhBcCNx8jwX5m/CtTzMHuxVs
 VJ1WpUDn+K7+G8KIK0+Kp5QdOCxXptHRLkGPBcUCgYAVgCulFL8B3VBdQfsIpKlo
 TZEpak5dbydj7ZIlFIZpnUJyggP+tOnr87TTafliP0gjr5gT1VWsL8BNTzeYrQSr
 iugW3P9EzXmhVFUsa3z0RpNobIRaJwRljx0046m4I37xWeUJe/JI9C59OLQSwjlN
 2f+ntWPPm8GdrF6/SfH+LQKBgQCyDaf2kEf/cHCmiXuHxVUhrs4kccTGofE75RDi
 hqNdyPZNhfFvu9srnTivnY2j5MJPGsksF+Qtvpk3lqySghkVt43HlT9nB/A5p5bb
 /7muZexQ+ua9k5UMKElOjDNbIcBFk/fFH26UWG7pPSkC/FhYVg9Q3uOvR7PBcAYy
 cUFN6QKBgBw2k5SDvun41wNV4wxGEli9ia+i4lzg8pwJ1DUxnOcDvlDGzAzCNtW9
 wPoR+jvhK6V6X1mI0tqqcYZ07pC3CJBEtAckHj2Ik+ZAEjQMf+eH62Rcv6Sbozq0
 5dFCBZwzIe2IQomg3J8+OyILSs/uzFkjGjloJIrP+OtPKSrfR+/Y
 -----END RSA PRIVATE KEY-----

Appendix C. Message Dumps

 This section contains a base64-encoded, gzipped, compressed tar file
 of various Cryptographic Message Syntax (CMS) messages used in this
 document.  Saving the data in a file foo.tgz.b64 then running a
 command like "openssl base64 -d -in foo.tgz.b64 | tar xfz -" would
 recover the CMS messages and allow them to be used as test vectors.
  1. - BEGIN MESSAGE ARCHIVE –

H4sIAIpaUE0CA+ybeUATxx7HCSCIHIpoqSIQvFECu5tsDhAEDATQhCsQExTZ

 JBtIyGUSIEREREU8i1ZRqVYERVHUCqKiUBWP1vusXCJeeIv3LfpCaRUpSF8f
 tJXH/JPdmd3fTjYz8/n+fr8JT6LEKSVCCYqTKCMd+YhKp/0LAABEAgHb8Eki
 wp98NhSIQACxIAhDBACGIRDCAiCBQCTqYAGdv6HEKFWIQtsVrkKISD9zXVvt
 jd8F++HzCyl0r+BgD5oXVimUO0fHSITRMndUjUjkYtRRiqqwwb4BTpAjYNoj
 VIg4/37mxBwTgAUp2iNHyBFyBmEAAF24CkTKi3LVUKJoBO5YHJ9MggkaHAUi
 CxASgSvAc3kwgQDgQBzu9zYXhVymULnCAImgfQAdUeO8ZYo4RMFXOmNJ2hqm
 zBk7quV+uZn28FbIJL+1C8QxAkH8h3aeTOLmokIiXXkIWSAgEHimPcYgYjHO
 l+qMZYui49gsdpw/ky9mM33V2mOAwWTDdCpPQ6eFSugsuppOjYbZIraj9rZg

Jennings, et al. Informational [Page 64] RFC 6216 SIP Secure Call Flows April 2011

