 So, so far what we actually had done is looked into a wipe system a possible design technically I am not still gone into actual stuff. So, first thing that we figured out there was a indexing server requirement. If it is a purely wipe system where only where all end clients are actually on the net and they are all IP capable. And secondly then I moved on ok this is actually not a proper system if you want to implement because conventional telephony will exist for time to come. So, I introduced the concept of media gateway, so media gateways where if you are on the conventional side you will see as if the system is like a conventional telephony system or conventional exchanges are there conventional network. And if you look from the IP network side all conventional telephone end points will look like as if they are wipe end points. That could be one approach and SIP itself or any other protocol H dot 3 to the can be used to control the media gateways in that case. But usually this is not done because now maintaining so many wipe instances in a media gateway is going to be complicated. So, a separate media gateway control protocol actually was evolved that was the reason why mega co actually was evolved. And of course, one more thing which I clarified yesterday was that media transport all media encryption and whatever media will be transported or whether you are going to do the control of the media once the session is set up is not going to be handled by SIP usually is a clear demarcation which was done, but some designs actually do not follow this. SIP by design does not do it, but Skype for example, call control other things are part of the signaling itself they do not demarcate these two things when we implemented breast pathasing we also have not done this demarcation. So, we follow a different architecture because of course, ours is not a wipe is not a telephony system it is a lecture delivery system. But SIP technically can be used even for setting up of this live lecture delivery system also SIP is very generic in that sense. So, so far everything is fine, but the problem is security I have not mentioned about security and I have not also introduced I have introduced in a sense something called register or indexing server I have not introduced so far what we call proxies only reflector node I have told what is a reflector node. Relector node is for media streaming so, when I said that when you are behind a firewall in this network you want to talk to somebody who is also behind a firewall so, they cannot communicate directly because only outgoing TCP connections or UDP connections can be set up incoming it is not possible because these gateways usually will never permit an incoming connections even if you send a UDP packet unless there is a table entry here mentioning that a packet which is coming on this particular IP address and on this port number has to be transferred to the destination port number and IP address has to be changed to another entry. So, there is a corresponding inside entry and there is an outside entry. So, inside IP address entry will be for all the IP addresses which are used inside port number used by the actually the client outside is the IP addresses it can be one or it can be multiple a bunch of them which can be allotted to the netting router and the port number. So, these maps are usually unique and that is how the translation happens here. So, incoming will be permitted if this table entry has been made. So, usually it will be done if for example, you want to send an UDP outside then on the reverse actually the packet time can come till the time this entry is made and the policy permits it. For UDP TCP you can only set up the connection from inside to outside, outside to inside usually it is not permitted because table entry itself will not be there. So, you cannot set up a connection from outside to inside. So, usually something which is there on the internet will be used. So, this guy will set up a connection all the way to this node, this guy will also set up a connection to this node remember these will initiate and these will now maintain the entries and this will act as a router peer. We call it a reflector a Jexta pose Jxta terms we call it a router peer router peer is router peer some people call it reflector some people call it super nodes, but technically they are all same things they are different terms actually being used because there is no standardization of terms. Now, in wipe system this is we actually can have something is we call it a media gateway is connecting to medias, but most of the time this transport will be can be UDP TCP, but if you are this is not a netting gateway it is a proxy router this will be HTTP tunneling. So, if this HTTP connection will be periodically fetching the whatever is stored here and keep on through a post method keep on pushing the information. So, that is what I mentioned SIP does not bother about it SIP assumes that two end points can talk directly if they cannot talk directly it has to find out a intermediary and they should be able to talk to intermediary and intermediary can do this whether they will use HTTP tunneling UDP TCP that is not the headache of SIP headache will only give the session description and the end points once they are connected through a signaling path they have to figure out how they will set up this connection whether they will use a reflector or not whether they will use HTTP tunneling or UDP or TCP for different media streams is they have to decide by negotiation between themselves for negotiation they can use SIP. In our design we actually have an intelligent client which figures out whether you are behind a proxy or not behind a proxy and based on that it automatically switches over to one of the two options it is not through negotiation between end pairs. So, this is slightly more conservative kind of design not very flexible SIP also does the very similar thing the client figures out whether it is behind a proxy or it is not behind a proxy whether it is behind a netting router or not behind a netting router and based on that actually it will figure out what will be the connection mode. So, Braspati sync system is very similar to Skype in that sense the client capability actually SIP does not bother about it SIP is the end pairs have to negotiate and figure out what is the best method and they will do that way. So, I think that till