<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
span.EmailStyle18
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-family:"Calibri",sans-serif;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="EN-US" link="blue" vlink="purple" style="word-wrap:break-word">
<div class="WordSection1">
<p class="MsoNormal">Not sure if it was clarified or not, but it should be an https URL from where your certificate can be downloaded, not the actual certificate itself.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<table class="MsoNormalTable" border="0" cellspacing="0" cellpadding="0" style="border-collapse:collapse">
<tbody>
<tr>
<td style="padding:0in 0in 0in 0in">
<p class="MsoNormal"><b><span style="font-size:12.0pt;color:black">Ben Kaufman</span></b><span style="font-size:12.0pt;color:black"><o:p></o:p></span></p>
</td>
</tr>
<tr style="height:12.0pt">
<td style="padding:0in 0in 0in 0in;height:12.0pt"></td>
</tr>
<tr style="height:6.0pt">
<td style="padding:0in 0in 0in 0in;height:6.0pt"></td>
</tr>
</tbody>
</table>
<p class="MsoNormal"><o:p> </o:p></p>
<div style="border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b>From:</b> sr-users <sr-users-bounces@lists.kamailio.org> <b>
On Behalf Of </b>David Villasmil<br>
<b>Sent:</b> Thursday, November 4, 2021 12:00 PM<br>
<b>To:</b> Kamailio (SER) - Users Mailing List <sr-users@lists.kamailio.org><br>
<b>Subject:</b> Re: [SR-Users] STIR/SHAKEN public key<o:p></o:p></p>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<p class="MsoNormal">Thanks Oleg, i misunderstood all that.<br clear="all">
<o:p></o:p></p>
<div>
<div>
<div>
<div>
<p class="MsoNormal">Regards,<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<p class="MsoNormal">David Villasmil<o:p></o:p></p>
<div>
<p class="MsoNormal">email: <a href="mailto:david.villasmil.work@gmail.com" target="_blank">
david.villasmil.work@gmail.com</a><o:p></o:p></p>
</div>
<div>
<p class="MsoNormal">phone: +34669448337<o:p></o:p></p>
</div>
</div>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<div>
<p class="MsoNormal">On Thu, Nov 4, 2021 at 4:58 PM Oleg Belousov <<a href="mailto:obelousov@gmail.com">obelousov@gmail.com</a>> wrote:<o:p></o:p></p>
</div>
<blockquote style="border:none;border-left:solid #CCCCCC 1.0pt;padding:0in 0in 0in 6.0pt;margin-left:4.8pt;margin-right:0in">
<div>
<p class="MsoNormal">Hi.<o:p></o:p></p>
<div>
<p class="MsoNormal">It should be certificate issued by CA certified by the Shaken Policy Administrator (iConnective in US)..<br clear="all">
<o:p></o:p></p>
<div>
<div>
<p class="MsoNormal">--<br>
<a href="https://nam11.safelinks.protection.outlook.com/?url=http%3A%2F%2Fobelousov.tel%2F&data=04%7C01%7Cbkaufman%40nexvortex.com%7Cc7a43b3de31c404450cc08d99fb4ef2f%7Cafc1818e7b6848568913201b9396c4fc%7C1%7C0%7C637716421732872628%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=tGrsS8EC2s%2BbcpseVdLDm0Z7NHSeIrklPzzAJC3TskE%3D&reserved=0" target="_blank">obelousov.tel</a><o:p></o:p></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<div>
<p class="MsoNormal">On Thu, Nov 4, 2021 at 5:39 PM David Villasmil <<a href="mailto:david.villasmil.work@gmail.com" target="_blank">david.villasmil.work@gmail.com</a>> wrote:<o:p></o:p></p>
</div>
<blockquote style="border:none;border-left:solid #CCCCCC 1.0pt;padding:0in 0in 0in 6.0pt;margin-left:4.8pt;margin-right:0in">
<div>