 dLIzlkwg4bG/vSfTHh48HipXOWMlMWKVUI4oVE5KYaQU5TtgVaha5SQXI0Kp
 AxaRy8VCHqISyqRO8miekoRrmGOf1iv5cocmZhCxClVItU2xqPbJMqkKlapw
 zHg5+sdnuXBlMVI+ooh3JQkAIoULAhRAwKMIINBForUujnRVRiGgi1whU8l4
 MrHrwD92p8EQoopRoAM/PmwcKo1URWlffsPbN+2BwzW33rxfH79xkxbtOFAK
 UAXOS8qT8YXSSGcsVyjV9rXBpA8qFsvs/ozpz/TYRYpIUNdfFy1HOUn58U6q
 UCmXKYUN92gNqFQIL0qirXeJQqR8sbYnrgp0coxQoX1/AqEYbc3KZ78AkIw5
 b2A0IsUn5YUpxlA3MxlzSFu1XxeDAY0AQ4NuI830dPsDxh8vwYDJmCztJd9r
 LwGmAnLQGDAy0AvRN7DQDQkGLQDzhpPuJr8OUaFAppAKEdAc6NlQa2jSPRiR
 Yv1kShQ0A0waqkx7mHTTjnihCrQHhjVUGJtggxvOsUxUqcKOQRUqoaDhtaFY
 jxhVlEwhVMXrGumkZ8+0ZDyYS//YQ9MPPcRguunoJ2N0VHQ7yoWrVx0AzsZi
 RsQC4fra+ID+26b6nduvt7rf1KzYZQUngRPcselYuGo/vwK/OP3EcL3lUgeT
 5wu+dX+cWmm/2bjU7NU50VKHeGmpK/cGM9cqT1D11U6qWM9q8sq6I/fo3247
 9cwy/tDPu53Wi8dePMXNftLfavB1d8Eo/9kpe41EmjERI9+Wu45kWR6brjci
 VDg9+bX60llnp9fZh+7Mu2VCtCq+WG8137EnZmvFFX0zRsCSmISSCuPqja+J
 1+5dXwd7/5i1zHrzbirT+f6Syli/wN1rp2q4e0c4PZ7AeXf0RtHFiXeGPoYt
 +2FPLktnKFYq6m2j9osmpHg+vv9Yjo77iXoooaVBicOZ9tDp3EWCKpVIJIpT
 iZU4BaqUd4QEaIP/AIEENOM/DAH4Lv7/HeU3pGMhbZ/9xzbn/LjgP8l5HokM
 IwCJhFAQMgEGuS1zHk/+SHVlC1h3hgEi2MhugA+QYBgEmoJe2QLpG3vVeA+I
 UPAEPMBtwnt/JkdCp3pB/iyGlvehIgY1WsPWeEbRWUFiOjWEwKB6qTmSEAKH
 GfiB91oT5I+8bw7HX9HYeZaFJvO/g9R/2/Of9Ef9D+Hhrvn/N+v/Vmdka15A
 B6wOrXsBra8X//gS8U+4BC1J79+XKGJTqd3G7y+VodExOF6HRgH+e/8fJgJd
 878z+P8CroDHhfFkMiSABDwC2Ir/T+gQ/59PQUEKD0aaTHYG1VviT/OF2CJe
 PFvjAdJpgXEMUWA8ncUmMCSh0QzIW0RniiUMmu8X4f8L8ESUC8E8MsCDiBCR
 0L7+f3Pr7ej/t2W6y/9vf/8/8HP+v9NPV5eaR6TYVRfWLfhu+1lh9PEH1Yl7
 3jz7fs3BmbkOBuG3w2pqtwGq9cbhC6OdH96zemPjG4apsSHkbVgcoUcehTFK
 OWy7cOCpAU/puqGxdgMgZPODtBLNnvfvJ/vNw+utn/rowmayYapSsrV8Dykr
 oeeNqsQnR8adKxop2bOKs3FLYdEZeeaIqUusqmMYP5nVzdYPybwytua2/eLE
 H1KtuBdqepaMG+w9Fn8y8krfg0ZDhjr1PcK2W385634htWhFRL3aEne7xP2b
 u4b1ewyC5s1GzZ/Pt/LaHLkhZNaNd2YF9k604RuOKkWaQTtOVP5UOGTKnAvB
 MxPUO5e9HvBypdFIe7tcIT/uSkuD8v/A/2/kfyP7USlPES9Xofx2VgBt8R/C
 k5rxn6it6uJ/J+A/SsaDFDJERPB8PpEIEFvhP9wh/Af5EB8gkD7hv8gXr5X7
 AIMZDdI1gQCbFaLVAtEgg+YXxWCFxPmz6ABd5B3F0PA+8B8PEYF/iv//A9L+
 FNHagm6DLZfG1UGlvcQVlcaiYpkc5eO0SwTyKYklf1QSMBFupKYu+BGJepnJ
 ugO1VTa6GB0tHVdo6bhUe/hP0zGoBSjuo1ZeP9XrMm7+knrDUIfaOajutiR+
 1V3a4n2njLBOoePccHmXneaWvBeZ59noD3vlpzFMfBpaqZd229hH1D1sCMOD
 o7vxgaEUfRl33svcUzD95IYZc0PDjqzPej56ZblXwcnKhcJdgUOTVdhizi77
 bUfNr48KjZ0gsN+jCs1aBizgpe9Q7xy1et+m11+dHXyROEVgrS80Of1457vt
 tW/N3Q5gfpyvd9ku0U6j/7Vmh5GqICyaIApP8JwVysod4jd9p/skL/eTD49W
 SZ2KU4vU5iWxo75POZTx3bDM5IlOg3fnw7OKlDdWzJb1DU3LNfd5GRYb/dB6
 q+y8dkzcwoTffGNyxsvum+OjgIQmUgawNjCKSPHBoHr6GF39XrzBx9SKM6eD
 a4oSrqXTD71KCoistLQITlMeYfRj+XKQKK/oVeHiy2nwiITFQZutH/DpQeqc
 vbIj9dH1R+Zd35uQs2ZJfI11vQnV+q7sweLwNN7g0irbvoHyN18Pm7tpV/GI
 rJudnr7/Lv531A6Atv1/uLn/D+DBLv53Av5rf08eAIJ8PAUPCAQAoRX+4zuE
 /xREO6i4hE/9fzaBzvJV+7NC8P5MD5AhiobpLHocR8KOY0C+eAbkpWEwfWF/
 Ju+L8P/xRATSyis+Hw8QBGSY3E7+P6HR/29uvR39/7ZM/3v9//JP/f8j2qpD
 Df5/g3Rp9K676TSPAKzVXpT5r4gANOljVwygpRhA84HZyWMATfnfMMN+DwK0
 pxBog/94EoRv7v8TiV3x/87AfxKfCwoIJBIIk0ABv9X4P7Fj+E+GIJBEIjXh
 Px3yBTlMLzydGtWw/w/mMDlCjihKxKD6SdgSLzWHqm1j8sX+tI/7/2ACgfJv