this part we had come so far, but again before I move over to because there is still a question somebody can always make fool of the system can enter into the system how you will know that other guy with whom you want to talk is actually that guy indexing server with whom you are trying to talk is actually the indexing server how that problem will be solved I have not talked about this thing so far. So, what I am going to do is I am going to give a generic security system because I think that is an essential requirement before we move forward and then we will move to SIP's basically SIP architecture what is that. So, fundamental principle let me actually one of the simple idea of in security system one thing which we always need to do is authentication. So, you verify who is the person who is trying to talk so who is the who are you basically that is a question which will be answered second thing which one always need to look into this thing is authorization what you can do what you are permitted to do that is the answer which will be given by this mechanism these two things usually need to be answered and in any security system the best thing is that you always become very conservative you do not worry about the whole system. Usually I have seen this thing happening even with the lot of students when they build up their projects or they write software or they build up a design they actually assume lot of things. So, this should never ever be done so whenever you write a distributed system you assume you are an entity which is participating that entity will be transacting with lot of other entities for every transaction it has to be ensured that other person with whom you are transacting is the person who actually he is telling that he is if he is saying I am so and so ABC he should be ABC but that is one thing and secondly you have to check with your own access control list usually we call it ACL your own structure data structure or somebody whom you know again that also has to be authenticated from him he has to get what all permissions has been given to this person and based on that you will allow but it is your discretion so you have to actually safeguard your own local domain every entity has to do that in distributed system design. So, if you have multiple entities we have to now think as if you are each one of those entities and see if you are satisfying this particular requirement that every transaction which you are making with anybody you are checking who is the other person you should never miss out even one single operation where you if you are not doing that you are vulnerable and you should always check whether authority has been given to him or not for doing what he is trying to do is basically he is give trying to execute some command by sending a message you are doing something and sending him information back you are responding so you will only respond successfully if he is authorized to execute that method and when you are going to request other person is going to check. So, this is if you are acting as a server so requesters only you are verifying now there is another thing not only requesters need to be verified when you make a request to somebody as a client you have to always ensure that you are requesting the right guy somebody who is spoofing can actually say I am a server is sitting in and you have a faith in him you go at that particular place give pass on all the information then he can manipulate everything. So, even when as a client you are connecting to somebody say indexing server you should know this is the right indexing server what he is what he is saying now how this will be done. So, how you know that ww.gmail.com is actually the gmail's server what you are getting is ww.gmail.com is going to domain name services in turn you are getting back an IP address how do you know this is gmail's IP address you are querying only IIT Kanpur site and if some student hacks our DNS server and gives a different IP address puts up a server in IIT Kanpur itself. So, you will get that particular server IP address you will log in and if we can create a same GUI you will say it is a gmail you will put login password and password will be trapped DNS poisoning this what we call. So, DNS actually can be a one of the most weak links in this kind of system. So, we have to even take care of this. So, what is the most basic system for authentication which we use which you are aware of login and passwords right shared secret we call it in the two ways of handling this login and password mechanism we call it a challenge and response. So, usually what happens is most of the systems for example, gmail when you go there you have to first of all do a login and password you have to provide you try whatever it is it will always come to this default screen and once it comes to default screen the problem is you have to put your login password session key will be given to you and after that session will be tracked on both sides and so far you give the right session key that side will know who you are. So, your identification is bound to the session key. So, with every transaction you are not being authenticated remember only in the first transaction you are authenticated a session key was given to you it is known as cookie actually in a web browser system and that cookie is always transacted and cookie expires a new cookie will be given and with that he will know that who you are for the whole session till you log out. But, once I need cookies to be generated then you can open it. Not necessary I will now I am now coming to that picture now in certain web servers you have logged in for example Facebook is a very good example Facebook LinkedIn both actually use the same thing you have logged in to the system you do not log out you are simply close your browser next time you start the browser go to www.facebook.com and interestingly you will find out that the guy is still remembers who you are and he is just logs in into the session you do not have to give a login password how that thing happens because it is using what we call persistent cookies which are there for certain time there is a random string. So, when you do a login and password login that time that cookie random string is generated by the server given back to you and this is stored in your browser. So, browser if you look carefully cookies is stored for cookies are random string for a