I was responding to David's statement of "it effectively mean you MUST remove it from the headers, since the TNs in the payload must match the TNs in the headers for the identity to be valid." This statement is incorrect, as evidenced by the ATIS docs.
The clearest example is in 1000082 8.2.1 which describes the validation process, and how the orig tn and dest tn from the passport are to be compared to the values from the SIP To: and From: headers:
Normalize to the canonical form the received in the “verificationRequest” “from” and “to” telephone numbers (remove visual separators and leading “+”) and compare them with ones extracted from the “orig” and “dest” claims of PASSporT payload.
From: sr-users <sr-users-bounces@lists.kamailio.org> on behalf of Emilio Panighetti <emiliop@operalogic.com>
Sent: Wednesday, November 3, 2021, 10:42 PM__________________________________________________________
To: Kamailio (SER) - Users Mailing List
Subject: Re: [SR-Users] STIR/SHAKEN, is a number format mandatory?
Take a look at ATIS-1000082: https://access.atis.org/apps/group_public/download.php/45032/ATIS-1000082.pdf6.2 Datatype:origTelephoneNumber
Field
Type
Required?
Description
tn
String
Allowed Characters : [0-9],*,#,+, and
visual separators defined in RFC 3966: “.”, “-“, “(“, “)”.Y
Telephone Number of Originating identity.
Server will remove all non-numeric characters if received except star (*) and pound (#) characters.
Ex.: (+1) 235-555-121212355551212
Do you really trust a 3rd party server to do your job?The attestation is done with the bare digits as in the example above: 12355551212 clear from all decorators including the preceding ‘+’.
If you look at any identity header with an attestation, the numbers are always as above, without decorators.
If you go to 8.1.3.2 Request Sample within the same document, all the JSON samples contain no decorators.
What you’re quoting from ATIS-1000074 are SIP headers.The current version is https://access.atis.org/apps/group_public/download.php/45032/ATIS-1000082.pdfIt explains the overall protocol. The implementation details are in ATIS-1000082
Regards
On Nov 3, 2021, at 10:48 PM, Ben Kaufman <bkaufman@nexvortex.com> wrote:
__________________________________________________________I don’t think so, because the examples in ATIS-1000074-E specifically show To: and From: headers with a leading plus:From: "Alice"<sip:+12155551212@tel.example2.net>;tag=614bdb40I think the necessity is only to logically match the values there.
Sent: Wednesday, November 3, 2021 6:43 PM
To: Kamailio (SER) - Users Mailing List <sr-users@lists.kamailio.org>
Subject: Re: [SR-Users] STIR/SHAKEN, is a number format mandatory?then it effectively mean you MUST remove it from the headers, since the TNs in the payload must match the TNs in the headers for the identity to be valid.On Wed, Nov 3, 2021 at 11:12 PM Ben Kaufman <bkaufman@nexvortex.com> wrote:According to ATIS-1000074-E
“ the term "valid telephone number" refers to a telephone number that is a nationally specific service number (e.g., 611, 911), or a telephone number that can be converted into a globally routable E.164 number, as specified in section 8.3 of [RFC 8224].”
>From the RFC (https://datatracker.ietf.org/doc/html/rfc8224#section-8.3)
Implementations MUST drop any "+"s, internal dashes, parentheses,
or other non-numeric characters, except for the "#" or "*" keys
used in some special service numbers (typically, these will appear
only in the To header field value). This MUST result in an ASCII
string limited to "#", "*", and digits without whitespace or
visual separators.
In looking at the examples in ATIS-1000074-E, this doesn’t mean that the + should be removed from the other SIP headers (To:, From:, etc), but apparently it shouldn’t be in the jwt of the Identity header.
Sent: Wednesday, November 3, 2021 5:32 PM
To: Kamailio (SER) - Users Mailing List <sr-users@lists.kamailio.org>
Subject: [SR-Users] STIR/SHAKEN, is a number format mandatory?Hello guys,I'm getting failed by my provider because I'm sending to them with +1 both on the headers and on the payload. My understanding is there is no mandatory format, or is there?
__________________________________________________________
Kamailio - Users Mailing List - Non Commercial Discussions
* sr-users@lists.kamailio.org
Important: keep the mailing list in the recipients, do not reply only to the sender!
Edit mailing list options or unsubscribe:
* https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
Kamailio - Users Mailing List - Non Commercial Discussions
* sr-users@lists.kamailio.org
Important: keep the mailing list in the recipients, do not reply only to the sender!
Edit mailing list options or unsubscribe:
* https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
Kamailio - Users Mailing List - Non Commercial Discussions
* sr-users@lists.kamailio.org
Important: keep the mailing list in the recipients, do not reply only to the sender!
Edit mailing list options or unsubscribe:
* https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users