Cisco SRP521W-K9-G1 Administration Guide - Page 112
Secure Call Details, Encrypted Master Key 16B or 128b
View all Cisco SRP521W-K9-G1 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 112 highlights
6 Configuring Voice Configuring Dial Plans The signing agent is implicit and must be the same for all devices that communicate securely with each other. The public key of the signing agent is preconfigured into the SRP by the administrator and is used by the SRP to verify the Mini-Certificate of its peer. The Mini-Certificate is valid if it has not expired, and it has a valid signature. The SRP can be configured so that, by default, all outbound calls are either secure or not secure. If secure by default, the user has the option to disable security when making a call by dialing *19 before dialing the target number. If not secure by default, the user can make a secure outbound call by dialing *18 before dialing the target number. However, the user cannot force inbound calls to be secure or not secure; that depends on whether the caller has security enabled or not. The SRP will not switch to secure mode if the CID of the called party from its MiniCertificate does not agree with the user-id used in making the outbound call. The SRP performs this check after receiving the Mini-Certificate of the called party. Secure Call Details Looking at the second stage of setting up a secure call in greater detail, this stage can be further divided into two steps. STEP 1 The caller sends a "Caller Hello" message (base64 encoded and embedded in the message body of a SIP INFO request) to the called party with the following information: • Message ID (4B) • Version and flags (4B) • SSRC of the encrypted stream (4B) • Mini-Certificate (252B) Upon receiving the Caller Hello, the called party responds with a Callee Hello message (base64 encoded and embedded in the message body of a SIP response to the caller's INFO request) with similar information, if the Caller Hello message is valid. The caller then examines the Callee Hello and proceeds to the next step if the message is valid. STEP 2 The caller sends the "Caller Final" message to the called party with the following information: • Message ID (4B) • Encrypted Master Key (16B or 128b) 112 Cisco SRP500 Series Services Ready Platforms Administration Guide (SRP520 Models)