Oh. Well. Serves me right for not reading curling up with a copy of ATIS-1000074-E at bedtime.

On Nov 3, 2021, at 7:42 PM, David Villasmil david.villasmil.work@gmail.com wrote:

then it effectively mean you MUST remove it from the headers, since the TNs in the payload must match the TNs in the headers for the identity to be valid.

Regards,

David Villasmil email: david.villasmil.work@gmail.com phone: +34669448337

On Wed, Nov 3, 2021 at 11:12 PM Ben Kaufman bkaufman@nexvortex.com wrote: According to ATIS-1000074-E

“ the term "valid telephone number" refers to a telephone number that is a nationally specific service number (e.g., 611, 911), or a telephone number that can be converted into a globally routable E.164 number, as specified in section 8.3 of [RFC 8224].”

From the RFC (https://datatracker.ietf.org/doc/html/rfc8224#section-8.3)

Implementations MUST drop any "+"s, internal dashes, parentheses,

or other non-numeric characters, except for the "#" or "*" keys

used in some special service numbers (typically, these will appear

only in the To header field value). This MUST result in an ASCII

string limited to "#", "*", and digits without whitespace or

visual separators.

In looking at the examples in ATIS-1000074-E, this doesn’t mean that the + should be removed from the other SIP headers (To:, From:, etc), but apparently it shouldn’t be in the jwt of the Identity header.

Ben Kaufman

From: sr-users sr-users-bounces@lists.kamailio.org On Behalf Of David Villasmil Sent: Wednesday, November 3, 2021 5:32 PM To: Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org Subject: [SR-Users] STIR/SHAKEN, is a number format mandatory?

Hello guys,

I'm getting failed by my provider because I'm sending to them with +1 both on the headers and on the payload. My understanding is there is no mandatory format, or is there?

Regards,

David Villasmil

email: david.villasmil.work@gmail.com

phone: +34669448337

---

Kamailio - Users Mailing List - Non Commercial Discussions

• sr-users@lists.kamailio.org

Important: keep the mailing list in the recipients, do not reply only to the sender! Edit mailing list options or unsubscribe:

• https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

---

Kamailio - Users Mailing List - Non Commercial Discussions

• sr-users@lists.kamailio.org

Important: keep the mailing list in the recipients, do not reply only to the sender! Edit mailing list options or unsubscribe:

• https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

Take a look at ATIS-1000082: https://access.atis.org/apps/group_public/download.php/45032/ATIS-1000082.pd... https://access.atis.org/apps/group_public/download.php/45032/ATIS-1000082.pdf 6.2 Datatype:origTelephoneNumber

Field

Type

Required?

Description

tn

String Allowed Characters : [0-9],*,#,+, and visual separators defined in RFC 3966: “.”, “-“, “(“, “)”.

Y

Telephone Number of Originating identity.

Server will remove all non-numeric characters if received except star (*) and pound (#) characters.

Ex.: (+1) 235-555-121212355551212

Do you really trust a 3rd party server to do your job? The attestation is done with the bare digits as in the example above: 12355551212 clear from all decorators including the preceding ‘+’.

If you look at any identity header with an attestation, the numbers are always as above, without decorators.

If you go to 8.1.3.2 Request Sample within the same document, all the JSON samples contain no decorators.

What you’re quoting from ATIS-1000074 are SIP headers. The current version is https://access.atis.org/apps/group_public/download.php/45032/ATIS-1000082.pd... https://access.atis.org/apps/group_public/download.php/45032/ATIS-1000082.pdf It explains the overall protocol. The implementation details are in ATIS-1000082

Regards

On Nov 3, 2021, at 10:48 PM, Ben Kaufman bkaufman@nexvortex.com wrote:

I don’t think so, because the examples in ATIS-1000074-E specifically show To: and From: headers with a leading plus:

To: <sip:+12155551213@tel.example1.net sip:+12155551213@tel.example1.net> From: "Alice"<sip:+12155551212@tel.example2.net sip:+12155551212@tel.example2.net>;tag=614bdb40

I think the necessity is only to logically match the values there.

