====================================================================
Open OSP Server README
====================================================================
Open OSP Server
Release 2.0.0
April 16, 2001

====================================================================
LICENSE AND COPYRIGHT 
====================================================================

The Vovida Software License, Version 1.0 
Copyright (c) 2000 Vovida Networks, Inc.  All rights reserved.

Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:

1. Redistributions of source code must retain the above copyright
   notice, this list of conditions and the following disclaimer.

2. Redistributions in binary form must reproduce the above copyright
   notice, this list of conditions and the following disclaimer in
   the documentation and/or other materials provided with the
   distribution.

3. The names "OpenOSP", "OpenOSP server" and "Cisco" must not be used
   to endorse or promote products derived from this software without 
   prior written permission. For written permission, please contact 
   openosp@vovida.org.

4. Products derived from this software may not be called "CISCO" or 
   "OpenOSP", nor may "CISCO" or "OpenOSP" appear in their name, without
   prior written permission.

THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESSED OR IMPLIED
WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE AND
NON-INFRINGEMENT ARE DISCLAIMED.  IN NO EVENT SHALL VOVIDA
NETWORKS, INC. OR ITS CONTRIBUTORS BE LIABLE FOR ANY DAMAGES
IN EXCESS OF $1,000, NOR FOR ANY INDIRECT, INCIDENTAL, SPECIAL,
EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH
DAMAGE.

====================================================================
INTRODUCTION 
====================================================================

OpenOSP is an open source implementation of a server for the Open Settlement 
Protocol (OSP). It was developed jointly by Cisco Systems, Inc. and Data 
Connection Limited.

The OpenOSP stack is intended for use both by OEMs with existing OSS solutions,
and by new entrants for whom it provides a large proportion of the componentry 
needed to develop a standalone OSP server. For OEMs needing to integrate OSP 
capabilities into an existing OSS solution, the stack provides APIs to make this
integration easy and to maintain existing value-add features. For new entrants,
the stack ships with sample implementations of OpenOSP application functions 
(usage metering, authorization and routing, authentication, security, etc). 
Together with some other open source components, with which the stack has been 
extensively tested, these provide all the components required to build and 
deploy an OSP server.

KEY FEATURES

OpenOSP is a full implementation of an OSP server, based on version 2.1.0 of 
the OSP protocol as defined in ETSI document TS 101 321 v2.1.0 (2000-05), and 
including backward compatibility with clients implemented to v1.4.2 of the OSP 
specification. It supports the following functions.

- All the OSP transactions, including 
    - capabilities 
    - call authorization 
    - subscriber authentication 
    - pricing update 
    - usage metering (including the enhanced usage reports defined in Annex C 
      of the OSP Specification) 

- A rich set of security capabilities, including 
    - SSL v3 and TLS v1 with support for the following ciphersuites: 
        * SSL_RSA_WITH_3DES_EDE_CBC_SHA 
        * SSL_RSA_EXPORT_WITH_DES40_CBC_SHA 
        * SSL_RSA_WITH_NULL_SHA 
        * SSL_RSA_WITH_DES_CBC_SHA 
        * SSL_DH_RSA_WITH_DES_CBC_SHA 
        * SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA 
        * SSL_RSA_WITH_NULL_MD5 
        * SSL_RSA_WITH_NULL_SHA 
    - S/MIME signatures with support for the SHA-1, DSA, MD5 and RSA algorithms 
    - XML authorization tokens with support for PKCS-7 signatures 

- The SCEP protocol used by Cisco routers for PKI operations, using direct 
  client LDAP access for certificate query and CRL access. 


IMPLEMENTATION

The OpenOSP server protocol stack is a fully functional, secure, highly 
scalable C implementation of OSP. It is written in C for UNIX platforms with 
POSIX threads, with the development and testing being done on Sparc Solaris. 
As far as is possible the code does not use any platform-specific functions, 
and is engineered to be easily portable to other UNIX variants. 

The OpenOSP distribution is designed to be suitable both for integration with 
existing OSS software, and as a base for rapid development of a standalone OSP 
server product. The distribution is composed of 

- a core OSP server protocol stack using defined APIs to interface to the other 
  components required for a full OSP server solution 

- sample implementations of the other components, suitable for deploying a 
  standalone OSP server. [Note that these components are developed, tested, 
  and supported to the same standard as the core OSP server code.] 

- a core SCEP server protocol stack, plus additional utility programs, to 
  provide base certificate authority (CA) operation, so that an OEM's initial 
  development project can proceed without the need for a separate CA. 

For OEMs needing to integrate OSP capabilities into an existing OSS solution,
the APIs are designed to make this integration easy and to maintain existing 
value-add features.  For new entrants, the stack ships with sample 
implementations of OpenOSP application functions (usage metering, authorization 
and routing, authentication, security, etc). Together with some other open 
source components, with which the stack has been extensively tested, these 
provide all the components required to build and deploy an OSP server.


====================================================================
NEW FEATURES AND FUNCTIONS IN THIS RELEASE 
====================================================================

V2.0 is the final release of Open Osp Server.  No future release is planned at 
this time.  V2.0 completes the full implementation of final OSP V2.1.0 
specification as follows:
  
- All OSP messages: AuthorizationRequest, AuthorizationIndication, 
  AuthorizationResponse, AuthorizationConfirmation, ReauthorizationRequest, 
  ReauthorizationResponse, PricingIndication, PricingConfirmation, 
  UsageIndication, UsageConfirmation, SubscriberAuthenticationRequest, 
  SubscriberAuthenticationResponse, CapabilitiesIndication, 
  CapabilitiesConfirmation
  
- Token signing with all supported algorithms
  
- SSL/TLS security with all supported ciphers
  
- S/MIME security with all supported algorithms
  
- Full multi-threaded operation including testing on symmetric multi-processor 
  systems.  

