[VoiceOps] STIR/SHAKEN Discussion: Will it help?

mgraves mstvp.com mgraves at mstvp.com
Thu Dec 19 13:08:18 EST 2019

My impression is that it will eventually allow for very efficient traceback, since the info will be carried in the call. It will effectively have a complete trace embedded.

What happens with that info is another matter entirely. We can presume that it will be used to good effect, but that may be optimistic. Traceback info is being generated now. Rarely does it result in anything tangible.

Michael Graves
mgraves at mstvp.com<mailto:mgraves at mstvp.com>
o: (713) 861-4005
c: (713) 201-1262
sip:mgraves at mjg.onsip.com

From: VoiceOps <voiceops-bounces at voiceops.org> On Behalf Of Glen Gerhard
Sent: Thursday, December 19, 2019 11:59 AM
To: voiceops at voiceops.org
Subject: Re: [VoiceOps] STIR/SHAKEN Discussion: Will it help?


the initial rollout of S/S does not include delegated certificates. It's being rushed so at least basic call blocking/tracing can be done by tier one carriers. It is usable in the limited design but doesn't cover all use cases. Using the public CA is still the work in progress from my understanding.

Delegated certs is a much more complex call flow and has potential holes in the vetting process of the call flow chain. It has to allow for a customer to pass the call through several App/CPAAS providers before hitting the telco operators so the number of companies that need to be properly vetted for ownership and right to use information is MUCH larger.

I think eventually it will be effective in cutting down the number of rogue callers and catching the ones that are egregious offenders.


On 12/18/2019 21:09, Peter Beckman wrote:
On Tue, 17 Dec 2019, Calvin Ellison wrote:

If you want to keep up to date on this, join the ATIS IP NNI and SIP Forum
mailing lists. You'll see frequent notifications as the policy and protocol
documents get updated.

On Tue, Dec 17, 2019 at 3:49 PM Peter Beckman <beckman at angryox.com><mailto:beckman at angryox.com> wrote:

  In my case, we use different termination carriers than our origination
  carriers in many situations. If we are authorized to use a DID for
  CallerID, but it is not from the termination carrier, how does the
  termination carrier know to set the attestation to full?

This one of the things being worked out. There are frameworks for
certificate delegation and TN authorization, but I can't speak to the

 Awesome to hear Calvin. I was under the impression that the STIR/SHAKEN
 standard had been ratified by the participating carriers and they were
 moving forward. I have not seen anything about cert delecation and TN
 authorization in the technical specs.

 Is STIR/SHAKEN not really completed and ready for deployment yet? The FCC
 and larger carriers seem to be moving forward with test implementations
 without of TN authorization and delegation.

Peter Beckman                                                  Internet Guy
beckman at angryox.com<mailto:beckman at angryox.com>                                 http://www.angryox.com/
VoiceOps mailing list
VoiceOps at voiceops.org<mailto:VoiceOps at voiceops.org>


Glen Gerhard

glen at cognexus.net<mailto:glen at cognexus.net>


Cognexus, LLC

7891 Avenida Kirjah

San Diego, CA 92037
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/voiceops/attachments/20191219/a0d66f0b/attachment-0001.htm>

More information about the VoiceOps mailing list