NSS Query Record Specification

updated 3 yrs ago

NSS generates two different files per record. STI records provide detailed information contained in the SHAKEN PASSporT. QDR records provide details about the transaction with important fields that are also present in the STI record.

STI and QDRs can be downloaded via SSH, SCP or SFTP from each of your NSS systems.

STI-File Field Description

Parameter	Max ASCII Characters	Description (JSON Format)	QDR File	STI File	Included in Version
PASSPorT Header	1024	alg, ppt,typ,x5u claims		✓	N1.4
PASSPorT Payload	1024	attest, dest tn, iat, orig tn, origid claims		✓	N
STI Identity Header	2048	base64url string, alg, ppt claims		✓	N
Status for Verification	20	“verstat”=”TN-Validation-Passed” \| “No-TN-Validation” \| “TN-Validation-Failed”		✓	N
Verification Status	20	Response of the verification process		✓	N
Reason Header	40	“SIP;cause=302;text=\”no-fraud-detected\””		✓	N

STI Record Example

{

    "sequence-id": "000000002",

    "version": "N1.4",

    "record-type": "R",

    "session-id": "08742-01331234",

    "date": "2019-05-09 16:56:00",

    "passport-header":

{"alg":"RS256","ppt":"shaken","typ":"passport","x5u":"https://ca-auth1.sansay.com/sansay.crt"},

"passport-payload":

{"attest":"A","dest":{"tn":["8587542213"]},"iat":1557446160,"orig":{"tn":"3022002001"},"origid":"730014cd-0900-11e0-b5dd-001e67086918"},

    "identity-header":

"eyJhbGciOiJSUzI1NiIsInBwdCI6InNoYWtlbiIsInR5cCI6InBhc3Nwb3J0IiwieDV1IjoiaHR0cHM6Ly9jYS1hdXRoMS5zYW5zYXkuY29tL3NhbnNheS5jcnQifQ.eyJhdHRlc3QiOiJBIiwiZGVzdCI6eyJ0biI6WyI4NTg3NTQyMjEzIl19LCJpYXQiOjE1NTc0NDYxNjAsIm9yaWciOnsidG4iOiIzMDIyMDAyMDAxIn0sIm9yaWdpZCI6IjczMDAxNGNkLTA5MDAtMTFlMC1iNWRkLTAwMWU2NzA4NjkxOCJ9.p-PZsls5DD2xUtuOiw24_avxSSeQnJWuWEjyJxSp2qmaWN0YACxBVF8WFSuPjTSSfGg-AfbBzl6DabsTxbzfX3A6ks3MabneO0cf9-nJIym7b9EoY66VcGW4wymWoK4RlkG_WS2Im5VWs0fBzCBEpD4-o25v9_Y5Midal4yvJRAsG6WEDjgf0BRdCl09RizzgY1EEkJACqQSWGFHq1_Y57UhRQPJN_rTG4ORvyF9u6-3EYHNTp4UY-VbinWp7EPPuIOq_qIUaCJpPW6cDqd76ni_GZAmnRqQubzF6XPZFko7UM3EyR19XrmrymZ3HCxUr5MD5MmL8prjSQvlx0eaNQ;info=<https://ca-auth1.sansay.com/sansay.crt>;alg=RS256;ppt=\"shaken\""

}


{

"sequence-num": "117408960",

"version": "N1.4",

"record-type": "R",

"session-id": "4-277",

"date": "2020-12-24 06:48:59",

"passport-header":

{"alg":"ES256","ppt":"shaken","typ":"passport","x5u":"https://cr.sansay.com/r2_es256_1127.crt"},

"passport-payload":

{"attest":"A","dest": {"tn":["1777"]}, "iat":1608792539,"orig": {"tn":"166223"},"origid":"564dd3e6-2d18-f79c-343c-2aa5bf476e81"},

"identity-header":