Ben Kaufman

From: sr-users <sr-users-bounces@lists.kamailio.org mailto:sr-users-bounces@lists.kamailio.org> On Behalf Of David Villasmil Sent: Wednesday, November 3, 2021 6:43 PM To: Kamailio (SER) - Users Mailing List <sr-users@lists.kamailio.org mailto:sr-users@lists.kamailio.org> Subject: Re: [SR-Users] STIR/SHAKEN, is a number format mandatory?

then it effectively mean you MUST remove it from the headers, since the TNs in the payload must match the TNs in the headers for the identity to be valid.

Regards,

David Villasmil email: david.villasmil.work@gmail.com mailto:david.villasmil.work@gmail.com phone: +34669448337

On Wed, Nov 3, 2021 at 11:12 PM Ben Kaufman <bkaufman@nexvortex.com mailto:bkaufman@nexvortex.com> wrote: According to ATIS-1000074-E

“ the term "valid telephone number" refers to a telephone number that is a nationally specific service number (e.g., 611, 911), or a telephone number that can be converted into a globally routable E.164 number, as specified in section 8.3 of [RFC 8224].”

From the RFC (https://datatracker.ietf.org/doc/html/rfc8224#section-8.3 https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fhtml%2Frfc8224%23section-8.3&data=04%7C01%7Cbkaufman%40nexvortex.com%7Cd6b68fedc3ef4e79b70608d99f23d17a%7Cafc1818e7b6848568913201b9396c4fc%7C1%7C0%7C637715798478316964%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=qUlBsvYwffz93SuoFouWLVvqP5DPaHT8XliTZ68HL64%3D&reserved=0)

Implementations MUST drop any "+"s, internal dashes, parentheses,

or other non-numeric characters, except for the "#" or "*" keys

used in some special service numbers (typically, these will appear

only in the To header field value). This MUST result in an ASCII

string limited to "#", "*", and digits without whitespace or

visual separators.

In looking at the examples in ATIS-1000074-E, this doesn’t mean that the + should be removed from the other SIP headers (To:, From:, etc), but apparently it shouldn’t be in the jwt of the Identity header.

Ben Kaufman

From: sr-users <sr-users-bounces@lists.kamailio.org mailto:sr-users-bounces@lists.kamailio.org> On Behalf Of David Villasmil Sent: Wednesday, November 3, 2021 5:32 PM To: Kamailio (SER) - Users Mailing List <sr-users@lists.kamailio.org mailto:sr-users@lists.kamailio.org> Subject: [SR-Users] STIR/SHAKEN, is a number format mandatory?

Hello guys,

I'm getting failed by my provider because I'm sending to them with +1 both on the headers and on the payload. My understanding is there is no mandatory format, or is there?

Regards,

David Villasmil email: david.villasmil.work@gmail.com mailto:david.villasmil.work@gmail.com phone: +34669448337 __________________________________________________________ Kamailio - Users Mailing List - Non Commercial Discussions * sr-users@lists.kamailio.org mailto:sr-users@lists.kamailio.org Important: keep the mailing list in the recipients, do not reply only to the sender! Edit mailing list options or unsubscribe: * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.kamailio.org%2Fcgi-bin%2Fmailman%2Flistinfo%2Fsr-users&data=04%7C01%7Cbkaufman%40nexvortex.com%7Cd6b68fedc3ef4e79b70608d99f23d17a%7Cafc1818e7b6848568913201b9396c4fc%7C1%7C0%7C637715798478326917%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=c2bwxsS2dkytyDXBShkiFnA2in1KgNc6cBWniba%2BK%2B8%3D&reserved=0__________________________________________________________ Kamailio - Users Mailing List - Non Commercial Discussions * sr-users@lists.kamailio.org mailto:sr-users@lists.kamailio.org Important: keep the mailing list in the recipients, do not reply only to the sender! Edit mailing list options or unsubscribe: * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

So then only numerical values are to be compared, I.e.; there could be any number of decorator on the header, as long as the number match.