Jennings, et al. Informational [Page 65] RFC 6216 SIP Secure Call Flows April 2011

 5T+fCBJhlEQgg1wuiof57cJ/kADDjQKgufkOCxh0dJzjC4lBMFqAcvKdjFmr
 L0ziPSuQYdfIDmX9vIJ7ro5zN3koOb1nZXDiqzQj2PxgRPfvt3692MPesDw3
 H0mRFak32LoZXSW5mZVmmHEWzc6t9900ZeP9gYbHTscbvXB5Yuk6d7DnTupR
 zS97Jtkejg3IeTE3/yvh5Ko6cXzQpnFhIJ9SYbN5dIplpR4F7337BfKy5v0I
 zDy7YUxd/zmPbLdcnxc0VVBa+1w1Y0BGVC/r8WGZ5CdzcoQFugTSlKP97Yfd
 t2TaztDc2oZRG848pK4SbVjCjb1sEjbbgDNGrCPKC/ZZ914Usqo/bXj/+OUX
 PHUP6r6ca1RTeHPQnKiHZy3STN8T7+wvs31XNpGZbuJJ+1wIYgGsMP1lVUJ3
 sWn+UVD3lmNSwPnbj/Z7mvZ4ek1i49fPd4PGduPzY/cLy0eNLY9VYZLKAiTB
 K7aM74m3GMg/XX3D/RnboCgzWqWesPS0xb7C07Dt2bQhY0r5C48vzDPpttsi
 gMka8temQZdYbY/tqp8Vq0rvxIKvIg7nF71/PmnMyyzd0mn6eVzNU+dvH2w4
 c8XBuLdN0YSMHBfhvHnjYjg78aylKLrrTOlyN1qF+PRFl1SrGZNnmU+Wjk05
 G+saWZdicn8BeVBe0g/IrbKKiVnCUFr2IltxryU+mccj+kgCvMfeHSVh95o2
 ab7u01UQ5f4O5wr9Q1XXhsfVDPUoM4ms3lTHcGaUbinanG12t/ervoYlR5Kr
 h0tLLdPDfYcrZxUnxkwetmuDXt7+3WXblV6S9L2mPfpaTl2+Zxt31HGR5UNe
 6rSg8xWj7tNcsne/vbDVlTToHJmT3+v2pl599bIm6Cfu3mzn8F4Ve2XiNp9J
 uum46AWJRNo1C3J9SyPzv1arHZv5+bP5H2Lz+A8IduV/OoP+40EkIoSHuDAB
 5PNhiNSK/gM7RP+REAjFAxDcVP9R2fFa7RflT/XAM1heEEfk1bAPJM6fyRHT
 RV5qBssX4rAC4zg0elf+5/8r/9OS9irq/Q20ye8qef/lYGHqhSE33fW2XYq3
 y741iGN17M34p8t81v/80LXGI5uTBsmTX/9wqXxJgtgR8w5fwj1m6D/+kuzO
 6Afb33grxmekZs4qHlT2s5Fx2gK/SaPTE/LOX+13S3eH2RPTx4v8InPrAkXL
 ylIk99TSw5dnJFzRseW4syNMyu5mv9EvOLLubvz9gtCXzwPzw8dfLbccjs/Z
 Bc836zMt7fQUPR2x63T7Z2W1eTHhlx9WX3PLN1h2wTf3GLn7o5ndnu0rDsk5
 f6S8fm2e++pVgWEvnA8cOOF8U2LX7XRAjH+f8rjYwxY5Pr2nDDk+cKKyxP16
 X90sit+xipDua+sYc8N3H/TzXvk57XUUPlpio55RgRXTilZfXJSaFGC1pfdB
 s5D0TSuOD5hWuHzt3rPl05bsKSR3Yz8mrzlhH2NpzbMy/gGXajBNnfSE43YR
 3jvQRg9iL6+snz6pwoPn/HV94cw+GG9j97uh9im0eWfqutI/HV8+ZH5wcVGI
 ChcpU+Ea17N2VAJt7f8Ggeb5HyIJALr4/3eUdgnod02jL3/+d9i/P/5K/hdP
 AqGu+d8J9D8eoUAQl8jnAQJAIMC3ov/xlA7R/6iAyEX4MNo0/wsxhByRL8AQ
 BYkY1ECAzmSDDKr2mMWQ0GkhIJ3qAdGpQVFsyZex/xvPhUEYBSGQS9C+ahBs
 5/xvM+vtmf9tw3RXSO0fCKl1/Qf8jwOzk+d/Ozbz+2fzv1Dz+B9M6Mr/dgb+
 U0gIRERhCpcEESEuvrX9X1CH8B9PoghgLvRJ/lfEjqNr+CI2k41ns4Ki2ZpI
 DV0UAtBpvgS6hgcxRNEgW+MnZmi8voj8L0rmC4goyENhPoiS2+n/Xx/zv83N
 d+V///4YpK+5sXlQ7qprG9+kHLvb+/jC9FWz3JLOJhz8buf0sYWvLZJEonyC
 onxfckRlwZiXgfOhedWnYyUrvZX7qZm93n+1doZqlp1q6uV6z33LdJKzkqYP
 XJmVbNpj1sOoBxllEuvBI3PDCzIy3dZXWA8o8zwmWzddMGi4TsIK0Q690YnP
 fe4s8oUf1bszJ+a9mHln9LAx9Zeu9qrmHYT9LHjGEtOMXzYpKML56DjqwWww
 Ir5oQ/YavXqPIb1rn7yknZzvWTE0bh1ra/+le7utu017fGbLRYtEqxkT5h+0
 BYvZN+qlGT8sujc5Z9pwt0FW7lf3RZwKD0vpbpC8fWeVTnWeM2XY1YT0zXNv
 H9hlEP65IGTqdxYx6wV9Dpw6cfj92UUTM5MCkoyzd7LmbH8q32LdJxeufmUt
 sPcOcre44uI3qPbepldwzo61P+7TDoV+BykDp/YaZ/o0XV9tPouReO1AcX5N
 iGX8pMeM2iGeJC/KxOeVrAyG8V+bBl1itcPFqjQwb7Dj7oQ1dUkbQorP8yfW
 2htNyt+6Ubbo7LJ4KGzr0XdrlG9rWYzDLpHwxutqG/a3dZG8OBtNcrHN0J6U
 GJOcoYsxop0TH+5zCPR+s55IvcY/bH7MOLr+iSSh3m2L46I96u+fWq3BRhVd
 OnfN5O2LPhkO/E3DgkqC7g1L7VNSdYD50x2fKsPb3zn+/CM3K3ZGMOmW7tgz
 KbdrHEu+pdxzwgRnTutflAO+vbloQNVAv8gZS/IZw3NPXPLTF11OSZsyflKV
 Jj09cwhSOj5reG1B/iNJoMFKNWJa7rx+dXbhbOMk89Lc/7RvxzQMAgEARRkw