<p class="MsoNormal"><span style="font-family:"Arial",sans-serif">H</span>ello guys,<br>
<br>
I'm testing with 2 providers right now, and one of them is asking me to include my whole certificate on the
<br>
<br>
<b><span style="font-family:"Courier New"">secsipid_add_identity(origTN, destTN, attest, origID, x5u, keyPath)</span></b><br>
<br>
like:<br>
<br>
<b><span style="font-family:"Courier New"">secsipid_add_identity("$fU", "$rU", "A", "", "<a href="https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fkamailio.org%2Fstir%2F%24rd%2Fcert.pem&data=04%7C01%7Cbkaufman%40nexvortex.com%7Cc7a43b3de31c404450cc08d99fb4ef2f%7Cafc1818e7b6848568913201b9396c4fc%7C1%7C0%7C637716421732872628%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=9hcmnq0bD4n89HczPIHjyb54ZDdi8RBfwP%2FqyjoQuas%3D&reserved=0" target="_blank">https://kamailio.org/stir/$rd/cert.pem</a>",
"/secsipid/$rd/key.pem");</span></b><br>
<br>
but it is stated that:<br>
<br>
<b><span style="font-family:"Courier New"">x5u is the HTTP URL referencing to the public key that should be used to verify the signature;</span></b><br>
<br>
One provider is asking to put the cert there, the other hasn't asked that yet.<br>
<br>
So i'm a little confused, should the x5u be the actual cert (with its intermediary?) or only the public key?<br>
<br>
Regards,<br>
<br>
David Villasmil<o:p></o:p></p>
<div>
<div>
<div>
<div>
<div>
<p class="MsoNormal">email: <a href="mailto:david.villasmil.work@gmail.com" target="_blank">
david.villasmil.work@gmail.com</a><o:p></o:p></p>
</div>
<div>
<p class="MsoNormal">phone: +34669448337<o:p></o:p></p>
</div>
</div>
</div>
</div>
</div>
</div>
<p class="MsoNormal">__________________________________________________________<br>
Kamailio - Users Mailing List - Non Commercial Discussions<br>
* <a href="mailto:sr-users@lists.kamailio.org" target="_blank">sr-users@lists.kamailio.org</a><br>
Important: keep the mailing list in the recipients, do not reply only to the sender!<br>
Edit mailing list options or unsubscribe:<br>
* <a href="https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.kamailio.org%2Fcgi-bin%2Fmailman%2Flistinfo%2Fsr-users&data=04%7C01%7Cbkaufman%40nexvortex.com%7Cc7a43b3de31c404450cc08d99fb4ef2f%7Cafc1818e7b6848568913201b9396c4fc%7C1%7C0%7C637716421732882586%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=uRjM0WyJo9gGwBRdIWdceKbmlet40rpx1ack%2BYuglz4%3D&reserved=0" target="_blank">
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users</a><o:p></o:p></p>
</blockquote>
</div>
<p class="MsoNormal">__________________________________________________________<br>
Kamailio - Users Mailing List - Non Commercial Discussions<br>
* <a href="mailto:sr-users@lists.kamailio.org" target="_blank">sr-users@lists.kamailio.org</a><br>
Important: keep the mailing list in the recipients, do not reply only to the sender!<br>
Edit mailing list options or unsubscribe:<br>
* <a href="https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.kamailio.org%2Fcgi-bin%2Fmailman%2Flistinfo%2Fsr-users&data=04%7C01%7Cbkaufman%40nexvortex.com%7Cc7a43b3de31c404450cc08d99fb4ef2f%7Cafc1818e7b6848568913201b9396c4fc%7C1%7C0%7C637716421732892544%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=o4mIwPXxb6Vp%2BTbDXcV7DBkC1TCIq%2BjaTPk6T1ZYvck%3D&reserved=0" target="_blank">
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users</a><o:p></o:p></p>
</blockquote>
</div>
</div>
</body>
</html>