On Thu, 4 Nov 2021 at 05:17, Ben Kaufman bkaufman@nexvortex.com wrote:

I was responding to David's statement of "it effectively mean you MUST remove it from the headers, since the TNs in the payload must match the TNs in the headers for the identity to be valid." This statement is incorrect, as evidenced by the ATIS docs.

The clearest example is in 1000082 8.2.1 which describes the validation process, and how the orig tn and dest tn from the passport are to be compared to the values from the SIP To: and From: headers:

Normalize to the canonical form the received in the “verificationRequest” “from” and “to” telephone numbers (remove visual separators and leading “+”) and compare them with ones extracted from the “orig” and “dest” claims of PASSporT payload.

---

*From:* sr-users sr-users-bounces@lists.kamailio.org on behalf of Emilio Panighetti emiliop@operalogic.com *Sent:* Wednesday, November 3, 2021, 10:42 PM

*To:* Kamailio (SER) - Users Mailing List *Subject:* Re: [SR-Users] STIR/SHAKEN, is a number format mandatory?

Take a look at ATIS-1000082: https://access.atis.org/apps/group_public/download.php/45032/ATIS-1000082.pd... https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Faccess.atis.org%2Fapps%2Fgroup_public%2Fdownload.php%2F45032%2FATIS-1000082.pdf&data=04%7C01%7Cbkaufman%40nexvortex.com%7C701db8cbb12a4668941a08d99f452320%7Cafc1818e7b6848568913201b9396c4fc%7C1%7C0%7C637715941579694899%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=GNZDRAd2QeKpFZviYAiE%2Fc%2FOdYxH9FXq4GDjiRwiJBM%3D&reserved=0

6.2 Datatype:origTelephoneNumber

Field

Type

Required?

Description

tn

String Allowed Characters : [0-9],*,#,+, and visual separators defined in RFC 3966: “.”, “-“, “(“, “)”.

Y

Telephone Number of Originating identity.

Server will remove all non-numeric characters if received except star (*) and pound (#) characters.

Ex.: (+1) 235-555-121212355551212

Do you really trust a 3rd party server to do your job? The attestation is done with the bare digits as in the example above: 12355551212 clear from all decorators including the preceding ‘+’.

If you look at any identity header with an attestation, the numbers are always as above, without decorators.

If you go to 8.1.3.2 Request Sample within the same document, all the JSON samples contain no decorators.

What you’re quoting from ATIS-1000074 are SIP headers. The current version is https://access.atis.org/apps/group_public/download.php/45032/ATIS-1000082.pd... https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Faccess.atis.org%2Fapps%2Fgroup_public%2Fdownload.php%2F45032%2FATIS-1000082.pdf&data=04%7C01%7Cbkaufman%40nexvortex.com%7C701db8cbb12a4668941a08d99f452320%7Cafc1818e7b6848568913201b9396c4fc%7C1%7C0%7C637715941579694899%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=GNZDRAd2QeKpFZviYAiE%2Fc%2FOdYxH9FXq4GDjiRwiJBM%3D&reserved=0 It explains the overall protocol. The implementation details are in ATIS-1000082

Regards

On Nov 3, 2021, at 10:48 PM, Ben Kaufman bkaufman@nexvortex.com wrote:

I don’t think so, because the examples in ATIS-1000074-E specifically show To: and From: headers with a leading plus:

To: sip:+12155551213@tel.example1.net From: "Alice"sip:+12155551212@tel.example2.net;tag=614bdb40

I think the necessity is only to logically match the values there.

