vicidial.org

[falves111]

WORLDWIDE EMERGENCY
This code needs to be executed before any SIP or PJSIP call destined to the US network, or soon no call will terminate. This is called Stir-Shaken, a new law from the FCC.
If this is not working the whole Vicidial industry will crash, vanish, be gone.
I need some help as to where to call this code as a Gosub from everywhere a Dial is being attempted.
I am also assuming that the caller ID and the Destination Number are in the variables "${CALLERID(num):-10}" "${EXTEN:-11}"

;Dialplan section to execute before any Dial
[strshk]
exten => _X.,1,Set(ARRAY(Token)=${MYSQL_STRSHK(${CALLERID(num):-10},${EXTEN:-11})})
;same=n,Verbose(0,Token ${Token})
;same=n,SIPAddHeader(Identity:${Token}) ;OLD SIP CHANNEL
same=n,Set(PJSIP_HEADER(add,Identity)=${Token}) ; NEW PJSIP CHANNEL
same=n,Return()

[carpenox]

seems to be some legitimacy to this...

https://www.fcc.gov/call-authentication

[mflorell]

Most carriers have not implemented STIR/SHAKEN protocols yet, and they still have over 11 months to put it in place,
https://www.fiercewireless.com/operator ... tech-place

[Nefariousparity]

This is something to be concerned about, most of us have known about it for a long time now. Will be inter sting to see how the events unfold.

[carpenox]

I would think as long as you have DID's that can ringback this shouldnt be an issue correct?

[mflorell]

For our VICIhost hosted services we use OpenSIPs to offer carrier services to our hosted customers, and the OpenSIPs project has added and tested STIR/SHAKEN code to their project so they are all ready for when the carriers finally decide how they want to protocols to work.

There are also some trade groups asking for an additional 12 months delay in implementing STIR/SHAKEN(to June 30, 2022), but there are no guarantees that they will be able to get that. And throwing another wrench into the works, the state of California had voted to make it the law in their state that STIR/SHAKEN would have to be implemented 6 months early, on January 1, 2021, but there is no indication on how exactly they would enforce that if any other party to the call is out of state.

[carpenox]

OK I am going to have to look into OpenSIP's then. TY

[falves111]

There is confusion about how Stir Shaken works. Opensips added the code, but the code by itself solves nothing. The signature can be only added by an FCC-Approved Service provider, like our company. You may certainly get a self-signed certificate but it is the same as not signing the call because he signature cannot be verified by the carriers and thus the call will fail.
There are a few service providers approved so far, we are one of them. We are Asterisk people, therefore we created the code so Vicidial, and any Asterisk, can the calls signed. Asterisk cannot use the Transnexus technology, based on injecting the signature on a 302 Redirect package, as per Asterisk support.
https://issues.asterisk.org/jira/browse/ASTERISK-28924

So everybody should run and get an account, start testing, compiling UnixODBC modules, and getting ready. The IP provided in my post is free to use, it generates self-signed signatures, but you can make everything work with it. Just try it.
mysql -u anonymous -h 208.73.232.47 -e "call strshk.stir_shaken_signature('7277749184','19544447408')"
The first parameter is the Caller ID and the second is the destination number. That is my number, by the way.
There are three levels of Attestation, "A", "B", "C". the lowest is "C", means we don't know much about the caller ID or the company. "B" means we now the company buy don't know the number and "A" means we gave you the number from our pool.
Calls with "C" will end up in voicemail. Calls with "B" may terminate but also some will be blocked. Only safe calls are "A" calls.

[carpenox]

falves, youre in broward too?

-nox

[mflorell]

As a note on this ticket, we just posted new code to the VICIdial svn/trunk codebase for our integration with TILTX's STIR/SHAKEN service.

Here's the documentation on how it works:
http://vicidial.org/docs/TILTX_SHAKEN_API.txt

[carpenox]

good shit, thats whats up