====================================================================
BUG FIXES 
====================================================================

No known bugs at this time.  Please report all bugs to the OpenOSP mailing 
list at openosp@vovida.org.  Please be aware that bug fixes will NOT be 
supported.

====================================================================
KNOWN LIMITATIONS
====================================================================

The sample application distributed with the OSP stack contains sample 
implementations of application functions such as usage metering, authorization 
and routing, authentication, security, etc.   It needs to be modified or 
replaced to address a given OEM's (or any interested users' ) requirements.

====================================================================
GETTING STARTED
====================================================================

Open OSP server is a standalone server designed to facilitate rapid integration
with existing OSS solutions.  For more information on building and using the 
Open Osp Server, please refer to various Open OSP documents on the Open OSP 
download page at http://www.vovida.org.

SOFTWARE DEPENDENCIES
--------------------------------------------------------------------

Open OSP server runs on Solaris operating system.  In additonal to the source 
code in the openosp directory, Open Osp server requires the following open source software distributions in order to build and run:

- OpenSSL (http://www.openssl.org/), a toolkit implementing the Secure 
  Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols 
  and a general purpose cryptography library
  
- Expat (http://www.jclark.com/xml/expat.html), a library used to parse the 
  XML portion of the OSP messages
  
- OpenLDAP (http://www.openldap.org/), a library used by the sample 
  authorization and subscriber authentication components to access an LDAP 
  directory. 

Please refer to respective web sites for licensing information with respect to 
the above open source distributions.

HARDWARE REQUIREMENTS
--------------------------------------------------------------------

Performance data indicates that the CPU cost and the storage requirement of 
the Open OSP stack unburdened by an application are very small.  As an example,
with a Sun Ultra60 with two 450Mhz processors, the Open OSP stack can process 
approximately 800 calls per second.

The hardware requirements - CPU and RAM - for a given application rest 
primarily on 

-  the required system scaling (number of concurrent client connections, client 
   transaction rates),

-  the storage and CPU requirements of the application above the stack.

The key point to make is that the requirements of the application will 
typically dwarf that of the stack, and so the overall requirement is 
essentially that of the application.

For more information on the performance of Open OSP stack, please reference to 
Open Osp test results and scalability document on the Open OSP download page 
at http://www.vovida.org/.


PLATFORM SUPPORTED
--------------------------------------------------------------------

Open OSP server code has been tested primarily on Solaris 7. A limited amount 
of testing was also done on Solaris 8.  The intention in producing the code 
was to avoid potential portability issues.  It is expected that porting 
Open OSP code to other Unix and Linux platforms would require relative less 
effort.


INSTALLATION INSTRUCTIONS
--------------------------------------------------------------------

For intallation instructions, please refer to the OpenOsp installation
and Configuration Guide on the Open OSP download page at http://www.vovida.org.

COMPILE INSTRUCTIONS
--------------------------------------------------------------------

Open OSP server code has been compiled with the following two compilers

- Sun Workshop C5.0
- Gnu gcc 2.95.2

The makefiles make little use of compilier options, so most C compilers should 
be fine.

For detailed compilation instructions, please refer to the OpenOsp installation
and Configuration Guide on the Open OSP page at http://www.vovida.org.

USING THE SOFTWARE
--------------------------------------------------------------------

For instructions on configuring and running the OpenOsp server, please refer to 
the OpenOsp installation and Configuration Guide on the Open OSP download page
at http://www.vovida.org.

TESTING THE SOFTWARE
--------------------------------------------------------------------

The OpenOsp stack is distributed with sample application code suited for 
deployment as a standalone server.  Please refer to the OpenOsp installation 
and Configuration Guide and OEM customerization document on the Open OSP 
download page at http://www.vovida.org for more information.

====================================================================
SOURCE CODE INFORMATION
====================================================================

Please refer to Summary of OpenOSP Interfacee document on the Open OSP download
page at http://www.vovida.org for a short summary of Open OSP APIs.  For more 
detailed information, please refer to Open OSP API documents at the same 
location.

====================================================================
DIRECTORY STRUCTURE 
====================================================================

Starting from the root of the OpenOSP code (see the Installation and
Configuration manual for where to put the expat, OpenSSL and OpenLDAP code),
you have the following subdirectories.

crtool	        - Certificate revocation tool.
patch		- Patch to OpenSSL.  Should eventually make it into an
                  OpenSSL distribution.
samplapp	- Sample application code.
samples	        - Sample config files for OpenOSP and OpenLDAP.
stack		- The OSP server protocol stack.
test		- Contains a script to generate a CA certificate.
trace		- Diagnostics code.

When the code is built, each source directory gets two subdirectories - rel
and dbg, respectively containing debug and release builds of the code.

====================================================================
CONTRIBUTORS 
====================================================================  

This software was developed by Data Connection Limited and released open source
by Cisco Systems, Inc.

====================================================================
CONTACT INFORMATION AND WEBSITE
====================================================================
We welcome your feedback, suggestions and contributions. Contact us
via email if you have questions, feedback, code submissions, 
and bug reports.

For general inquiries - info@vovida.org

We have mailing lists for OpenOSP: 
OpenOSP - openosp@vovida.org

You can subscribe to the mailing lists on www.vovida.org. 

====================================================================