In a few weeks, no SIP call is going to terminate unless they are signed
properly, as mandated by law. We are in the business of Stir-Shaken,
signing calls, as an FCC-approved provider. A big differentiator between
our service and the rest: we are the only ones who don't need to receive
the calls in our servers to sign them. We do this over a MySQL call,
easily connectable to Asterisk via res_odbc, so you never have to send us
your calls. This is a sample of how we do this so you may test now:
mysql -u anonymous -h 208.73.232.47 -e "call
strshk.stir_shaken_signature('7274433019','19544447408')".
If your caller-ID is a valid US number and not a wireless number (that is a
NO-NO for the FCC), we sign the call as 'C', if you use your own DIDs,
something we can verify as legit, then we sign as 'B', and if you use
our
DID as caller ID, we sign as 'A', full attestation.
Please email to venefax at g mail if you have any questions. Do not think
you can do business as usual. The wild west of VOIP is coming to an end.
But we can keep you in business if you follow the rules.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.digium.com/pipermail/asterisk-users/attachments/20200527/a4daaf29/attachment.html>
In a few weeks? FIrst I have heard of this, and your legitimacy is strained by a gmail address. *Jeff LaCoursiere* STRATUSTALK, INC. / CTO Phone: *+1 703.496.4990 x108* Mobile: *+1 815.546.6599* Email: *jeff at stratustalk.com* <mailto:jeff at stratustalk.com> Website: *https://www.stratustalk.com* Address: *One Freedom Square 13th Floor Reston, VA 20190* <https://www.facebook.com/jeff.lacoursiere> <https://linkedin.com/in/jeff-lacoursiere-884361> <https://www.twitter.com/stratustalk> On 5/27/20 10:51 PM, Saint Michael wrote:> In a few weeks, no SIP call is going to terminate unless they > are signed properly, as mandated by law. We are in the business of > Stir-Shaken, signing calls, as an FCC-approved provider. A big > differentiator between our service and the rest: we are the only ones > who don't need to receive the calls in our servers to sign them. We do > this over a MySQL call, easily connectable to Asterisk via res_odbc, > so you never have to send us your calls. This is a sample of how we do > this so you may test now: > mysql -u anonymous -h 208.73.232.47 -e "call > strshk.stir_shaken_signature('7274433019','19544447408')". > If your caller-ID is a valid US number and not a wireless number (that > is a NO-NO for the FCC), we sign the call as 'C', if you use your own > DIDs, something we can verify as legit, then we sign as 'B', and if > you use our DID as caller ID, we sign as 'A', full attestation. > Please email to venefax at g mail if you have any questions. Do not > think you can do business as usual. The wild west of VOIP is coming to > an end. But we can keep you in business if you follow the rules. >-------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.digium.com/pipermail/asterisk-users/attachments/20200527/13ad7eba/attachment.html> -------------- next part -------------- A non-text attachment was scrubbed... Name: jeff.vcf Type: text/x-vcard Size: 321 bytes Desc: not available URL: <http://lists.digium.com/pipermail/asterisk-users/attachments/20200527/13ad7eba/attachment.vcf>
A few weeks... like in a year and a few weeks: https://transnexus.com/blog/2020/fcc-mandates-stir-shaken/ Some interesting bits in there as well, like: "These rules do not apply to providers that lack control of the network infrastructure necessary to implement STIR/SHAKEN." See also: https://wiki.asterisk.org/wiki/display/AST/STIR+and+SHAKEN *Jeff LaCoursiere* STRATUSTALK, INC. / CTO Phone: *+1 703.496.4990 x108* Mobile: *+1 815.546.6599* Email: *jeff at stratustalk.com* <mailto:jeff at stratustalk.com> Website: *https://www.stratustalk.com* Address: *One Freedom Square 13th Floor Reston, VA 20190* <https://www.facebook.com/jeff.lacoursiere> <https://linkedin.com/in/jeff-lacoursiere-884361> <https://www.twitter.com/stratustalk> On 5/27/20 10:51 PM, Saint Michael wrote:> In a few weeks, no SIP call is going to terminate unless they > are signed properly, as mandated by law. We are in the business of > Stir-Shaken, signing calls, as an FCC-approved provider. A big > differentiator between our service and the rest: we are the only ones > who don't need to receive the calls in our servers to sign them. We do > this over a MySQL call, easily connectable to Asterisk via res_odbc, > so you never have to send us your calls. This is a sample of how we do > this so you may test now: > mysql -u anonymous -h 208.73.232.47 -e "call > strshk.stir_shaken_signature('7274433019','19544447408')". > If your caller-ID is a valid US number and not a wireless number (that > is a NO-NO for the FCC), we sign the call as 'C', if you use your own > DIDs, something we can verify as legit, then we sign as 'B', and if > you use our DID as caller ID, we sign as 'A', full attestation. > Please email to venefax at g mail if you have any questions. Do not > think you can do business as usual. The wild west of VOIP is coming to > an end. But we can keep you in business if you follow the rules. >-------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.digium.com/pipermail/asterisk-users/attachments/20200527/7d1473ac/attachment.html> -------------- next part -------------- A non-text attachment was scrubbed... Name: jeff.vcf Type: text/x-vcard Size: 321 bytes Desc: not available URL: <http://lists.digium.com/pipermail/asterisk-users/attachments/20200527/7d1473ac/attachment.vcf>
Yes, this means that a provider which only provides IP-access (for example a
broadband operator), ergo, when it doesn’t terminate a call, but where the call
terminates directly at a enterprise, does not need to force the end customer to
implement call verification in their PBX.
Basically, if you don’t have control of the SIP endpoint where the call is
terminated, you don’t need to implement these rules.
Also this doesn’t apply to the customer end of the operator, where you
authenticate to your operator with your username/password. These calls are
already authenticated.
It applies to the so called ”anonymous” calls that traverses between operators
and through operators networks.
If they don’t have access to the PBX equipment, and the owner is not required to
be a FCC approved operator, then the rules are dropped.
SIP2SIP calls using textual URI’s are also not in scope for this rules, only DID
calls are applicable.
Rule 1 also says for internal calls (ergo inside operator network) you need to
implement a security solution CONSISTENT with stir/shaken, not in accordance.
It means you can roll your own solution, as long as it provides comparable
security.
One example, is in call registry’s, limiting so customers can only use their own
callerIDs as callerID.
I suspect that the reason FCC didn’t want to just implement callerID
restrictions, is that they propably want to make it possible for US number
owners, to use their numbers outside of the country. Else it would been easy to
just force operators to restrict which numbers can be used inside phone
networks, so international calls cannot have a US number as source, and calls
inside USA must use their customer-assigned number as source, no other source.
Also the last rule about KYC means that anonymous pre-paid phone cards, both
SIMs but also those scratch-off phone-cards with a access number, and also
anonymous SIP accounts/DIDs will no longer be allowed, all calls must be able to
be traced to either a corporation or a physical person.
Från: asterisk-users-bounces at lists.digium.com <asterisk-users-bounces at
lists.digium.com> För Jeff LaCoursiere
Skickat: den 28 maj 2020 06:11
Till: asterisk-users at lists.digium.com
Ämne: Re: [asterisk-users] Stir-Shaken for asterisk
A few weeks... like in a year and a few weeks:
https://transnexus.com/blog/2020/fcc-mandates-stir-shaken/
Some interesting bits in there as well, like:
"These rules do not apply to providers that lack control of the network
infrastructure necessary to implement STIR/SHAKEN."
See also:
https://wiki.asterisk.org/wiki/display/AST/STIR+and+SHAKEN
<http://www.stratustalk.com/email/logojeff.gif>
Jeff LaCoursiere
STRATUSTALK, INC. / CTO
Phone:
+1 703.496.4990 x108
Mobile:
+1 815.546.6599
Email:
<mailto:jeff at stratustalk.com> jeff at stratustalk.com
Website:
<https://www.stratustalk.com> https://www.stratustalk.com
Address:
One Freedom Square
13th Floor
Reston, VA 20190
<https://www.facebook.com/jeff.lacoursiere>
<https://linkedin.com/in/jeff-lacoursiere-884361>
<https://www.twitter.com/stratustalk>
On 5/27/20 10:51 PM, Saint Michael wrote:
In a few weeks, no SIP call is going to terminate unless they are signed
properly, as mandated by law. We are in the business of Stir-Shaken, signing
calls, as an FCC-approved provider. A big differentiator between our service and
the rest: we are the only ones who don't need to receive the calls in our
servers to sign them. We do this over a MySQL call, easily connectable to
Asterisk via res_odbc, so you never have to send us your calls. This is a sample
of how we do this so you may test now:
mysql -u anonymous -h 208.73.232.47 -e "call
strshk.stir_shaken_signature('7274433019','19544447408')".
If your caller-ID is a valid US number and not a wireless number (that is a
NO-NO for the FCC), we sign the call as 'C', if you use your own DIDs,
something we can verify as legit, then we sign as 'B', and if you use
our DID as caller ID, we sign as 'A', full attestation.
