80 likes | 95 Views
This document discusses verstat in various SIP methods and proposes syntax for verstat usage. It also covers legitimate privacy concerns and the use of verstat for anonymous CLIP/CLIR.
E N D
Verstat Related Best Practices Mark Desterdick Verizon IP-NNI Task Force May 2, 2018
Topics • Format • P-Asserted-ID for SIP and tel URIs • Various SIP methods • Granularity • Terminating Attestation Level Identification to terminating UA or CVT • Legitimate Privacy • CLIP/CLIR
P-Asserted-ID: SIP URI Format in P-Asserted_Identity (PAI) using a SIP URI - placement of verstat before the @ sign sip:+358-555-1234567;postd=pp22;verstat=TN-Validation-Passed@foo.com;user=phone This is derived from the syntax for verstat in the P-asserted-id in Tel-URI format as defined in 3GPP TS24.229 section 7.2A.20. Reasoning: tel:+358-555-1234567;postd=pp22;verstat=TN-Validation-Passed • verstat is a TEL URI parameter • Parameters are associated with a TEL URI per the syntax specified in RFC-3966 • Parameters are associated with a SIP or SIPS URI per the syntax specified in RFC-3261 • TEL URIs are mapped to SIP URIs as specified in RFC-3261
Verstat in Various SIP Methods Proposed verstat syntax in various SIP methods INVITE P-Asserted-Identity OR From: tel:+15617500080;verstat=TN-Validation-Passed P-Asserted-Identity OR From: sip:+15617500080;verstat=TN-Validation-Passed@foo.com;user=phone SUBSCRIBE Message Body Calling-party: tel:+15617500080;verstat=TN-Validation-Passed Calling-party: sip:+15617500080;verstat=TN-Validation-Passed@foo.com;user=phone NOTIFY Message Body Calling-Name: "BUSINESS005" tel:+15617500080;verstat=TN-Validation-Passed OR Calling-party: "BUSINESS005" sip:+15617500080;verstat=TN-Validation-Passed@foo.com; user=phone MESSAGE P-Asserted-Identity OR From: tel:+15617500080;verstat=TN-Validation-Passed P-Asserted-Identity OR From: sip:+15617500080;verstat=TN-Validation-Passed@foo.com;user=phone
Granularity Terminating Attestation Level Identification to terminating UA or CVT Current Values
Granularity Possible Syntax Augmenting current verstat values with a “-A”, “-B” or “-the C” at the end
Verstat for Anonymous CLIP/CLIR verstat should be signaled to the end user even in cases where Privacy is requested • For Caller initiated Privacy, common practice has the originating network/device signaling “Anonymous” in the From header. The P-Asserted-Identity (PAI) would carry the actual Calling Party number. • The originating network would perform SHAKEN Authentication over the PAI, sending the Identity header to the terminating network along with the PAI (with callers TN), From (anonymous) and Privacy headers • The terminating network performs verification (using the TN received in the PAI), and populates verstat into the PAI • Because of the Privacy indication, the terminating network removes the PAI header prior to sending the call to the UE: Example FROM: sip:anonymous;verstat=TN-Validation-Passed@anonymous.invalid
Next Steps • Agree on Best Practices with limited focused scopes • Priority and timeline for Best Practices