Jennings, et al. Informational [Page 66] RFC 6216 SIP Secure Call Flows April 2011

 wNSEMOLlFDBVBGMnFhJsYAABZ4LuJUwkJZCgoQQDdcB7Gv768/VRHG01vNNt
 emZ7DOdvjHOoX11ffrLl2/wL8wbDIgAAAAAAAAAAAJBchjiJbgB4AAA=
 -- END MESSAGE ARCHIVE --

Authors' Addresses

 Cullen Jennings
 Cisco Systems
 170 West Tasman Drive
 Mailstop SJC-21/2
 San Jose, CA  95134
 USA
 Phone: +1 408 421 9990
 EMail: fluffy@cisco.com
 Kumiko Ono
 Columbia University
 1214 Amsterdam Avenue
 MC 0401
 New York, NY 10027
 USA
 EMail: kumiko@cs.columbia.edu
 Robert Sparks
 Tekelec
 17210 Campbell Road
 Suite 250
 Dallas, TX  75252
 USA
 EMail: Robert.Sparks@tekelec.com
 Brian Hibbard (editor)
 Tekelec
 17210 Campbell Road
 Suite 250
 Dallas, TX  75252
 USA
 EMail: Brian.Hibbard@tekelec.com

Jennings, et al. Informational [Page 67]

/data/webs/external/dokuwiki/data/pages/rfc/rfc6216.txt · Last modified: 2011/04/06 00:22 by 127.0.0.1

Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki