Resources

FAQ: SHAKEN

• STI-GA Policy Change Request Form
• STI SPC Token Complaint Submission Form
• STI-GA Policy Decisions Binder
• STI-GA Operating Procedures
• STI-GA Go-Live Report
• 2020 Year-End Report
• STI Participant Agreement
• STI-TC Best Practices

• ATIS Standard on Signature- based Handling of Asserted information using toKENs – ATIS 1000074. V002
• ATIS Standard on Signature-based Handling of Asserted information using toKENs (SHAKEN): Governance Model and Certificate Management – ATIS-1000080.v004
• ATIS Technical Report on Full Attestation Alternatives for Enterprises and Business Entities with Multi- Homing and Other Arrangements – ATIS 1000089.v002
• Signature- Based Handling of Asserted Information Using Tokens (SHAKEN): SHAKEN Support of “div” PASSporT – ATIS-1000085.v002
• Signature- based Handling of Asserted information using toKENs (SHAKEN): Delegate Certificates – ATIS-1000092
• ATIS Standard on Toll- Free Numbers in the SHAKEN Framework – ATIS-1000093
• Signature- based Handling of Asserted information using toKENs (SHAKEN): Calling Name and Rich Call Data Handling Procedures – ATIS-1000094
• ATIS Standard on Extending STIR/SHAKEN over TDM – ATIS-1000095
• ATIS Standard on Signature- based Handling of Asserted information using toKENs (SHAKEN): Out- of- Band PASSporT Transmission Involving TDM Networks – ATIS-1000096
• ATIS Technical Report on Alternatives for Call Authentication for Non- IP Traffic – ATIS-1000097
• ATIS Technical Report on a Framework for Display of Verified Caller ID – ATIS-1000081
• ATIS Technical Report on SHAKEN APIs for a Centralized Signing and Signature Validation Server – ATIS-1000082
• ATIS Technical Report on a Framework for SHAKEN Attestation and Origination Identifier – ATIS-1000088
• ATIS Technical Report on Full Attestation Alternatives for Enterprises and Business Entities with Multi-Homing and Other Arrangements – ATIS-1000089

 

Specifications

• RFC 5280: Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile
• RFC 8224: Authenticated Identity Management in the Session Initiation Protocol (SIP)
• RFC 8225: PASSporT: Personal Assertion Token
• RFC 8226: Secure Telephone Identity Credentials: Certificates
• RFC 8555: Automatic Management Certificate Environment (ACME)
• RFC 8443: Personal Assertion Token (PASSporT) Extension for Resource Priority Authorization
• RFC 8588: Personal Assertion Token (PASSporT) Extension for Signature-based Handling of Asserted information using toKENs (SHAKEN)
• RFC 8816: Secure Telephone Identity Revisited (STIR) Out-of-Band Architecture and Use Cases
• RFC 8946: Personal Assertion Token (PASSporT) Extension for Diverted Calls
• RFC 9027: Assertion Values for Resource Priority Header and SIP Priority Header Claims in Support of Emergency Services Networks
• RFC 9060: Secure Telephone Identity Revisited (STIR) Certificate Delegation

Internet Drafts*

• draft-ietf-stir-passport-rcd-14: PASSporT Extension for Rich Call Data
• draft-ietf-acme-authority-token-04: ACME Challenges Using an Authority Token
• draft-ietf-acme-authority-token-tnauthlist-08: TNAuthList profile of ACME Authority Token
• draft-ietf-stir-oob-06: STIR Out-of-Band Architecture and Use Cases

*In the IETF internet Standards Process, Internet-Drafts have no formal status, and are subject to change or removal at any time.

• NANC CATA WG Report on Selection of Governance Authority and Timely Deployment of SHAKEN/STIR
• Industry Robocall Strike Force Report
• NANC CATA WG Best Practices for the Implementation of Call Authentication Frameworks
• NANC CATA WG Report on Small VSP Implementation of STIR/SHAKEN

Federal Legislation

• Pallone-Thune Telephone Robocall Abuse Criminal Enforcement and Deterrence Act

Federal Communications Commission

• Docket 20-67 – Implementation of TRACED Act

• Docket 17-97 – Call Authentication Trust Anchor
  • September 2020, Second Report & Order – FCC clarifies STIR/SHAKEN Mandate, Extensions and Exemptions
  • August 2021, Third Report & Order – Creates FCC Appeals Process for STI-GA Revocations

• Docket 17-59 – Advanced Methods to Target and Eliminate Unlawful Robocalls
  • November 2017, Report & Order – FCC Adopts Rules to Allow Phone Companies to Proactively Block Illegal Robocalls
  • December 2018, Second Report & Order – FCC Orders Reassigned Numbers Database.
  • June 2019 Declaratory Ruling – FCC Issues Order Allowing Call Blocking
  • March 2020, Report & Order – FCC Mandates Implementation of STIR/SHAKEN
  • July 2020, Third Report & Order – FCC Creates Call Blocking Safe Harbor
  • December 2020, Fourth Report & Order –  Expanded Call Blocking Safe Harbor and Other Blocking Requirements

• Chairman Pai Demands Industry Adopt Protocols to End Illegal Spoofing

• FCC Report: Call Blocking Tools Now Substantially Available to Consumers
• FCC Report to Congress: Caller ID Authentication Implementation Progress

• Wireline Competition Bureau: Caller ID Authentication Best Practices

Federal Trade Commission

• FTC Robocalling Page

Government Accountability Office

• FAKE CALLER ID SCHEMES: Information on Federal Agencies’ Efforts to Enforce Laws, Educate the Public, and Support Technical Initiatives

State Attorneys General

• State AG Letter on TRACED Act and Robocallling
• State AG/Industry Anti-Robocall Principles

State Legislation

• California SB-208 Consumer Call Protection Act of 2019

International

• CRTC – Status of implementation by telecommunications service providers of authentication/verification measures for caller identification
• CRTC Establishment of the Canadian Secure Token Governance Authority

*This list of STIR/SHAKEN related legislative and regulatory content is not intended to be exhaustive.