SITR/SHAKEN implementation in effect today (June 30 2021)

Paul Timmins paul at
Fri Jul 2 15:54:10 UTC 2021

Fun part is that just because it's a telnyx number with a checkmark, it 
doesn't mean the call came from Telnyx, just that the call came from a 
carrier that gave the call attestation A. As the carrier, we can see who 
signed the call (it's an x509 certificate, signed by the STI-PA, with 
the carrier's name and OCN in it) and hold them accountable for the 
traffic, which is huge.

But that's where the confusion will lie - a customer might say well this 
is a verizon wireless number, i'll yell at them! But the actual call 
came in through Lumen, and they're the ones who can stop it. A carrier 
can see the cert, but you can just get the verstat flag from the 
P-Asserted-Identity field in the call to the handset and see that it 
passed the tests for attestation A.

Just because you don't see a checkmark doesn't mean signatures aren't 
happening. Attestation B and C aren't displayed on the handset (but are 
seen in the carrier's systems) and most androids don't have a way to 
display stir/shaken stuff yet. T-Mobile doesn't send the verstat header 
to handsets they don't verify as s/s compliant (usually only ones they 
sell). My trick was to sim swap into an iphone for a day, then back to 
my android which started displaying the verification after that.

It's all new, but just because you don't see it doesn't mean it's not 
there. Report the calls to your carrier, they have new tools to track 
down the misbehavior.

On 7/2/21 8:32 AM, Nick Olsen wrote:
> Not all have implemented it yet. But if you haven't. You were supposed 
> to implement some kind of robo calling mitigation plan (Or atleast 
> certify that you have one). At $dayjob we're fully deployed (inbound 
> and outbound).
> I received my first ever STIR/SHAKEN signed (iPhone Check mark, highly 
> scientific) spam call on my personal Cell phone on 6/30. It was a 
> Telnyx number. Had the call terminated to $dayjob network. I fully 
> would have collected all various information and ticketed it with Telnyx.
> Time will tell how truly effective this is. But we have better 
> originating information now (breadcrumbs) to follow back to the source.
> On Thu, Jul 1, 2021 at 5:42 PM Andreas Ott <andreas at 
> <mailto:andreas at>> wrote:
>     On Thu, Jul 1, 2021 at 12:56 PM Keith Medcalf <kmedcalf at
>     <mailto:kmedcalf at>> wrote:
>         ... and the end carrier is making money for terminating them. 
>     Survey (of n=1) says: nothing has changed, aka the new technology
>     is not working. I just received the same kind of recorded message
>     call of "something something renew auto warranty" on my AT&T
>     u-Verse line. This time when I called back the displayed caller ID
>     number it was ring-no-answer, versus the previous "you have
>     reached a number that is no longer in service". By terminating the
>     call the carrier made probably more money than it would cost them
>     to enforce the new rules.
>     Other than the <> portal, is
>     there a new way to report the obvious failure of STIR/SHAKEN?
>     -andreas
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the NANOG mailing list