[asterisk-bugs] [JIRA] (ASTERISK-30407) res_stir_shaken: Ordering of JSON fields incorrect, and tn lacks canonicalization
Sean Bright (JIRA)
noreply at issues.asterisk.org
Fri Jan 27 12:27:03 CST 2023
[ https://issues.asterisk.org/jira/browse/ASTERISK-30407?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Sean Bright updated ASTERISK-30407:
-----------------------------------
Description:
So a number of carriers have starting complaining about how we're signing STIR/SHAKEN stuff, and it turns out the stir_shaken module is indeed not doing it according to the RFC.
They're complaining about 2 issues:
1. The order of the fields is incorrect
2. The '+' sign in the phone numbers needs to be removed (they're calling it "canonicalization")
Here's an example output from stir_shaken.conf:
{noformat}
{
"dest": {
"tn": [
"+1NPANXXXXXX"
]
},
"orig": {
"tn": "1NPANXXXXXX"
},
"attest": "A",
"origid": "e391c481-510b-46ff-a7d0-4c8fcff2436b",
"iat": 167458XXXX
}
{noformat}
The field order is definitely non-compliant with the RFC, and I do see the + sign they're referring to, in the dest.tn field.
Reference: https://www.rfc-editor.org/rfc/rfc8225.html#section-9
was:
So a number of carriers have starting complaining about how we're signing STIR/SHAKEN stuff, and it turns out the stir_shaken module is indeed not doing it according to the RFC.
They're complaining about 2 issues:
1. The order of the fields is incorrect
2. The '+' sign in the phone numbers needs to be removed (they're calling it "canonicalization")
Here's an example output from stir_shaken.conf:
{
"dest": {
"tn": [
"+1NPANXXXXXX"
]
},
"orig": {
"tn": "1NPANXXXXXX"
},
"attest": "A",
"origid": "e391c481-510b-46ff-a7d0-4c8fcff2436b",
"iat": 167458XXXX
}
The field order is definitely noncompliant with the RFC, and I do see the + sign they're referring to, in the dest.tn field.
Reference: https://www.rfc-editor.org/rfc/rfc8225.html#section-9
> res_stir_shaken: Ordering of JSON fields incorrect, and tn lacks canonicalization
> ---------------------------------------------------------------------------------
>
> Key: ASTERISK-30407
> URL: https://issues.asterisk.org/jira/browse/ASTERISK-30407
> Project: Asterisk
> Issue Type: Bug
> Security Level: None
> Components: Resources/res_stir_shaken
> Affects Versions: 16.30.0
> Reporter: Luke Escude
>
> So a number of carriers have starting complaining about how we're signing STIR/SHAKEN stuff, and it turns out the stir_shaken module is indeed not doing it according to the RFC.
> They're complaining about 2 issues:
> 1. The order of the fields is incorrect
> 2. The '+' sign in the phone numbers needs to be removed (they're calling it "canonicalization")
> Here's an example output from stir_shaken.conf:
> {noformat}
> {
> "dest": {
> "tn": [
> "+1NPANXXXXXX"
> ]
> },
> "orig": {
> "tn": "1NPANXXXXXX"
> },
> "attest": "A",
> "origid": "e391c481-510b-46ff-a7d0-4c8fcff2436b",
> "iat": 167458XXXX
> }
> {noformat}
> The field order is definitely non-compliant with the RFC, and I do see the + sign they're referring to, in the dest.tn field.
> Reference: https://www.rfc-editor.org/rfc/rfc8225.html#section-9
--
This message was sent by Atlassian JIRA
(v6.2#6252)
More information about the asterisk-bugs
mailing list