On Nov 3, 2021, at 7:42 PM, David Villasmil <david.villasmil.work(a)gmail.com> wrote: then it effectively mean you MUST remove it from the headers, since the TNs in the payload must match the TNs in the headers for the identity to be valid. Regards, David Villasmil email: david.villasmil.work(a)gmail.com phone: +34669448337 On Wed, Nov 3, 2021 at 11:12 PM Ben Kaufman <bkaufman(a)nexvortex.com> wrote: According to ATIS-1000074-E “ the term "valid telephone number" refers to a telephone number that is a nationally specific service number (e.g., 611, 911), or a telephone number that can be converted into a globally routable E.164 number, as specified in section 8.3 of [RFC 8224].” From the RFC (https://datatracker.ietf.org/doc/html/rfc8224#section-8.3) Implementations MUST drop any "+"s, internal dashes, parentheses, or other non-numeric characters, except for the "#" or "*" keys used in some special service numbers (typically, these will appear only in the To header field value). This MUST result in an ASCII string limited to "#", "*", and digits without whitespace or visual separators. In looking at the examples in ATIS-1000074-E, this doesn’t mean that the + should be removed from the other SIP headers (To:, From:, etc), but apparently it shouldn’t be in the jwt of the Identity header. Ben Kaufman From: sr-users <sr-users-bounces(a)lists.kamailio.org> On Behalf Of David Villasmil Sent: Wednesday, November 3, 2021 5:32 PM To: Kamailio (SER) - Users Mailing List <sr-users(a)lists.kamailio.org> Subject: [SR-Users] STIR/SHAKEN, is a number format mandatory? Hello guys, I'm getting failed by my provider because I'm sending to them with +1 both on the headers and on the payload. My understanding is there is no mandatory format, or is there? Regards, David Villasmil email: david.villasmil.work(a)gmail.com phone: +34669448337 __________________________________________________________ Kamailio - Users Mailing List - Non Commercial Discussions * sr-users(a)lists.kamailio.org Important: keep the mailing list in the recipients, do not reply only to the sender! Edit mailing list options or unsubscribe: * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users __________________________________________________________ Kamailio - Users Mailing List - Non Commercial Discussions * sr-users(a)lists.kamailio.org Important: keep the mailing list in the recipients, do not reply only to the sender! Edit mailing list options or unsubscribe: * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

I was responding to David's statement of "it effectively mean you MUST remove it from the headers, since the TNs in the payload must match the TNs in the headers for the identity to be valid." This statement is incorrect, as evidenced by the ATIS docs. The clearest example is in 1000082 8.2.1 which describes the validation process, and how the orig tn and dest tn from the passport are to be compared to the values from the SIP To: and From: headers: Normalize to the canonical form the received in the “verificationRequest” “from” and “to” telephone numbers (remove visual separators and leading “+”) and compare them with ones extracted from the “orig” and “dest” claims of PASSporT payload. ------------------------------ *From:* sr-users &lt;sr-users-bounces(a)lists.kamailio.org&gt; on behalf of Emilio Panighetti &lt;emiliop(a)operalogic.com&gt; *Sent:* Wednesday, November 3, 2021, 10:42 PM *To:* Kamailio (SER) - Users Mailing List *Subject:* Re: [SR-Users] STIR/SHAKEN, is a number format mandatory? Take a look at ATIS-1000082: https://access.atis.org/apps/group_public/download.php/45032/ATIS-1000082.p… <https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Faccess.atis.org%2Fapps%2Fgroup_public%2Fdownload.php%2F45032%2FATIS-1000082.pdf&data=04%7C01%7Cbkaufman%40nexvortex.com%7C701db8cbb12a4668941a08d99f452320%7Cafc1818e7b6848568913201b9396c4fc%7C1%7C0%7C637715941579694899%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=GNZDRAd2QeKpFZviYAiE%2Fc%2FOdYxH9FXq4GDjiRwiJBM%3D&reserved=0> 6.2 Datatype:origTelephoneNumber Field Type Required? Description tn String Allowed Characters : [0-9],*,#,+, and visual separators defined in RFC 3966: “.”, “-“, “(“, “)”. Y Telephone Number of Originating identity. Server will remove all non-numeric characters if received except star (*) and pound (#) characters. Ex.: (+1) 235-555-121212355551212 Do you really trust a 3rd party server to do your job? The attestation is done with the bare digits as in the example above: 12355551212 clear from all decorators including the preceding ‘+’. If you look at any identity header with an attestation, the numbers are always as above, without decorators. If you go to 8.1.3.2 Request Sample within the same document, all the JSON samples contain no decorators. What you’re quoting from ATIS-1000074 are SIP headers. The current version is