On 19 Oct 2023, at 18:46, Alex Balashov via sr-users sr-users@lists.kamailio.org wrote:
Would join Kaufman here to say that free-range STIR/SHAKEN implementations in the US are limited by the small number of certified authentication providers, but presumably the EU version will to some extent avoid US-style Guilded Age corporate welfare…
Sadly that’s my view of the US implementation. I can’t say if it solved the problem, but I can see that a lot of new and old actors got an oppurtunity to earn more money.
There’s no EU-wide implementation or regulation at this point. I am aware of France. There are certainly discussions. /O
-- Alex
On 19 Oct 2023, at 09:33, Ben Kaufman via sr-users sr-users@lists.kamailio.org wrote:
Like some of the other posters here, we’ve implemented it as a 302-redirect server. This was the primary reason for using the secsipid rather than stirshaken module. Both modules have a function to append an Identity header, but secsipid also has functions to simply build the identity header which can then easily be appended to the reply, rather than only appending to the request and plucking the Identity header from there. Secsipid also has a function secsipid_sign() which allows for creating your own JWT. This is useful if you want to create some variations on the Identity header - we use this to create div passports (as opposed to shaken passports) in some situations.
Not sure how it will be implemented there, but the biggest challenge for me in the US was acquiring certificates because there is a very limited number of regulatory approved vendors.
-- Alex Balashov Principal Consultant Evariste Systems LLC Web: https://evaristesys.com Tel: +1-706-510-6800
Kamailio - Users Mailing List - Non Commercial Discussions To unsubscribe send an email to sr-users-leave@lists.kamailio.org Important: keep the mailing list in the recipients, do not reply only to the sender! Edit mailing list options or unsubscribe: