Proposed updates to SHAKEN governance standards
There are a few updates under consideration for the SHAKEN governance standard to clarify support for delegate certificates and RespOrg participation. This article reviews the proposed changes.
The current version of the governance standard is described in ATIS-1000080.v004, ATIS Standard on Governance Model and Certificate Management. The standard describes how an originating provider is approved by the STI Policy Adminstrator to receive Service Provider Code (SPC) Tokens necessary to obtain a SHAKEN certificate, then presents the SPC token to a STI Certification authority to receive a SHAKEN certificate.
From that point, the SHAKEN-authorized provider can generate SHAKEN PASSporTs and digitally sign them using its SHAKEN certificate and Public Key Infrastructure (PKI) methods as described in ATIS-1000074.v003, ATIS Standard on SHAKEN.
Proposed changes under consideration
The primary changes under consideration involve the following:
- Adding normative references to the following standards:
- Replacing the term Service Provider with STI Participant, a broader definition that includes “Service Providers RespOrgs, and other parties that the STI-GA authorizes to obtain SPC Tokens.” (Note: RespOrgs assign, manage, and administer toll-free numbers in the Toll-Free Number Registry.)
- Miscellaneous edits to :
- Improve the security of the governance framework
- Clarify the text in the standard.
In October 2021, the STI Governance Authority announced support for enhanced SHAKEN functionality, including:
- Support for delegate certificates
- Authorization for RespOrgs to:
- Obtain a Subordinate CA certificate from a STI Certification Authority
- Issue delegate certificates to VoIP entities to whom they issued toll-free numbers.
The proposed edits to ATIS-1000080 will align and clarify the governance standard for delegate certificates and RespOrgs.
The proposed updates also include more specific requirements for:
- Which certificates are stored in the STI Certificate Repository (STI-CR),
- Listing certificates in order that each certificate is followed by the certificate that issued it, and
- PEM encoding certificates.
Another proposed update involves requirements to enforce best practices for deployment of STI-CRs.
Note that these updates are still under discussion and may evolve before publication.
TransNexus is a leader in developing innovative software to manage and protect telecommunications networks. The company has over 20 years’ experience in providing telecom software solutions including toll fraud prevention, robocall mitigation and prevention, TDoS prevention, analytics, routing, billing support, STIR/SHAKEN and SHAKEN certificate services.
Contact us today to learn more.
This information will only be used to respond to your inquiry. TransNexus will not share your data with any third parties. We will retain your information for as long as needed to retain a record of your inquiry. For more information about how we use personal data, please see our privacy statement.
Our STIR/SHAKEN products:
- Work with your existing network
- Support SIP and TDM
- Affordable, easy to deploy