Glen, What are we to do for our clients who have DID/TFN from 3rd paries? We won't have any relationship with their DID provider to request a delegated certificate, and wouldn't have one of our own to sign those calls, even as Attestation level B or C. Does the client need to request a delegated cert and provide it to each termination carrier they want to use?
I had a call with Bandwidth today was told the delegated certificates would need to contain (or refer via URL) a list of which numbers are permitted to be signed by that cert. I hope they've considered the potential information leak here and use hashes of the permitted numbers, not the numbers in cleartext. For what it's worth, I received confirmation from NECA that an IPES OCN can be issued without an FCC waiver. This would at least let us sign with level B or C. Query to NECA and their reply: Assuming I will need an OCN, I have been told that VoIP carriers that are not certified by the FCC as Interconnected VoIP carriers cannot be assigned an OCN. This doesn't jive with the lingo on your website: IPES service: Proof of service and customers, e.g., interconnection agreement (or evidence of an interconnection order pursuant to an approved tariff) and contractual agreements with end-user customers. Or, regulatory administration approval, if applicable. We definitely have contracted customers and definitely have interconnections with DID/TFN origination carriers and termination carriers. If we have no intention to obtain numbering resources directly, can we still obtain an OCN? *Yes, you can still obtain an OCN.* Regards, *Calvin Ellison* Senior Voice Operations Engineer [email protected] +1 (213) 285-0555 ----------------------------------------------- *voxox.com <http://www.voxox.com/> * 5825 Oberlin Drive, Suite 5 San Diego, CA 92121 [image: Voxox] On Tue, Aug 20, 2019 at 9:17 AM Glen Gerhard <[email protected]> wrote: > Yes, I believe that is the case today. In the new "delegated certificate" > model the VoIP provider (or CPaaS provider) will be provided a certificate > from the OCN that is used for the ANI. This delegated certificate will give > the downstream carriers A level Attestation for the calls regardless of > where the outbound calls are originated. > > Ultimately it is the originating Enterprise that needs to be traceable > from the terminating carrier. Once this relationship chain has been vetted > the certificates can be delegated and used at call set up time. NetNumber > has a service for brokering the Certificates but the spec is not fully > adopted to my knowledge. > > Another proposal at ATIS is to have the sending CNAM (and expanded eCNAM) > validated with a similar vetted relationship and certificate chain. > Ultimately this may be more useful for both the Enterprise and the Callee > than just the ANI. > > ~Glen > > > On 8/16/2019 11:40, Mary Lou Carey wrote: > > So it sounds to me like you just have to be a certified carrier to get a > STIR/SHAKEN certificate. That means either a CLEC, Wireless, or > Interconnected VOIP Carrier. The VOIP carriers that are not certified by > the FCC as Interconnected VOIP carriers cannot be assigned an OCN. > > MARY LOU CAREY > BackUP Telecom Consulting > Office: 615-791-9969 > Cell: 615-796-1111 > > On 2019-08-16 01:32 PM, Calvin Ellison wrote: > > As explained to me by TransNexus, the Certificate Authorities will > most likely require an OCN. VoIP carriers with their own numbering > resources already have their IPES category OCN. It's also possible > they might only require a SPID. > > Regards, > > CALVIN ELLISON > Senior Voice Operations Engineer > [email protected] > +1 (213) 285-0555 > > ----------------------------------------------- > VOXOX.COM [1] > 5825 Oberlin Drive, Suite 5 > San Diego, CA 92121 > > On Fri, Aug 16, 2019 at 8:02 AM Dovid Bender <[email protected]> > <[email protected]> > wrote: > > Alex, > > You would think so. From what I understand you will need to be a LEC > to get a cert. > > On Fri, Aug 16, 2019 at 10:33 AM Alex Balashov > <[email protected]> <[email protected]> wrote: > > If non-LEC VoIP providers can direct own numbering resources now, > it follows that they should be able to partake of STIR/SHAKEN. > > — > Sent from mobile, with due apologies for brevity and errors. > > On Aug 16, 2019, at 9:16 AM, Dovid Bender <[email protected]> > <[email protected]> > > wrote: > > > As I understand it if one wants to get a cert for STIR shaken > > you need to become a CLEC. Anyone have a how to/contacts for > companies that make this effortless and easy? > > > > _______________________________________________ > VoiceOps mailing list > [email protected] > https://puck.nether.net/mailman/listinfo/voiceops > > _______________________________________________ > VoiceOps mailing list > [email protected] > https://puck.nether.net/mailman/listinfo/voiceops > > _______________________________________________ > VoiceOps mailing list > [email protected] > https://puck.nether.net/mailman/listinfo/voiceops > > > > Links: > ------ > [1] http://www.voxox.com/ > _______________________________________________ > VoiceOps mailing list > [email protected] > https://puck.nether.net/mailman/listinfo/voiceops > > _______________________________________________ > VoiceOps mailing list > [email protected] > https://puck.nether.net/mailman/listinfo/voiceops > > > -- > Glen [email protected] > 858.324.4536 > > Cognexus, LLC > 7891 Avenida Kirjah > San Diego, CA 92037 > > _______________________________________________ > VoiceOps mailing list > [email protected] > https://puck.nether.net/mailman/listinfo/voiceops >
_______________________________________________ VoiceOps mailing list [email protected] https://puck.nether.net/mailman/listinfo/voiceops
