On 03.12.2019 15:39, volga629 via Users wrote:
Thank you reply, so any bad actor can't use as example with self sign
certificates ? So digital signature must be produced from well known
authorized CA certificate key pair ?
Correct. The bad actor's self-signed X509 STIR/SHAKEN certificate can
be easily
distinguished from an officially recognized one (exactly like HTTPS certs).
Can you point on one of the well know CA authority which authorized
for SHAKEN/STIR.
volga629
The last known info I have is this [1] "call for certification
authorities", back in
July. I'm not sure whether the deadline is over, or if any CAs have
started popping up,
but from what I just searched, things haven't progressed much.
Regards,
[1]:
https://sites.atis.org/insights/sti-ga-call-for-certificate-authorities/
Liviu Chircu
OpenSIPS Developer
http://www.opensips-solutions.com
_______________________________________________
Users mailing list
[email protected]
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