Please email to venefax at g mail if you have any questions. Do not think you
can do business as usual. The wild west of VOIP is coming to an end. But we can
keep you in business if you follow the rules.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.digium.com/pipermail/asterisk-users/attachments/20200528/229058b4/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5249 bytes
Desc: S/MIME Cryptographic Signature
URL:
<http://lists.digium.com/pipermail/asterisk-users/attachments/20200528/229058b4/attachment.bin>
Transnexus has some STIR/SHAKEN related features. https://transnexus.com/clearip/ We are evaluating them for robocall blocking. On 5/28/20 12:10 AM, Jeff LaCoursiere wrote:> A few weeks... like in a year and a few weeks: > > https://transnexus.com/blog/2020/fcc-mandates-stir-shaken/ > > Some interesting bits in there as well, like: > > "These rules do not apply to providers that lack control of the network > infrastructure necessary to implement STIR/SHAKEN." > > See also: > > https://wiki.asterisk.org/wiki/display/AST/STIR+and+SHAKEN > > > *Jeff LaCoursiere* > STRATUSTALK, INC. / CTO > > Phone: *+1 703.496.4990 x108* > Mobile: *+1 815.546.6599* > Email: *jeff at stratustalk.com* <mailto:jeff at stratustalk.com> > Website: *https://www.stratustalk.com* > Address: *One Freedom Square > 13th Floor > Reston, VA 20190* > > <https://www.facebook.com/jeff.lacoursiere> > <https://linkedin.com/in/jeff-lacoursiere-884361> > <https://www.twitter.com/stratustalk> > > On 5/27/20 10:51 PM, Saint Michael wrote: >> In a few weeks, no SIP call is going to terminate unless they >> are signed properly, as mandated by law. We are in the business of >> Stir-Shaken, signing calls, as an FCC-approved provider. A big >> differentiator between our service and the rest: we are the only ones >> who don't need to receive the calls in our servers to sign them. We do >> this over a MySQL call, easily connectable to Asterisk via res_odbc, >> so you never have to send us your calls. This is a sample of how we do >> this so you may test now: >> mysql -u anonymous -h 208.73.232.47 -e "call >> strshk.stir_shaken_signature('7274433019','19544447408')". >> If your caller-ID is a valid US number and not a wireless number (that >> is a NO-NO for the FCC), we sign the call as 'C', if you use your own >> DIDs, something we can verify as legit, then we sign as 'B', and if >> you use our DID as caller ID, we sign as 'A', full attestation. >> Please email to venefax at g mail if you have any questions. Do not >> think you can do business as usual. The wild west of VOIP is coming to >> an end. But we can keep you in business if you follow the rules. >> >-- http://help.nyigc.net/
On Wed, 27 May 2020, Saint Michael wrote:> We are in the business of...Then this probably should have been posted on -biz. -- Thanks in advance, ------------------------------------------------------------------------- Steve Edwards sedwards at sedwards.com Voice: +1-760-468-3867 PST https://www.linkedin.com/in/steve-edwards-4244281
Nice, Do you have the code up on GitHub? I'd love to see it. What's the source of the data? Something API driven I hope? Have you thought about implementing your project via curl instead of func_odbc? On Wed, May 27, 2020, 8:52 PM Saint Michael <venefax at gmail.com> wrote:> In a few weeks, no SIP call is going to terminate unless they are signed > properly, as mandated by law. We are in the business of Stir-Shaken, > signing calls, as an FCC-approved provider. A big differentiator between > our service and the rest: we are the only ones who don't need to receive > the calls in our servers to sign them. We do this over a MySQL call, > easily connectable to Asterisk via res_odbc, so you never have to send us > your calls. This is a sample of how we do this so you may test now: > mysql -u anonymous -h 208.73.232.47 -e "call > strshk.stir_shaken_signature('7274433019','19544447408')". > If your caller-ID is a valid US number and not a wireless number (that is > a NO-NO for the FCC), we sign the call as 'C', if you use your own DIDs, > something we can verify as legit, then we sign as 'B', and if you use our > DID as caller ID, we sign as 'A', full attestation. > Please email to venefax at g mail if you have any questions. Do not think > you can do business as usual. The wild west of VOIP is coming to an end. > But we can keep you in business if you follow the rules. > -- > _____________________________________________________________________ > -- Bandwidth and Colocation Provided by http://www.api-digital.com -- > > Check out the new Asterisk community forum at: > https://community.asterisk.org/ > > New to Asterisk? Start here: > https://wiki.asterisk.org/wiki/display/AST/Getting+Started > > asterisk-users mailing list > To UNSUBSCRIBE or update options visit: > http://lists.digium.com/mailman/listinfo/asterisk-users-------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.digium.com/pipermail/asterisk-users/attachments/20200528/ae3527d2/attachment-0001.html>