*Ben Kaufman*

*From:* sr-users sr-users-bounces@lists.kamailio.org *On Behalf Of *David Villasmil *Sent:* Wednesday, November 3, 2021 6:43 PM *To:* Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org *Subject:* Re: [SR-Users] STIR/SHAKEN, is a number format mandatory?

then it effectively mean you MUST remove it from the headers, since the TNs in the payload must match the TNs in the headers for the identity to be valid.

Regards,

David Villasmil email: david.villasmil.work@gmail.com phone: +34669448337

On Wed, Nov 3, 2021 at 11:12 PM Ben Kaufman bkaufman@nexvortex.com wrote:

According to ATIS-1000074-E

“ the term "valid telephone number" refers to a telephone number that is a nationally specific service number (e.g., 611, 911), or a telephone number that can be converted into a globally routable E.164 number, as specified in section 8.3 of [RFC 8224].”

From the RFC (https://datatracker.ietf.org/doc/html/rfc8224#section-8.3 https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fhtml%2Frfc8224%23section-8.3&data=04%7C01%7Cbkaufman%40nexvortex.com%7C701db8cbb12a4668941a08d99f452320%7Cafc1818e7b6848568913201b9396c4fc%7C1%7C0%7C637715941579704848%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=2PBBKKVT%2BsPMlBts9dQuyjS9XNO%2FLqyhPmvDovVwVaI%3D&reserved=0 )

Implementations MUST drop any "+"s, internal dashes, parentheses,

or other non-numeric characters, except for the "#" or "*" keys

used in some special service numbers (typically, these will appear

only in the To header field value). This MUST result in an ASCII

string limited to "#", "*", and digits without whitespace or

visual separators.

In looking at the examples in ATIS-1000074-E, this doesn’t mean that the + should be removed from the other SIP headers (To:, From:, etc), but apparently it shouldn’t be in the jwt of the Identity header.

*Ben Kaufman*

*From:* sr-users sr-users-bounces@lists.kamailio.org *On Behalf Of *David Villasmil *Sent:* Wednesday, November 3, 2021 5:32 PM *To:* Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org *Subject:* [SR-Users] STIR/SHAKEN, is a number format mandatory?

Hello guys,

I'm getting failed by my provider because I'm sending to them with +1 both on the headers and on the payload. My understanding is there is no mandatory format, or is there?

Regards,

David Villasmil email: david.villasmil.work@gmail.com phone: +34669448337 __________________________________________________________ Kamailio - Users Mailing List - Non Commercial Discussions

• sr-users@lists.kamailio.org

Important: keep the mailing list in the recipients, do not reply only to the sender! Edit mailing list options or unsubscribe:

• https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.kamailio.org%2Fcgi-bin%2Fmailman%2Flistinfo%2Fsr-users&data=04%7C01%7Cbkaufman%40nexvortex.com%7C701db8cbb12a4668941a08d99f452320%7Cafc1818e7b6848568913201b9396c4fc%7C1%7C0%7C637715941579704848%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=UHsICX%2Fp0rFh8havXV%2FXVSFPLDckS20bzmTWAkhIing%3D&reserved=0

---

Kamailio - Users Mailing List - Non Commercial Discussions

• sr-users@lists.kamailio.org

Important: keep the mailing list in the recipients, do not reply only to the sender! Edit mailing list options or unsubscribe:

• https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.kamailio.org%2Fcgi-bin%2Fmailman%2Flistinfo%2Fsr-users&data=04%7C01%7Cbkaufman%40nexvortex.com%7C701db8cbb12a4668941a08d99f452320%7Cafc1818e7b6848568913201b9396c4fc%7C1%7C0%7C637715941579714803%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=P%2FH3FCnhwujBsAXZVzsndjNNDvTgjskgyxxKjoOmmoM%3D&reserved=0

---

Kamailio - Users Mailing List - Non Commercial Discussions

• sr-users@lists.kamailio.org

Important: keep the mailing list in the recipients, do not reply only to the sender! Edit mailing list options or unsubscribe:

• https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users