certain site. So, whenever in HTTP message is sent HTTP request is sent to that server this cookie will be going as one of the fields in the HTTP request. So, whenever you try www.facebook.com your browser by default has a cookie for Facebook it will send that cookie to that Facebook thing and that Facebook guys looks at there is a cookie which has come along with the request. So, must be session must be on. So, once the session is on it will search this cookie was signed to whom. So, it will then figure out from the database cookie was assigned to you and most likely the same cookie is only assigned that cookie is only assigned to you is a randomly generated string remember if it is by chance signed to two persons you might end up in logging in some somebody else actually that is also possible, but that chance is extremely rare because cookies pretty long. So, if you look at cookie at any point of time there is large number of characters and each character require 8 bits. So, is actually is a very very large number much larger than the total population on the earth or total number of logins in the Facebook system. So, it is pretty much safe system and of course, once it and some once in a while you will find systems where even if you log in suddenly in the in between they will ask for verification because actually there was no login it was using a persistent cookie. So, they will do a periodic check Gmail usually does this once in a while suddenly you will say blank screen you have to log into further continue you have also do the same thing. Now, banking system do not use this kind of mechanism banking system if you try to go to another back screen or try to do you can never do this they are doing still a smarter thing. Now, every STTP request will send a cookie when the response will come a new cookie will come which will get stored and that cookie has to be used for the next response. So, for every transaction cookie keeps on changing the moment you try to use a back button or something which is going to an older page for that older page it will not permit because it actually remembers that when you do the back the older request is going which is having a different cookie older request command is sent actually. So, unless the new cookie goes it would not accept. So, you can only do the forward transaction you cannot go back actually for every request there is a separate cookie new cookie gets generated and with every response a new cookie comes and replaces. So, it is not a persistent cookie it is a non persistent. So, if you log out and log in the older cookie will not work and it is only works for certain time. So, if you are not going to send another STTP request within certain time they will time out and remove the cookie that is still better security system, but there as just now what I am telling is the server is authenticating you, but how you are figuring out that gmail is actually gmail is not being created by as a fishing site or something by the server. Now, that is where the concept of security certificates will come because I think this is extremely important most of the peer to peer system will ultimately or are actually the ultimately using going to use security certificates for authentication. There has to be two way your machine actually is doing two way authentication when you are logging into gmail and how it is done for gmail you are always using something called a STTP s. You are not using STTP you are always using STTP s if you carefully observe for gmail session. Facebook session you should be using STTP s if you are not using you can be vulnerable to fishing actually in that case. Fishing is different in the sense fishing is sending a URL in the email which is hidden as an link behind certain text. So, sometimes if you know where it is being redirecting once you click on there you can figure out this URL is not matching and never ensure that you never try STTP. So, whenever you are doing banking or anything which is require security you need to authenticate a server make sure it is always STTP s. STTP s does two things you can authenticate a server and you can also create a encrypted channel from your browser to the server because that is also one of our requirement. I have to authenticate user I have to authenticate servers servers have to authenticate another servers and I have to always keep the channel secure. Remember how the two clients are going to get connected the indexing server will tell this guy the other guy is on this port and this IP address you will tell him this guy is on this port and IP address then they will make a connection. When this information is transacted only indexing server is knowing and you have faith on indexing server. If indexing server is spoof what it can do is it can now use a media gateway in between root this call to this and this guy is root call here and it can do the tapping of the call. So, all snooping will be done can be done in that way. So, if you can and this can be done if you temper with DNS. So, DNS is most well and so do not believe on DNS DNS only gives from a name and IP address. Once an IP address comes then you have to further verify that guy whether that server is authentic or not authentic. So, how that will be done you can log give a login in password, but how that guy will give a login in password to you gmail cannot log in into you and you cannot. So, gmail has to remember all login password for so many users and provide them a credentials no it is not going to be done that way. So, we use something called certificate. So, you have all of you have actually ID cards. Now, I am coming to this concept. These ID cards are usually signed by dean of student affairs and a dean of students affairs ID card is signed by director. Director's ID cards are signed by somebody I think chairman of the board. His ID card must have been signed by the somebody in the ministry and his ID card ultimately it goes to the president of India who is the first citizen and we assume that everybody knows how the signature of president of India looks like. So, it is a well known signature well known public key or we call it. So, it is extremely important. Similarly, it is like bank notes. Bank note is nothing but a piece of paper technically speaking. What is important is there is a promissory note written on that and there is signature by RBI governor. So, I can also prepare a note and I can sign with my signatures you would not accept it. It is only RBI governor's because essentially he also has been given an authority through a certification chain. So, this is what we call concept of certification chain and there is always going to be somebody who is a master on whom everybody is going to have the faith. So, this is what we call certification authorities being created from root onward till the user certificate which is going to be used for authentication purposes both ways. Now, when you talk to another guy who says I am also from IIT Kanpur, you also say I am from IIT Kanpur. How you verify both of you exchange show your ID cards. So, you know exactly his name is X, Y, Z and that is written on the ID card. Your name is ABC because that is written on the ID card. So, you cannot fool each other verify each other's ID card both of them have signature of dean of student affairs perfectly fine. Both of you are aware of the signatures of DOSA. So, you verify. Unfortunately, he does not have a photocopy or a copy of DOSA certificate. So, DOSA changes you do not know if you do not know the DOSA signatures you are doomed, but somehow you can go to website and verify signature and so on. If the verification can go till the root it will be fine everybody need to know only the root authority signature. So, this is the essential trick which we will use. So, root authority for security certificates are existing one of them is actually very sign then many of them are there very sign is the most popular one. So, lot of agencies become certification authorities and you can apply for a certificate and you will get a certificate, but what is the certificate now. So, we use something called PKI public key cryptography infrastructure actually in this case. There is only one problem here the certificates when they are revoked and if you cannot verify the revocation list then there is an issue. We will also face the same problem actually here. Nobody has a solution, but we assume that most likely problems will be very very rare and whenever you have a chances of revocation make sure the certificate validity period has to be small. So, there is a very small vulnerability period which will be there only very few people will be vulnerable in that case. So, in PKI public key cryptography infrastructure we call it. We can always generate two keys I am not going to go into details of how this is done, but this is technically possible. So, there is a key pair public and private key. So, there is a method by which this can be done. Now, important thing is I can generate something known as keyed hash. So, before this what is a hash? Hash is you take in whatever is the box which is this is a hashing function you push in whatever is the input it can consist of any number of strings it is a material and there is a iterative procedure by which you can compute and you will end up in getting a say 128 bit hash. So, 128 bit code you will get after this. So, all possible messages which are there or sequence of strings can be mapped on to 2 raise power 128 possibilities if it is a 128 bit hash. So, many messages will map on to the same hash, but I need to have only 128 bit that is important message size is independent. Now, one of the important thing there is something called keyed hash. I can input something and I can also input a key and I can generate a keyed hash. Even if the message is same if I keep on changing my keys my keyed hash will also be different. So, very simple thing if you remember certain key I also know that key we share certain key and you send a message to me message is not encrypted, but you attach the key generate a keyed hash you send me the message you send me the keyed hash anybody can know it see no issues once it comes to me I also know the same shared key. So, I can put that key along with the message generate the hash this hash will be the same which you have generated and sent it to me somebody tempers the message in between message now consists of message plus the hash. If hash is modified it will not match I will discard the message it has been tempered message is tempered then also hash will not match he cannot temper with the message cannot generate a new hash because no only 2 persons are knowing the key. So, this is going to ensure the integrity between the 2 people who share a secret. Abhi I am only talking about a shared secret common key I am not come to this public and private key thing. My question is how we exchange the keys with the. That is not required I am coming to that situation I can verify message was sent by you I have not still come to public and private key business. So, this is what we call integrity check and if you want to actually do encryption you can actually also use this key to do this encryption they have methods available. So, you will get encrypted message and on encrypted message or encrypted message you also generate a hash and that hash and encrypted message also can be sent you can verify because you know the key no tempering has been done first thing you have to always even for encrypted message. If you are sending encrypted message for me and there is no hash for me to damage the system is very simple I can change some characters you will decrypt you will get a wrong message you have to always check also the integrity before you do decryption. Encryption only hides the message encryption does not check integrity. So, integrity check is separate and security is separate they are two separate thing. So, this temper proofing now if I have these two systems I can always use a private key here I will get a message plus keyed hash this can be transported I can again push in whatever is this message which has been received and I can put now the public key only thing which I can verify I cannot generate the hash because if I can generate the hash very well I can modify the message generate a new hash and sent it actually hash can only be generated by private key or the other way around actually either this will be private key or if it is it can be a public key. So, if I am using private key for generating the hash I can only verify the integrity with this I cannot generate the hash. So, integrity check will be done here that ensures if public key from can be used to verify that the proper hash hash is actually proper whatever is the current existing hash is coming is proper or not proper only that thing can come I cannot generate with this actually the same hash otherwise technically there is no security when this message plus hash these two things are going to be pumped in sorry I have put it public key I can get an answer yes or no whether match happens or does not happen. So, what the yes and no if it is yes it says whatever was the corresponding private key indeed that was used to generate the hash for this message plus hash combination no it is not it is available it is open, but if you for example, tamper with the message you do tampering with the message in between though incorrect message plus hash when you will generate I know what is the hash bits I can this whenever I will use public key it will give an answer no I cannot generate hash with public key if it is already generated by private key I only can get answer yes and no the way you do CRC hash is a mapping is an ordinary mapping many to one map many to fix number of mapping for example, hash is signature only hash is signature only hash is signature only yeah right right right right right right public private actually hash is keyed hash are slightly different because of this you cannot generate keyed hash if you generate with public key you have to verify with this private if you generate with private you have to verify with public there are both sides of same point both sides of the same point same point. There is a pair this actually is more computationally complex that is the only problem whenever I am sending a message to you and I want only you to understand the message I am not talking about encryption as of now encryption will never be done with a private key I have to tell you one of the very important thing if I start doing encryption of a long message with a private public key pair it will be computationally heavily inefficient it is never done. So, what is the way it is done is I will send you a symmetric key which is used for encryption of a proper of the message key is not known to you for that small key only I will use your public key for doing the encryption nobody else knows your private key. So, other people cannot decipher what was the key transfer to you with your private key you will now decipher first of all decipher the key and then with that key the remaining message will be decrypted. So, message can be securely sent to you, but you have not like figured out that whether the guy who has sent you the message is authentic or not you have not verified that only thing I have ensured it has only the right guy can actually get the message out. If you also have to identify whether I am the right person who have sent the message another operation which is need to be done on this. So, I have to now sign this whole thing with my private key you will know my public key and with that you will verify whether it is the I actually who has signed that thing or not, but you also are having a faith because whatever because my public is known to everybody, but private key is not known, but how do you know that my public key is correct. So, I am now coming to that certificate thing what technically certificate is. So, this is what we call basically this mechanism will be used for encryption this will be used for authentication both ways. Now, what is a certificate? Certificate usually will contain what we call details of say server for example, it can be anything. So, but mostly when you go for www.gmail.com certificate says this certificate is for www.gmail.com this is having this particular IP address and this certificate will also contain a public key of this server private key is only known to this server public key of this server then it will also contain that it has been signed by very sign very signs public key must be there with you it must be there with you or if you have only very sign, but this guy has bought something from MTNL for example, or BSNL it has bought the certificate it will say this is being signed by a certificate of BSNL BSNL public key is this and BSNL certificate has been signed by very sign very signs signature will be there and very signs public key can also be there and I can always verify that this thing will be a stored certificate in your browser it always updates periodically in Windows Microsoft Windows its update whenever the Windows update will come that time these certificates root certificates we call them they will get updated whenever you will update your Firefox that time Firefox internal certificates get updated you can even install your own certificates so if you have faith you accept it for example, if you do HTTPS for Brahaspati sync or Brahaspati it gives you a certificate that certificate is not signed by very sign your browser immediately given warning this certificate is not signed by very sign it is only self signed certificate would you like to accept it do you have faith on the server on which you are connecting so in that case usually my purpose is not for server authentication or this thing because I am not maintaining those kind of critical info it is not a financial transaction for that matter you are only looking at course material, but you want your password should not be seen by some intermediate guy who is sniffing on the channel so that certificate once it comes so public key of the server is available private key is with the server which I have actually installed in a file and that file is only read only for that user it is not visible to anybody else I have hidden that actually there so these two things public private key will be used to create a shared secret between these two so what happens is they actually exchange some random strings and these random strings are passed I think unencrypted as well as encrypted both ways and both of them will then compute using these keys shared secrets which have been transacted common shared secret actual shared secret is never transacted over the thing they compute it and both of them will in turn will compute the same key and that is what will be used to create a secure channel so nobody can tamper nobody can sniff what is being transacted so before you do login and password currently if you do not use sttps your login password can be seen by anybody who can sniff on any router or any switch if you use sttps then it cannot be it is sttps this kind of mistake that those people would not do I am sure that is sttps I have been using that I think and most of the servers are sttps