I’ve been playing with a friend’s iPhone to see how the activation process works (there are people who want an iPhone to use it as an iPod and WiFi device without having to enter into a 2-year AT&T contract).
The following pieces of information are used to activate an iPhone:
Unfortunately, the activation data is cryptographically signed. The following certificate (“Apple iPhone Activation”, issued by “Apple iPhone Certification Authority”) is used to verify the signature:
-----BEGIN CERTIFICATE----- MIIDZzCCAk+gAwIBAgIBAjANBgkqhkiG9w0BAQUFADB5MQswCQYDVQQGEwJVUzET MBEGA1UEChMKQXBwbGUgSW5jLjEmMCQGA1UECxMdQXBwbGUgQ2VydGlmaWNhdGlv biBBdXRob3JpdHkxLTArBgNVBAMTJEFwcGxlIGlQaG9uZSBDZXJ0aWZpY2F0aW9u IEF1dGhvcml0eTAeFw0wNzA0MTYyMjU1MDJaFw0xNDA0MTYyMjU1MDJaMFsxCzAJ BgNVBAYTAlVTMRMwEQYDVQQKEwpBcHBsZSBJbmMuMRUwEwYDVQQLEwxBcHBsZSBp UGhvbmUxIDAeBgNVBAMTF0FwcGxlIGlQaG9uZSBBY3RpdmF0aW9uMIGfMA0GCSqG SIb3DQEBAQUAA4GNADCBiQKBgQDFAXzRImArmoiHfbS2oPcqAfbEv0d1jk7GbnX7 +4YUlyIfprzBVdlmz2JHYv1+04IzJtL7cL97UI7fk0i0OMY0al8a+JPQa4Ug611T bqEt+njAmAkge3HXWDBdAXD9MhkC7T/9o77zOQ1oli4cUdzlnYWfzmW0PduOxuve AeYY4wIDAQABo4GbMIGYMA4GA1UdDwEB/wQEAwIHgDAMBgNVHRMBAf8EAjAAMB0G A1UdDgQWBBShoNL+t7Rz/psUaq/NPXNPH+/WlDAfBgNVHSMEGDAWgBTnNCouIt45 YGu0lM53g2EvMaB8NTA4BgNVHR8EMTAvMC2gK6AphidodHRwOi8vd3d3LmFwcGxl LmNvbS9hcHBsZWNhL2lwaG9uZS5jcmwwDQYJKoZIhvcNAQEFBQADggEBAF9qmrUN dA+FROYGP7pWcYTAK+pLyOf9zOaE7aeVI885V8Y/BKHhlwAo+zEkiOU3FbEPCS9V tS18ZBcwD/+d5ZQTMFknhcUJwdPqqjnm9LqTfH/x4pw8ONHRDzxHdp96gOV3A4+8 abkoASfcYqvIRypXnbur3bRRhTzAs4VILS6jTyFYymZeSewtBubmmigo1kCQiZGc 76c5feDAyHb2bzEqtvx3WprljtS46QT5CR6YelinZnio32jAzRYTxtS6r3JsvZDi J07+EHcmfGdpxwgO+7btW1pFar0ZjF9/jYKKnOYNyvCrwszhafbSYwzAG5EJoXFB 4d+piWHUDcPxtcc= -----END CERTIFICATE-----
How well is the cert protected? Read-only media?
So: what did you think of the phone?
Activate it with AT&T’s prepay service and cancel http://www.tuaw.com/2007/07/02/tada-the-6th-gen-contract-free-wifi-enabled-ipod/
The simplest solution so far seems to activate, and cancel within 30 days (avoiding the early termination fee).
More info here
The cert includes
X509v3 CRL Distribution Points:
URI:http://www.apple.com/appleca/iphone.crl
but
wget http://www.apple.com/appleca/iphone.crl
–2:13:29– http://www.apple.com/appleca/iphone.crl
=> `iphone.crl’
Resolving http://www.apple.com... 17.149.160.10
Connecting to http://www.apple.com|17.149.160.10|:80… connected.
HTTP request sent, awaiting response… 404 Not Found
2:13:29 ERROR 404: Not Found.
certificate valid is untill 17. april 2014 00:55:02 – which makes phone part useless after that time? when acually certificate is used, is it one time process or all the time … etc.
this makes me :-))