https://access.atis.org/apps/group_public/download.php/45032/ATIS-1000082.p… <https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Faccess.atis.org%2Fapps%2Fgroup_public%2Fdownload.php%2F45032%2FATIS-1000082.pdf&data=04%7C01%7Cbkaufman%40nexvortex.com%7C701db8cbb12a4668941a08d99f452320%7Cafc1818e7b6848568913201b9396c4fc%7C1%7C0%7C637715941579694899%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=GNZDRAd2QeKpFZviYAiE%2Fc%2FOdYxH9FXq4GDjiRwiJBM%3D&reserved=0> It explains the overall protocol. The implementation details are in ATIS-1000082 Regards On Nov 3, 2021, at 10:48 PM, Ben Kaufman &lt;bkaufman(a)nexvortex.com&gt; wrote: I don’t think so, because the examples in ATIS-1000074-E specifically show To: and From: headers with a leading plus: To: <sip:+12155551213@tel.example1.net> From: "Alice"<sip:+12155551212@tel.example2.net>;tag=614bdb40 I think the necessity is only to logically match the values there. *Ben Kaufman* *From:* sr-users &lt;sr-users-bounces(a)lists.kamailio.org&gt; *On Behalf Of *David Villasmil *Sent:* Wednesday, November 3, 2021 6:43 PM *To:* Kamailio (SER) - Users Mailing List &lt;sr-users(a)lists.kamailio.org&gt; *Subject:* Re: [SR-Users] STIR/SHAKEN, is a number format mandatory? then it effectively mean you MUST remove it from the headers, since the TNs in the payload must match the TNs in the headers for the identity to be valid. Regards, David Villasmil email: david.villasmil.work(a)gmail.com phone: +34669448337 On Wed, Nov 3, 2021 at 11:12 PM Ben Kaufman &lt;bkaufman(a)nexvortex.com&gt; wrote: According to ATIS-1000074-E “ the term "valid telephone number" refers to a telephone number that is a nationally specific service number (e.g., 611, 911), or a telephone number that can be converted into a globally routable E.164 number, as specified in section 8.3 of [RFC 8224].” From the RFC (https://datatracker.ietf.org/doc/html/rfc8224#section-8.3 <https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fhtml%2Frfc8224%23section-8.3&data=04%7C01%7Cbkaufman%40nexvortex.com%7C701db8cbb12a4668941a08d99f452320%7Cafc1818e7b6848568913201b9396c4fc%7C1%7C0%7C637715941579704848%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=2PBBKKVT%2BsPMlBts9dQuyjS9XNO%2FLqyhPmvDovVwVaI%3D&reserved=0> ) Implementations MUST drop any "+"s, internal dashes, parentheses, or other non-numeric characters, except for the "#" or "*" keys used in some special service numbers (typically, these will appear only in the To header field value). This MUST result in an ASCII string limited to "#", "*", and digits without whitespace or visual separators. In looking at the examples in ATIS-1000074-E, this doesn’t mean that the + should be removed from the other SIP headers (To:, From:, etc), but apparently it shouldn’t be in the jwt of the Identity header. *Ben Kaufman* *From:* sr-users &lt;sr-users-bounces(a)lists.kamailio.org&gt; *On Behalf Of *David Villasmil *Sent:* Wednesday, November 3, 2021 5:32 PM *To:* Kamailio (SER) - Users Mailing List &lt;sr-users(a)lists.kamailio.org&gt; *Subject:* [SR-Users] STIR/SHAKEN, is a number format mandatory? Hello guys, I'm getting failed by my provider because I'm sending to them with +1 both on the headers and on the payload. My understanding is there is no mandatory format, or is there? Regards, David Villasmil email: david.villasmil.work(a)gmail.com phone: +34669448337 __________________________________________________________ Kamailio - Users Mailing List - Non Commercial Discussions * sr-users(a)lists.kamailio.org Important: keep the mailing list in the recipients, do not reply only to the sender! Edit mailing list options or unsubscribe: * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users <https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.kamailio.org%2Fcgi-bin%2Fmailman%2Flistinfo%2Fsr-users&data=04%7C01%7Cbkaufman%40nexvortex.com%7C701db8cbb12a4668941a08d99f452320%7Cafc1818e7b6848568913201b9396c4fc%7C1%7C0%7C637715941579704848%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=UHsICX%2Fp0rFh8havXV%2FXVSFPLDckS20bzmTWAkhIing%3D&reserved=0> __________________________________________________________ Kamailio - Users Mailing List - Non Commercial Discussions * sr-users(a)lists.kamailio.org Important: keep the mailing list in the recipients, do not reply only to the sender! Edit mailing list options or unsubscribe: * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users <https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.kamailio.org%2Fcgi-bin%2Fmailman%2Flistinfo%2Fsr-users&data=04%7C01%7Cbkaufman%40nexvortex.com%7C701db8cbb12a4668941a08d99f452320%7Cafc1818e7b6848568913201b9396c4fc%7C1%7C0%7C637715941579714803%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=P%2FH3FCnhwujBsAXZVzsndjNNDvTgjskgyxxKjoOmmoM%3D&reserved=0> __________________________________________________________ Kamailio - Users Mailing List - Non Commercial Discussions * sr-users(a)lists.kamailio.org Important: keep the mailing list in the recipients, do not reply only to the sender! Edit mailing list options or unsubscribe: * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users