"eyJhbGciOiJFUzI1NiIsInBwdCI6InNoYWtlbiIsInR5cCI6InBhc3Nwb3J0IiwieDV1IjoiaHR0cHM6Ly9jci5zYW5zYXkuY29tL3IyX2VzMjU2XzExMjcuY3J0In0.eyJhdHRlc3QiOiJBIiwiZGVzdCI6eyJ0biI6WyIxNzc3Il19LCJpYXQiOjE2MDg3OTI1MzksIm9yaWciOnsidG4iOiIxNjYyMjMifSwib3JpZ2lkIjoiNTY0ZGQzZTYtMmQxOC1mNzljLTM0M2MtMmFhNWJmNDc2ZTgxIn0.pFuBXO0fsqR3VkBWyRndVQNmtp59Khna4lvXkOOv2yUY9LVepmKABVzj0SnozEM7YsI3tKzoH-TsB0uV1Bfkmw;info=<https://cr.sansay.com/r2_es256_1127.crt>;alg=ES256;ppt=\"shaken\"",

"verstat": "TN-Validation-Passed",

"verify-response": "SVMP_OK",

"reason-header": "SIP;cause=302;text=\"no-fraud-detected\"" }

QDR File Field Description

Parameter	Max ASCII Characters	Description	QDR File	STI File	Included in Version
SessionID	32	Unique ID assigned to the query by the ROME system.	✓	✓
Start Date Time	32	Date and Time when the query entered the system in MySQL format. This is the local date and time.	✓	✓
Process time in msecs	6	Process time in milliseconds	✓
Minutes West of Greenwich Mean Time (String)	4	Used to calculate the absolute time (0-1440).	✓
Origination Query Mode (String)	6	“STI-AS” or “STI-VS”	✓		N1.4
Origination Query Protocol (String)	6	“SIP” or “REST”	✓		N1.4
Origination Source Host Name	128	FQDN or IP address for source SBC	✓
Origination Trunk ID String	6	Trunk ID of the origination SBC	✓
Origination Service Port	6	Service Port Number of the source SBC	✓
Reserved	1	Reserved A	✓
Origination Source Number (see ANI input selection)	41	‘0-9’,’+’, “none”	✓
Input Selection (ANI input selection)	10	‘PCHARGEINFO’: P-Charge-Info was used ‘RPID’: Remote Party Identification was used ‘PAI’: P-Asserted-Identity was used ‘JIP’: Jurisdiction Information Parameter was used ‘ANI’: ANI was used	✓
Origination Destination Number (DNIS)	41	‘0-9’,’+’, “none”	✓
Reserved	1	Reserved B	✓
Origination Query ID	128	Unique ID for the query from the SBC	✓
Release Cause Description	32	Release cause string	✓
Release Cause Value	4	Value of release cause (decimal)	✓
Epoch Time	16	Number of seconds elapsed since 1970-01-01	✓
Reserved (used to be Algorithm Used)	1	Reserved C	✓
Reserved	1	Reserved D	✓
Reserved	1	Reserved E	✓
Reserved	1	Reserved F	✓
Reserved	1	Reserved G	✓
Reserved	1	Reserved H	✓
Reserved	1	Reserved I	✓
Status	20	authstat= [0 \| 1] Or verstat=TN-Validation-Success(0), No-TN-Validation(1), TN-Validation-Failed(2)	✓		N1.4

QDR Record Example

185407447;N1.4;R;0-9;2019-04-26 04:57:39;40;0;STI_AS;10.10.2.91;1;1;;3022002002;ANI;8323456781;;1-4795@10.10.2.91;Moved Temporarily;0302;;;;;;;;1556254659;1;


185407447;N1.4;R;0-9;2019-04-26 04:57:39;40;0;STI_VS;10.10.2.91;1;1;;3022002002;ANI;8323456781;;1-4795@10.10.2.91;Moved Temporarily;0302;;;;;;;;1556254659;TN-Validation-Passed;

QDR Download

QDRs can be downloaded via SSH, SCP and SFTP. QDRs are accessed using the 'qdr' username. The QDR user password is configured via GUI:

Only whitelisted IPs (System > Trusted Hosts) will be able to establish a SSH/SFTP connection.

Optional: SSH keys setup

If you wish to use ssh keys to access the system you would also need to do the following:

Create a .ssh directory in /home/qdr/:
     mkdir /home/qdr/.ssh
Add an authorized_keys file to the .ssh directory with permissons of 600:
    touch /home/qdr/.ssh/authorized_keys
    chmod 600 /home/qdr/.ssh/authorized_keys
Then you need to generate a key on the remote system (below is linux example):
    ssh-keygen -t rsa
    ssh-copy-id qdr@1.2.3.4 (replace 1.2.3.4 with IP of the Sansay)