Talk:STIR/SHAKEN

A fact from STIR/SHAKEN appeared on Wikipedia's Main Page in the Did you know column on 1 January 2020 (check views). The text of the entry was as follows: Did you know... that the STIR/SHAKEN protocols aim to end the "epidemic" of robocalls, of which there were an estimated 5.7 billion in the U.S. placed in October 2019 alone? A record of the entry may be seen at Wikipedia:Recent additions/2020/January. The nomination discussion and review may be seen at Template:Did you know nominations/STIR/SHAKEN.

This article is rated C-class on Wikipedia's content assessment scale. It is of interest to the following WikiProjects:

Telecommunications Mid‑importance This article is within the scope of WikiProject Telecommunications, a collaborative effort to improve the coverage of Telecommunications on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.TelecommunicationsWikipedia:WikiProject TelecommunicationsTemplate:WikiProject TelecommunicationsTelecommunications Mid This article has been rated as Mid-importance on the project's importance scale. Computing: Networking / Security Low‑importance This article is within the scope of WikiProject Computing, a collaborative effort to improve the coverage of computers, computing, and information technology on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.ComputingWikipedia:WikiProject ComputingTemplate:WikiProject ComputingComputing Low This article has been rated as Low-importance on the project's importance scale. This article is supported by Networking task force (assessed as Low-importance). This article is supported by WikiProject Computer security (assessed as Mid-importance). Things you can help WikiProject Computer security with: edit history watch purge Article alerts are available, updated by AAlertBot. More information... Review importance and quality of existing articles Identify categories related to Computer Security Tag related articles Identify articles for creation (see also: Article requests) Identify articles for improvement Create the Project Navigation Box including lists of adopted articles, requested articles, reviewed articles, etc. Find editors who have shown interest in this subject and ask them to take a look here.

In the STIR section, every paragraph has a "[7]" at the end because there is a <ref name="Understand" /> reference. It does not seem to me that ALL of these references are needed. Would others agree that they should be removed? --Dyork (talk) 22:58, 6 January 2020 (UTC)[reply]

The article currently says: The provider then attaches an encrypted certificate to the SIP header with the service provider's identity and a trust value. VoIP software on the receiving end can check the authenticity of the message by decrypting STIR using the provider's public key. Typically, a public key is either used to encrypt data or verify a signature, and a private key is used to decrypt the data (or sign it). So is this paragraph actually talking about signing, not encrypting? --Stefan2904 (talk) 13:27, 12 April 2024 (UTC)[reply]

Technically, signing is sort of subclass of encryption, it's just that both the public and private key within the protocol are generated by the same party. 104.229.11.48 (talk) 05:04, 27 July 2024 (UTC)[reply]

STIR/SHAKEN as done by US service providers for a JSON Web Token (JWT) in the form of a SHAKEN Personal Assertion Token (PASSporT) does not attach a certificate. Instead, a URL reference to the location of the certificate file (which should be of type .pem) is included in both the JWT header "x5u" parameter, and also in the "info" parameter of the optional IDENTITY header containing the SHAKEN PASSporT of a SIP INVITE method message. i.e., the provider does not attach a certificate, they reference the certificate location. e.g., info=<https://cert.originating.provider.net/stircert.pem>;alg=ES256;ppt="shaken". 2605:A601:AE1C:4300:E599:EEFC:5D8C:DB4E (talk) 20:21, 27 May 2025 (UTC)[reply]