[SR-Users] STIR/SHAKEN public key
David Villasmil
david.villasmil.work at gmail.com
Thu Nov 4 19:34:34 CET 2021
Thanks Oleg,
Yes i have the certificate. The public key was my confusion.
Regards,
David Villasmil
email: david.villasmil.work at gmail.com
phone: +34669448337
On Thu, Nov 4, 2021 at 6:19 PM Oleg Belousov <obelousov at gmail.com> wrote:
> Sorry, David if I was not clear.
> x5u should keep the url to the service provider certificate. As per shaken
> framework that certificate to be issued by Certificate Authority (CA), That
> CA is a company which is approved by Policy Administrator to issue shake
> certificates. It is indeed a bit complicated - please check ATIS-1000080.
> --
> obelousov.tel
>
>
> On Thu, Nov 4, 2021 at 6:03 PM David Villasmil <
> david.villasmil.work at gmail.com> wrote:
>
>> Thanks Oleg, i misunderstood all that.
>> Regards,
>>
>> David Villasmil
>> email: david.villasmil.work at gmail.com
>> phone: +34669448337
>>
>>
>> On Thu, Nov 4, 2021 at 4:58 PM Oleg Belousov <obelousov at gmail.com> wrote:
>>
>>> Hi.
>>> It should be certificate issued by CA certified by the Shaken Policy
>>> Administrator (iConnective in US)..
>>> --
>>> obelousov.tel
>>>
>>>
>>> On Thu, Nov 4, 2021 at 5:39 PM David Villasmil <
>>> david.villasmil.work at gmail.com> wrote:
>>>
>>>> Hello guys,
>>>>
>>>> I'm testing with 2 providers right now, and one of them is asking me to
>>>> include my whole certificate on the
>>>>
>>>> *secsipid_add_identity(origTN, destTN, attest, origID, x5u, keyPath)*
>>>>
>>>> like:
>>>>
>>>> *secsipid_add_identity("$fU", "$rU", "A", "",
>>>> "https://kamailio.org/stir/$rd/cert.pem
>>>> <https://kamailio.org/stir/$rd/cert.pem>", "/secsipid/$rd/key.pem");*
>>>>
>>>> but it is stated that:
>>>>
>>>> *x5u is the HTTP URL referencing to the public key that should be used
>>>> to verify the signature;*
>>>>
>>>> One provider is asking to put the cert there, the other hasn't asked
>>>> that yet.
>>>>
>>>> So i'm a little confused, should the x5u be the actual cert (with its
>>>> intermediary?) or only the public key?
>>>>
>>>> Regards,
>>>>
>>>> David Villasmil
>>>> email: david.villasmil.work at gmail.com
>>>> phone: +34669448337
>>>> __________________________________________________________
>>>> Kamailio - Users Mailing List - Non Commercial Discussions
>>>> * sr-users at lists.kamailio.org
>>>> Important: keep the mailing list in the recipients, do not reply only
>>>> to the sender!
>>>> Edit mailing list options or unsubscribe:
>>>> * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>>>>
>>> __________________________________________________________
>>> Kamailio - Users Mailing List - Non Commercial Discussions
>>> * sr-users at lists.kamailio.org
>>> Important: keep the mailing list in the recipients, do not reply only to
>>> the sender!
>>> Edit mailing list options or unsubscribe:
>>> * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>>>
>> __________________________________________________________
>> Kamailio - Users Mailing List - Non Commercial Discussions
>> * sr-users at lists.kamailio.org
>> Important: keep the mailing list in the recipients, do not reply only to
>> the sender!
>> Edit mailing list options or unsubscribe:
>> * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>>
> __________________________________________________________
> Kamailio - Users Mailing List - Non Commercial Discussions
> * sr-users at lists.kamailio.org
> Important: keep the mailing list in the recipients, do not reply only to
> the sender!
> Edit mailing list options or unsubscribe:
> * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/sr-users/attachments/20211104/d1925e9a/attachment.htm>
More information about the sr-users
mailing list