[SR-Users] About STIR/SHAKEN - Caller Identity
miconda at gmail.com
Fri Aug 23 16:11:01 CEST 2019
thanks for giving further details. Just wanted to give the basic details
about these topics and Kamailio ... a C module can be contributed if
someone wants to do it, but other alternatives are already possible ...
On 23.08.19 07:50, Yuriy Gorlichenko wrote:
> Hello, Daniel.
> You disscussed it with Oleg Belousov at Kamailio World 2019. ( I added
> him in cc as he Just subscribed on list and did not saw this thread)
> I was a part of his team Who realized this.
> Yes, we've implemented STIR/SHAKEN platform for mobile operator, using
> Lua, which interrogates with php-fpm scripts via http/json queries.
> Apart from signing SIP requests and validation of identity headers we
> had to deploy additional business requirements,
> including integration with CVT (Call Validation Treatment) entity,
> special handling of certain SIP headers, blacklisting, etc. Above
> approach gave us bit more flexibility.
> We can deploy C module, if required, can share our expertize as well.
> On Fri, 16 Aug 2019, 16:38 Daniel-Constantin Mierla,
> <miconda at gmail.com <mailto:miconda at gmail.com>> wrote:
> at couple of events I participated during the past few months, I was
> asked about support of STIR/SHAKEN (caller identity
> authentication/verification), which is a hot topic these days at least
> in USA, aiming to combat "fraudulent" robo-calling. Therefore I
> of share some details with everyone in the community about the
> state in
> Kamailio, writing to both devs and users, the information being
> for everyone.
> We already have the (related) module named auth_identity, available
> since 2008 (iirc):
> But it implements the previous iteration of the specs for caller
> identity, respectively RFC 4474:
> - https://tools.ietf.org/html/rfc4474
> However, that RFC is obsoleted by 8224 (the latest core specs for
> - https://tools.ietf.org/html/rfc8224
> Then, there are also RFCs 8225 and 8226 to add to the core specs.
> Should anyone be interested to implement STIR/SHAKEN specs in a
> I would suggest to start from auth_identity -- might not be much
> work to
> update it to become conform with latest specs (a new module can be
> created, of course, even when starting from auth_identity).
> However, these specs are about signing the SIP request (the
> INVITE) with
> special PKI certificate. It can be done easily with embedded scripts
> such as Lua or Python (inline execution in native kamailio.cfg or
> kemi scripts). At Kamailio World 2019, one of the participants I
> discussed with told me they already implemented using Lua.
> That's it for a starting point, if anyone wants to discuss more, just
> reply to sr-users and add your comments or ask the questions.
> If someone wants to go ahead and work on a C module, announce yourself
> to avoid duplicate work of others, and use sr-dev if you need
> on module development.
> Daniel-Constantin Mierla -- www.asipto.com <http://www.asipto.com>
> www.twitter.com/miconda <http://www.twitter.com/miconda> --
> www.linkedin.com/in/miconda <http://www.linkedin.com/in/miconda>
> Kamailio (SER) - Users Mailing List
> sr-users at lists.kamailio.org <mailto:sr-users at lists.kamailio.org>
Daniel-Constantin Mierla -- www.asipto.com
www.twitter.com/miconda -- www.linkedin.com/in/miconda
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the sr-users