0

STI-VS Call Presentation Options and VERSTAT handling

While the SIP Identity header carries STIR/SHAKEN call authentication, the P-Asserted-Identity verstat parameter plays an essential role in displaying the call verification (STI-VS) result to endpoints. In the specific context of this article, we are only focusing on endpoints that will be receiving calls and their capabilities to handle the verstat result. 

At present there are three standard verstat results:

  1. TN-Validation-Passed: The caller identity signature has been verified.
  2. TN-Validation-Failed: The caller identity signature has failed.
  3. No-TN-Validation: No signature to validate.

TN-Validation-Passed conveys that the caller identity has been verified end-to-end thanks to STIR/SHAKEN. ATIS-1000081 covers different techniques to widely display the STI-VS results. This article focuses on what's available on Sansay's solution to deliver these results as needed.

Endpoint types

While there is not an official category of devices, to better explain the techniques to present the STI-VS result, we are grouping the devices as follows:

  • Current generation devices: Modern VoIP endpoints and VoLTE (4G/5G) mobile devices. These devices support are or will be capable of supporting verstat natively.
  • Middle generation devices: Support for Caller ID presentation. Examples include 2G and 3G mobile devices, VoIP endpoints.
  • Legacy devices: Do not support Caller ID presentation. Examples include landlines, analog adapters and other analog endpoints.

Devices that support verstat only need to receive it without any additional treatment. 

Verstat and SIP Message Conversion (SMC)

An interesting group is the middle generation devices. For this type of endpoints the SIP P-Asserted-Identity (PAI) and From header can be modified based on the original verstat parameter. Verstat modification can come in the form of 1) stripping the verstat parameter 2) using the verstat result to change the Display Name (CNAM).

Here's an example using NSS and VSXi SIP Message Conversion (SMC) to change the display name and strip verstat.

{
  "ProfileID": 300,
  "ProfileName": "STIR/SHAKEN call presentation",
  "Rules": [
    {
      "MsgType": "REQUEST",
      "ReqMethod": "INVITE",
      "StoredVariables": [
        {
          "VariableName": "{$cnam}",
          "Header": "P-Asserted-Identity:",
          "HeaderAttr": "HEADER_SECTION_ONLY"
        }
      ],
      "LogicalConjunction": "AND",
      "Conditions": [
        {
          "Header": "P-Asserted-Identity:",
          "HeaderAttr": "HEADER_SECTION_ONLY",
          "RegEx1": "TN-Validation-Passed",
          "Operator": "NEQ",
          "RightOperand": ""
        },
        {
          "Header": "P-Asserted-Identity:",
          "HeaderAttr": "HEADER_SECTION_ONLY",
          "Macro": "GETDISPLAYNAME",
          "Operator": "NEQ",
          "RightOperand": ""
        }
      ],
      "Action": "REPLACE_MSG",
      "ReplaceDefs": [
        {
          "ReplaceType": "FINDINSERTBEFORE_LINES",
          "Header": "P-Asserted-Identity:",
          "HeaderAttr": "HEADER_SECTION_ONLY",
          "Macro": "GETDISPLAYNAME",
          "RegEx1": "[^\"]+",
          "Output": "[V] "
        },
       {
         "ReplaceType": "FINDSUB_LINES",
        "Header": "P-Asserted-Identity:",
        "HeaderAttr": "HEADER_SECTION_ONLY",
        "RegEx1": ";verstat=[a-zA-Z\\-]+",
        "Output": ""
        }
      ]
    },
    {
      "MsgType": "REQUEST",
      "ReqMethod": "INVITE",
      "StoredVariables": [
        {
          "VariableName": "{$cnam}",
          "Header": "P-Asserted-Identity:",
          "HeaderAttr": "HEADER_SECTION_ONLY"
        }
      ],
      "LogicalConjunction": "AND",
      "Conditions": [
        {
          "Header": "From:",
          "HeaderAttr": "HEADER_SECTION_ONLY",
          "RegEx1": "TN-Validation-Passed",
          "Operator": "NEQ",
          "RightOperand": ""
        },
        {
          "Header": "From:",
          "HeaderAttr": "HEADER_SECTION_ONLY",
          "Macro": "GETDISPLAYNAME",
          "Operator": "NEQ",
          "RightOperand": ""
        }
      ],
      "Action": "REPLACE_MSG",
      "ReplaceDefs": [
        {
        "ReplaceType": "FINDINSERTBEFORE_LINES",
        "Header": "From:",
        "HeaderAttr": "HEADER_SECTION_ONLY",
        "Macro": "GETDISPLAYNAME",
        "RegEx1": "[^\"]+",
        "Output": "[V] "
        },
        {
         "ReplaceType": "FINDSUB_LINES",
        "Header": "From:",
        "HeaderAttr": "HEADER_SECTION_ONLY",
        "RegEx1": ";verstat=[a-zA-Z\\-]+",
        "Output": ""
        }
      ]
    },
    {
      "MsgType": "REQUEST",
      "ReqMethod": "INVITE",
      "LogicalConjunction": "OR",
      "Conditions": [
        {
          "Header": "From:",
          "HeaderAttr": "HEADER_SECTION_ONLY",
          "RegEx1": ";verstat=",
          "Operator": "NEQ",
          "RightOperand": ""
        },
        {
          "Header": "P-Asserted-Identity:",
          "HeaderAttr": "HEADER_SECTION_ONLY",
          "RegEx1": ";verstat=",
          "Operator": "NEQ",
          "RightOperand": ""
        }
      ],
      "Action": "REPLACE_MSG",
      "ReplaceDefs": [
        {
         "ReplaceType": "FINDSUB_LINES",
        "Header": "From:",
        "HeaderAttr": "HEADER_SECTION_ONLY",
        "RegEx1": ";verstat=[a-zA-Z\\-]+",
        "Output": ""
        },
        {
         "ReplaceType": "FINDSUB_LINES",
        "Header": "P-Asserted-Identity:",
        "HeaderAttr": "HEADER_SECTION_ONLY",
        "RegEx1": ";verstat=[a-zA-Z\\-]+",
        "Output": ""
        }
      ]
    }
  ]
}