now this is the kind of certificate which will look like so you have already logged into something you know the what is the destination IP address from source IP address from which it is coming this was the URL which was used and this guy will also you will can send him a random string and ask him you kindly sign it and send it back to me I will verify with this thing so that is possible or what you do is you say ask him to send me a random string as well as signed version of it so he sends a unencrypted random string and the hash of that these two can only be generated by that person nobody else can generate third party cannot generate because it will not match with this public key and that way you know this gmail actually is gmail.com it is not somebody else so that is a very simple check which can be done and that is how you will authenticate the server and it is always you will fulfill the chain till you find out that ultimately somebody has signed the certificate chain whose public is there in your key store in your certificate store you can actually see all these tokens these are known as built-in token security tokens in the browser. In fact this need not be a browser this can be even your software which can do this job so Braspati Singh client actually does that it is a Java client written in Java which all actually also does the same thing it checks for the server so we do check the authenticity and especially we have been actually using a trick that is not that anybody can install an indexing server and they will you can start using it you cannot because we always are in a master we are all indexing servers in the world have to be listed otherwise you cannot join a Braspati Singh client session actually it is not possible so we have done the system in that way so I think this is what will be the basic framework which will be used now there is another important we are talking about a peer to peer systems so one way as I told I will now use this security certificate mechanism for authentication with clients so a Skype I think technically has been doing because of the way it behaves that gives a guess most likely to using a very similar system first time when you will start the client you will always get a login and password. If you actually have a certificate issued to you by an MTNL where the certificate chain can be verified till the root certifying agency then it is fine you can install the certificate and you can always generate a random string sign it and send both to the other guy other guy can verify from your certificate your certificate can be verified through a certification chain and he knows you are ABC other guy also does the same thing and you know he is also XYZ but that actually means every user in this world require a certificate and not only require a certificate he also has to remember a long private key so remembering a password itself is difficult if it is more than 15 or 16 characters you have to have some sentences you will take first and last all combinations and you remember it that way by using everybody has its own algorithm of remembering the passwords. So 128 bit hex key if you are going to remember is going to be help for a person so usually you get a USB stick or something as you are where the private keys is stored if that is lost you are gone and then what you will do if it is lost because now private keys has been compromised so we create what we call CRV certificate revocation list CRL we call it yeah now this is maintained at the certification authority whichever is there so whenever this certificate will be presented your browser if it is connected directly to the net we will actually try to connect to the server which is signed this find out the CRL there in fact it will keep on doing it till it goes to the root and root will maintain a CRL it will verify that none of the certificate should be there in that certification revocation list certificate expiry will be part of the design and since it is already signed by certification authority it cannot be tampered with actually and usually the procedure is there when you want to generate a certificate you can do it on your machine actually you can put all the entries and everything and there is open SSL utility which comes is available on all the next boxes so you can generate your own certificate and you will generate your own private and public key private key will be there in your file now this certificate you can submit to the site you have to also submit all your documentation they will verify these addresses and everything all things are authentic and then he will sign with his private key and signed certificate copy he will send which then you can use your own certificate also you will be signing with your own private key also to ensure even so others guy cannot tamper it and this whole package itself will be signed by somebody else and he will attach his own certificates and sign this is the way everybody keeps on doing it you have the complete chain because of that it is your choice people can have is actually from say few days to 12 years 13 years so that depends if you know that there is a possibility of tampering with certificates certainly you will actually keep a period to be very very small so if you keep it one day suppose even if you lose the key you will generate another certificate next day so only if at that period say you lost it in the afternoon so midnight anyway it will expire so 12 hours is your vulnerability period and in fact there has been a case once where a root certificate I think of in Holland was compromised and that was I think one of the biggest disasters which happened that was the only incidence which I am aware of where the root certificate was compromised by hackers and that is it if that can be done if you know the private key it is okay then you can be very nasty they can be the private key is there inside once the private keys lost it is gone if you are not remembering it you have not written on a sheet of paper it is gone best is you remember in your mind unless you lose your memory it will be there and nobody can read your mind till that time it is fine so CRL is one of the key components so in fact sometimes what happens if you lose internet connectivity you are using a certificate it will actually give you a warning if a browser has been configured properly that I am not able to verify CRL so certificate which