[asterisk-users] Get a SHAKEN Identity Token (Alexander Perkins)
jeff at stratustalk.com
Mon Jan 25 11:01:46 CST 2021
Thanks Joshua, that was warranted IMO. I have to admit I am curious
about his solution, though, and maybe we can turn this into a discussion
about how we are handling STIR/SHAKEN collectively.
Our biggest issue is the fact that we use (our own) LCR to choose
outbound routes for calls in real-time. An outbound call could end up
on any of several upstream providers, not necessarily the one that
"owns" the DID that is making the outbound call. Because of this we
cannot rely on our upstreams to be the originating carriers - they won't
be able to sign for calls from DID numbers they have no record of. We
aren't alone in this, and Bandwidth.com is making noise about this issue
and the "forward" problem, where we bounce a call to another number, and
the original token info is lost. I'm pretty sure this lands us in the
"need to be an originating provider and generate crypt tokens". I'm
only just beginning diving into what that entails.
So how does this guy get around it? It sounds to me like he is offering
to sign calls for whoever, which IMO totally defeats the purpose. So if
I am some spammer and find my calls are rejected, I can just get him to
sign them for me? If I were him I would get a bunch of lawyers ready
for when he becomes responsible for what they end up doing. Isn't that
the whole idea?
On 1/25/21 7:44 AM, Joshua C. Colp wrote:
> On Sun, Jan 24, 2021 at 6:50 PM Steve Edwards
> <asterisk.org at sedwards.com <mailto:asterisk.org at sedwards.com>> wrote:
> On Sun, 24 Jan 2021, Saint Michael wrote:
> > Please look at this
> > https://issues.asterisk.org/jira/browse/ASTERISK-28924
> > I have a solution that works for any version of Asterisk, if
> interested contact me at venefax at the Google mail service.
> "I have a commercial solution that works for any version of
> Asterisk, if
> interested contact me at venefax at the Google mail service."
> Fixed. If you're going to post a commercial solution on a
> forum, at least be up front about it.
> Greetings all,
> Just so everyone is aware I previously gave a final warning on
> commercial solicitation on the asterisk-users mailing list to this
> individual. As they've continued to do so I've removed them from
> the mailing list. You are free to communicate with them directly.
> Joshua C. Colp
> Asterisk Technical Lead
> Sangoma Technologies
> Check us out at www.sangoma.com <http://www.sangoma.com/> and
> www.asterisk.org <http://www.asterisk.org/>
703 496 4990 x108
815 546 6599 cell
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the asterisk-users