Technical Report on SHAKEN APIs for a Centralized Signing and Signature Validation Server
|Publication Date:||1 May 2018|
This technical report defines a Representational State Transfer (REST)ful interface that can be used in the Signature based Handling of Asserted information using toKENs (SHAKEN) framework to sign and verify telephony identity:
• Secure Telephone Identity Authentication Service (STI-AS) exposes an Applications Programming Interface (API) to sign the provided Personal Assertion Token (PASSporT) which includes the SHAKEN extension as defined in [draft-wendt-stir-pa
• Secure Telephone Identity Verification Service (STI-VS) exposes an API to verify the signed Secure Telephone Identity (STI) according to procedures defined in IETF RFC 8225.
The only algorithm currently supported by this API is ES256.
The data set defined in this document could be expanded to accommodate other data types as needed (e.g., other PASSPort extensions that may need to be supported).