AT&T is now using STIR/SHAKEN (incorrectly James Bonded as SHAKEN/STIR in
the article) to identify calls with Full Attestation as "Verified" on
select Android phones.
https://www.engadget.com/2019/12/18/att-call-validation-displays/
Thankfully they note, as this discussion was intended to highlight, "This
doesn't guaranteed that someone calling from a real number is above-board,
either. It could still be a robocaller, a scammer or a telemarketer."
I'm concerned that smaller carriers are going to be hurt by STIR/SHAKEN
being implemented by large carriers who own both their numbers and the end
users, whereas smaller carriers need to get numbers and termination from
different carriers to achieve competitive rates.
Beckman
On Thu, 19 Dec 2019, mgraves mstvp.com wrote:
My impression is that it will eventually allow for very efficient traceback,
since the info will be carried in the call. It will effectively have a complete
trace embedded.
What happens with that info is another matter entirely. We can presume that it
will be used to good effect, but that may be optimistic. Traceback info is
being generated now. Rarely does it result in anything tangible.
Michael Graves
[email protected]<mailto:[email protected]>
o: (713) 861-4005
c: (713) 201-1262
sip:[email protected]
From: VoiceOps <[email protected]> On Behalf Of Glen Gerhard
Sent: Thursday, December 19, 2019 11:59 AM
To: [email protected]
Subject: Re: [VoiceOps] STIR/SHAKEN Discussion: Will it help?
Peter,
the initial rollout of S/S does not include delegated certificates. It's being
rushed so at least basic call blocking/tracing can be done by tier one
carriers. It is usable in the limited design but doesn't cover all use cases.
Using the public CA is still the work in progress from my understanding.
Delegated certs is a much more complex call flow and has potential holes in the
vetting process of the call flow chain. It has to allow for a customer to pass
the call through several App/CPAAS providers before hitting the telco operators
so the number of companies that need to be properly vetted for ownership and
right to use information is MUCH larger.
I think eventually it will be effective in cutting down the number of rogue
callers and catching the ones that are egregious offenders.
~Glen
On 12/18/2019 21:09, Peter Beckman wrote:
On Tue, 17 Dec 2019, Calvin Ellison wrote:
If you want to keep up to date on this, join the ATIS IP NNI and SIP Forum
mailing lists. You'll see frequent notifications as the policy and protocol
documents get updated.
On Tue, Dec 17, 2019 at 3:49 PM Peter Beckman
<[email protected]><mailto:[email protected]> wrote:
In my case, we use different termination carriers than our origination
carriers in many situations. If we are authorized to use a DID for
CallerID, but it is not from the termination carrier, how does the
termination carrier know to set the attestation to full?
This one of the things being worked out. There are frameworks for
certificate delegation and TN authorization, but I can't speak to the
details.
Awesome to hear Calvin. I was under the impression that the STIR/SHAKEN
standard had been ratified by the participating carriers and they were
moving forward. I have not seen anything about cert delecation and TN
authorization in the technical specs.
Is STIR/SHAKEN not really completed and ready for deployment yet? The FCC
and larger carriers seem to be moving forward with test implementations
without of TN authorization and delegation.
Beckman
---------------------------------------------------------------------------
Peter Beckman Internet Guy
[email protected]<mailto:[email protected]>
http://www.angryox.com/
---------------------------------------------------------------------------
_______________________________________________
VoiceOps mailing list
[email protected]<mailto:[email protected]>
https://puck.nether.net/mailman/listinfo/voiceops
--
Glen Gerhard
[email protected]<mailto:[email protected]>
858.324.4536
Cognexus, LLC
7891 Avenida Kirjah
San Diego, CA 92037
---------------------------------------------------------------------------
Peter Beckman Internet Guy
[email protected] http://www.angryox.com/
---------------------------------------------------------------------------
_______________________________________________
VoiceOps mailing list
[email protected]
https://puck.nether.net/mailman/listinfo/voiceops
_______________________________________________
VoiceOps mailing list
[email protected]
https://puck.nether.net/mailman/listinfo/voiceops
