[VoiceOps] [EXTERNAL] Identity Header Test Tool

dfrigen at wabash.net dfrigen at wabash.net
Tue Jul 5 13:04:52 EDT 2022



This may be helpful.




From: VoiceOps <voiceops-bounces at voiceops.org> On Behalf Of Dovid Bender
Sent: Tuesday, July 5, 2022 11:34 AM
To: Zilk, David <David.Zilk at cdk.com>
Cc: voiceops at voiceops.org
Subject: Re: [VoiceOps] [EXTERNAL] Identity Header Test Tool


It seems that BandWidth is currently signing all calls from their customer where the DID is not with BandWidth as B.



On Tue, Jul 5, 2022 at 12:31 PM Zilk, David <David.Zilk at cdk.com <mailto:David.Zilk at cdk.com> > wrote:

I am getting results from a test to the Bandwidth number that are confusing. It appears that our Identity header is not making it through to them, however the call does have an Identity header, certified by Bandwith, with B attestation. This is odd as we don't have any direct business relationship with Bandwidth. How can they claim B attestation?

David Zilk
CDK Global/IP Networked Services

-----Original Message-----
From: VoiceOps <voiceops-bounces at voiceops.org <mailto:voiceops-bounces at voiceops.org> > On Behalf Of David Frankel
Sent: Sunday, July 3, 2022 8:05 AM
To: voiceops at voiceops.org <mailto:voiceops at voiceops.org> 
Subject: [EXTERNAL] [VoiceOps] Identity Header Test Tool

CAUTION: This email originated from outside of the CDK organization. Exercise caution when clicking links or opening attachments, especially from unknown senders.

Last week I was forwarded a note from this list regarding tools to test and debug SHAKEN Identity headers. That prompted us to stitch together some modules we already had in an attempt to help.

What we have is at http://identity.legalcallsonly.org. You can call one of the test numbers listed on that page, and if we receive your header, we'll read you a six-digit code. Disconnect and then plug the code into the box on the web form, and we'll show you details of that Identity header.

Perhaps most importantly, you'll be able to see if the header we received is the one you sent. In addition, we parse the header and try to tell you if it is correctly formatted and valid.

Currently we have a couple of geographic DIDs and three toll-free numbers (each using different underlying providers). So far we aren't having a lot of success getting the Identity headers on the TFNs; we're working to improve that.

Suggestions welcome. We hope the tool provokes more discussion about best practices regarding making the Authentication Framework as functional and useful as possible.

Happy 4th of July!

David Frankel
St. George, UT USA

VoiceOps mailing list
VoiceOps at voiceops.org <mailto:VoiceOps at voiceops.org> 
VoiceOps mailing list
VoiceOps at voiceops.org <mailto:VoiceOps at voiceops.org> 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/voiceops/attachments/20220705/cb96a627/attachment.htm>

More information about the VoiceOps mailing list