Difference between revisions of "STIR/SHAKEN"

From IPitomy Wiki
Jump to navigation Jump to search
 
(One intermediate revision by the same user not shown)
Line 1: Line 1:
Disclaimer: The information provided on this website does not, and is not intended to, constitute legal advice; instead, all information, content, and materials available on this site are for general informational purposes only. Information on this website may not constitute the most up-to-date legal or other information.  This website contains links to other third-party websites.  Such links are only for the convenience of the reader, user or browser; the ABA and its members do not recommend or endorse the contents of the third-party sites.
+
== Please visit The Federal Communications Commission's [https://www.fcc.gov/call-authentication STIR/SHAKEN] website for additional information, documents and resources==
  
Readers of this website should contact their attorney to obtain advice with respect to any particular legal matter.  No reader, user, or browser of this site should act or refrain from acting on the basis of information on this site without first seeking legal advice from counsel in the relevant jurisdiction.  Only your individual attorney can provide assurances that the information contained herein – and your interpretation of it – is applicable or appropriate to your particular situation.  Use of, and access to, this website or any of the links or resources contained within the site do not create an attorney-client relationship between the reader, user, or browser and website authors, contributors, contributing law firms, or committee members and their respective employers.
+
== '''Intro''' ==
  
The views expressed at, or through, this site are those of the individual authors writing in their individual capacities only – not those of their respective employers, the ABA, or committee/task force as a whole.  All liability with respect to actions taken or not taken based on the contents of this site are hereby expressly disclaimed.  The content on this posting is provided "as is;" no representations are made that the content is error-free.
+
==== Background ====
 +
STIR/SHAKEN, or SHAKEN/STIR, is a suite of protocols and procedures intended to combat caller ID spoofing on public telephone networks. Caller ID spoofing is used by robocallers to mask their identity or to make it appear the call is from a legitimate source, often a nearby phone number with the same area code and exchange, or from well-known agencies like the Internal Revenue Service or Ontario Provincial Police. This sort of spoofing is common for calls originating from voice-over-IP (VoIP) systems, which can be located anywhere in the world.
  
Please visit The Federal Communications Commission's [https://www.fcc.gov/call-authentication STIR/SHAKEN] website for additional information, documents and resources
+
STIR, short for Secure Telephony Identity Revisited, has been defined as a series of RFC standards documents by a Working Group of the Internet Engineering Task Force. It works by adding a digital certificate to the Session Initiation Protocol information used to initiate and route calls in VoIP systems. The first public connection on the system, typically the VoIP service provider, examines the caller ID and compares it to a known list of IDs they provide to that customer. The provider then attaches an encrypted certificate to the SIP header with the service provider's identity and a trust value. VoIP software on the receiving end can check the authenticity of the message by decrypting STIR using the provider's public key.
 +
 
 +
The FCC is requiring use and compliance of these protocols by June 30, 2021.

Latest revision as of 18:17, 10 June 2021

Please visit The Federal Communications Commission's STIR/SHAKEN website for additional information, documents and resources

Intro

Background

STIR/SHAKEN, or SHAKEN/STIR, is a suite of protocols and procedures intended to combat caller ID spoofing on public telephone networks. Caller ID spoofing is used by robocallers to mask their identity or to make it appear the call is from a legitimate source, often a nearby phone number with the same area code and exchange, or from well-known agencies like the Internal Revenue Service or Ontario Provincial Police. This sort of spoofing is common for calls originating from voice-over-IP (VoIP) systems, which can be located anywhere in the world.

STIR, short for Secure Telephony Identity Revisited, has been defined as a series of RFC standards documents by a Working Group of the Internet Engineering Task Force. It works by adding a digital certificate to the Session Initiation Protocol information used to initiate and route calls in VoIP systems. The first public connection on the system, typically the VoIP service provider, examines the caller ID and compares it to a known list of IDs they provide to that customer. The provider then attaches an encrypted certificate to the SIP header with the service provider's identity and a trust value. VoIP software on the receiving end can check the authenticity of the message by decrypting STIR using the provider's public key.

The FCC is requiring use and compliance of these protocols by June 30, 2021.