2.5 Processing Flow of Configuration File DownloadSequence
The device downloads the configuration file in the following specified order.
CFG_STANDARD_FILE_PATH ® CFG_PRODUCT_FILE_PATH ® CFG_MASTER_FILE_PATH
<PANASIPPhoneConfig>
<Initial>
<CfgFiles>
<CFG_STANDARD_FILE_PATH>http://prov.com/Config{MAC}.cfg</CFG_STANDARD_FILE_PATH>
<CFG_PRODUCT_FILE_PATH>http:/prov.com/Config{MODEL}.cfg</CFG_PRODUCT_FILE_PATH
<CFG_MASTER_FILE_PATH>http://prov.com/ConfigCom.cfg</CFG_MASTER_FILE_PATH>
</CfgFiles>
</CfgFiles>
</Initial>
</PANASIPPhoneConfig>
Since the files are processed according to the downloading order, any parameter which appears in
CFG_PRODUCT_FILE_PATH will not override the same parameter in CFG_STANDARD_FILE_PATH. Similarly,
any parameter in CFG_MASTER_FILE_PATH will not override the same parameter in
CFG_PRODUCT_FILE_PATH.
Note
If the device is unsuccessful in reaching the provisioning server or if an invalid configuration file format
is detected, the device will use the local saved configuration (i.e., the previously downloaded
configuration) in order to provide the most reliable service possible to the end-user.
2.6 Secure Provisioning

2.6.1 Using Encryption When Transferring Configuration Files

This method involves transferring the configuration files in a encrypted format, where a symmetric key is used
to encrypt and decrypt the file.

Provisioning Server Requirements

In order to use this method, the server must be designed to comply with the following process in regards to
how the server gives the device its key and how the key is changed.
1. The server must be capable of generating a unique 32-byte key for each device. This key is used to encrypt
the configuration files.
2. Prior to the device's first download of its MAC-specific configuration file (known as the standard
configuration file), the server must generate a plain text MAC-specific configuration file for the device. This
is where the key is placed and how the device gets its key.
3. After the device's first download, the server must delete the plain text MAC-specific configuration file, and
generate an encrypted version for the device configuration files using the key. The server encrypts the file
using OpenSSL and the device's key.
At this point, when the phone downloads the device configuration files, it will decrypt the files using the
previously obtained key.
4. If the device ever needs a new key, there must be a method for an administrator to access the server and
generate a new key for the device. This will force the server to delete the existing encrypted configuration
files of the device and generate a new key as well as a new plain text MAC-specific configuration file. Once
Document Version 2014-05 Administrator Guide 47
2.6.1 Using Encryption When Transferring Configuration Files