Hello, thanks for giving further details. Just wanted to give the basic details about these topics and Kamailio ... a C module can be contributed if someone wants to do it, but other alternatives are already possible ...
Cheers, Daniel On 23.08.19 07:50, Yuriy Gorlichenko wrote: > Hello, Daniel. > You disscussed it with Oleg Belousov at Kamailio World 2019. ( I added > him in cc as he Just subscribed on list and did not saw this thread) > > I was a part of his team Who realized this. > Yes, we've implemented STIR/SHAKEN platform for mobile operator, using > Lua, which interrogates with php-fpm scripts via http/json queries. > Apart from signing SIP requests and validation of identity headers we > had to deploy additional business requirements, > including integration with CVT (Call Validation Treatment) entity, > special handling of certain SIP headers, blacklisting, etc. Above > approach gave us bit more flexibility. > > We can deploy C module, if required, can share our expertize as well. > > On Fri, 16 Aug 2019, 16:38 Daniel-Constantin Mierla, > <[email protected] <mailto:[email protected]>> wrote: > > Hello, > > at couple of events I participated during the past few months, I was > asked about support of STIR/SHAKEN (caller identity > authentication/verification), which is a hot topic these days at least > in USA, aiming to combat "fraudulent" robo-calling. Therefore I > thought > of share some details with everyone in the community about the > state in > Kamailio, writing to both devs and users, the information being > relevant > for everyone. > > We already have the (related) module named auth_identity, available > since 2008 (iirc): > > - > https://www.kamailio.org/docs/modules/stable/modules/auth_identity.html > > But it implements the previous iteration of the specs for caller > identity, respectively RFC 4474: > > - https://tools.ietf.org/html/rfc4474 > > However, that RFC is obsoleted by 8224 (the latest core specs for > STIR/SHAKEN): > > - https://tools.ietf.org/html/rfc8224 > > Then, there are also RFCs 8225 and 8226 to add to the core specs. > > Should anyone be interested to implement STIR/SHAKEN specs in a > modules, > I would suggest to start from auth_identity -- might not be much > work to > update it to become conform with latest specs (a new module can be > created, of course, even when starting from auth_identity). > > However, these specs are about signing the SIP request (the > INVITE) with > special PKI certificate. It can be done easily with embedded scripts > such as Lua or Python (inline execution in native kamailio.cfg or > using > kemi scripts). At Kamailio World 2019, one of the participants I > discussed with told me they already implemented using Lua. > > That's it for a starting point, if anyone wants to discuss more, just > reply to sr-users and add your comments or ask the questions. > > If someone wants to go ahead and work on a C module, announce yourself > to avoid duplicate work of others, and use sr-dev if you need > assistance > on module development. > > Cheers, > Daniel > > -- > Daniel-Constantin Mierla -- www.asipto.com <http://www.asipto.com> > www.twitter.com/miconda <http://www.twitter.com/miconda> -- > www.linkedin.com/in/miconda <http://www.linkedin.com/in/miconda> > > > _______________________________________________ > Kamailio (SER) - Users Mailing List > [email protected] <mailto:[email protected]> > https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users > -- Daniel-Constantin Mierla -- www.asipto.com www.twitter.com/miconda -- www.linkedin.com/in/miconda
_______________________________________________ Kamailio (SER) - Development Mailing List [email protected] https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-dev