In the above example we are doing a ReGex for TN-Validation Passed and are prepending a [V] to the PAI and From Display Name.

While [V] was used the SMC Profile can be easily modified to prepend a different information label.  This facilitates working with different implementations.

Note: In choosing the overlaying label remember that standard CNAM supports up to 15 characters. Enhanced CNAM (eCNAM) supports 40 characters.

Enhanced Verstat

Via NSS system configuration, it is possible to deliver an enhanced verstat where STI-VS succeeded. When enhanced verstat is enabled the following values are supported:

  • TN-Validation-Passed-A
  • TN-Validation-Passed-B
  • TN-Validation-Passed-C
  • TN-Validation-Failed
  • No-TN-Validation

This enables you to deliver specific information in the call, such as "Verified Caller" where A attestation was confirmed. It is up to you to decide what the "tag" will be, here's an example:

{
  "ProfileID": 300,
  "ProfileName": "STIR/SHAKEN call presentation",
  "Rules": [
    {
      "MsgType": "REQUEST",
      "ReqMethod": "INVITE",
      "StoredVariables": [
        {
          "VariableName": "{$cnam}",
          "Header": "P-Asserted-Identity:",
          "HeaderAttr": "HEADER_SECTION_ONLY"
        }
      ],
      "LogicalConjunction": "AND",
      "Conditions": [
        {
          "Header": "P-Asserted-Identity:",
          "HeaderAttr": "HEADER_SECTION_ONLY",
          "RegEx1": "TN-Validation-Passed-A",
          "Operator": "NEQ",
          "RightOperand": ""
        },
        {
          "Header": "P-Asserted-Identity:",
          "HeaderAttr": "HEADER_SECTION_ONLY",
          "Macro": "GETDISPLAYNAME",
          "Operator": "NEQ",
          "RightOperand": ""
        }
      ],
      "Action": "REPLACE_MSG",
      "ReplaceDefs": [
        {
          "ReplaceType": "FINDINSERTBEFORE_LINES",
          "Header": "P-Asserted-Identity:",
          "HeaderAttr": "HEADER_SECTION_ONLY",
          "Macro": "GETDISPLAYNAME",
          "RegEx1": "[^\"]+",
          "Output": "[V+] "
        },
      { "ReplaceType": "FINDINSERTBEFORE_LINES",
        "Header": "From:",
        "HeaderAttr": "HEADER_SECTION_ONLY",
        "Macro": "GETDISPLAYNAME",
        "RegEx1": "[^\"]+",
        "Output": "[V+] "
        },
       {
         "ReplaceType": "FINDSUB_LINES",
        "Header": "From:",
        "HeaderAttr": "HEADER_SECTION_ONLY",
        "RegEx1": ";verstat=[a-zA-Z\\-]+",
        "Output": ""
        },
       {
         "ReplaceType": "FINDSUB_LINES",
        "Header": "P-Asserted-Identity:",
        "HeaderAttr": "HEADER_SECTION_ONLY",
        "RegEx1": ";verstat=[a-zA-Z\\-]+",
        "Output": ""
        }
      ]
    }
  ]
}

Reply

null