you are using may not be correct especially if you are reading some document and that requires a certificate to be used to match the take care of the integrity of the document for integrity verification typically this problem comes when you take the Ethernet port out if it is not on the net it is always dependent on the network for doing CRL check now this is I think is the only problem and we do not know the solution of this so usually whenever you will buy a certificate you have to pay I think 2000 something rupees in India and any of us one of us can buy a certificate we have to submit our pen card copy identification document everything and then they will give you the certificate in fact if you are going to run a company it will be mandatory for you because your income tax returns you cannot file unless you have that certificate with you so it has not been made mandatory for the employees as of now but maybe in few years down the line it will be made so we have to also buy certificates okay so now this is a problem so everybody will not have certificate so how the Skype works now question is this there is to be some intelligent solution so you have at one end login in password other end you have certificates you can make some kind of a hybrid combination so what Skype does whenever you install Skype Skype has its own built-in root authority it is not very sign it has its own built-in authority it comes programmed and hopefully this will never be compromised if that gets compromised then of course it will be a big trouble for Microsoft as of now earlier it was Skype so the way it is done is whenever you will login for the first time you do not have a certificate installed certificate remains till you log out from the system once you log out one once you be technically exit actually and terminate or your session expires so you will actually do a login this will go to a server this is a hard-coded server again inside the Skype client in fact there is a list of servers which is maintained indexing servers you go there you do login password it is maintains a secure connection STTPS or connection most likely and login password is sent you are verified from the database whenever you will change a password it should actually communicate back to the server so once you do this login this will generate a certificate for you whose private key will be stored in your client certificate will be presented and this certificate will be self-signed here itself and it will also be signed by the private key of the Skype public key of Skype is already available to all clients so once it is done your certificate comes and gets installed here now when two Skype clients want to talk to each other they can authenticate very easily in fact every device every Skype client or a Skype super node or super peers we call it actually have a certificate so I also hack the code of Skype put everything and then I start running it and I feel that this Skype will contact me this Skype will contact me know if this will not happen they will not recognize me actually because I do not have a certificate installed which is signed by Skype's central server but the beautiful thing is if the server is down I am not on the internet I am on LAN I can still connect if somehow I can find out the other Skype peer I can authenticate with each other using certificates now this is also the genesis of Brespa the 4 design which is peer to peer serverless LMS system so similar structure also actually we have convert there was no other option for me I tried all kind of possibilities if they exist I figured out login passwords are not going to be possible if you large number of users all across the world maintaining a server and authenticating everybody at every time I need to maintain a large infrastructure in a peer to peer system and that will not be financially viable but this makes the things financially viable only thing is that I issue a very short thing so periodically depending on how many users are active and how fast I can how much load indexing server can take we ensure that time out or the expiry period of the certificate is updated and when certificate expires you have to login again and get a new certificate Skype actually does this once in a while Skype will log out and then say ask you to login again this behavior I have observed actually I do not know whether you have observed or not but this is the most likely reason for this thing so now when we will build up a system most likely this is what is the technology which we will be using so advantage users need not buy a security certificate from a certification agency I bypass certification agency all together it is like everybody knows the director here you need not go to the president of India and issues at it ID cards then we all recognize each other through those ID cards is a local authentication group authentication inside the system so I think now we understand that the servers how the servers can be authenticated and how the users can be authenticated authorization issue yes that is one more authorization in case of SIP systems usually done through SIPRASTRAR because it is usually the service provider which will permit you and you have to pay to him for those services first usually it will be all kind of services it is a peer to peer so whatever the two guys which agree on the kind of service which they want they can actually connect with that kind of service and of course now you should also think slightly bigger it is not only voice calls I can ask for a another peer it is actually technically SIP is creation of sessions between peers so I can ask for even for a virtual machine being provided by the other peer to me so I can give the compute jobs he does the computation returns back the result to me I can make multiple connections of multiple sessions and I ask virtual machines from lot of people so computing itself can be sold I can do transactions with other peer it is like it is a market place you go and you want to buy something a service so you can buy a service from the way you buy buy buy from websites you can buy directly now from the peer clients but for initial setup you require a SIP so the tomorrow's sorry on Saturday's lecture if time actually permits we will actually move and look into SIP setup mechanism so how the SIP actually goes we will look into the SIP header structure and the interpretation of SIP header.