scope:

The Signature-based Handling of Asserted information using toKENs (SHAKEN) framework enables a SHAKEN-authorized Voice over Internet Protocol (VoIP) Service Provider to deliver cryptographically protected attestation, via SIP signaling, that the calling user is authorized to use the calling telephone number. This specification extends the SHAKEN framework to enable conveyance of verified "shaken" attestation levels over Time Division Multiplexing (TDM) interconnects.

ATIS-1000097, Technical Report on Alternatives for Caller Authentication for Non-IP Traffic, which evaluates the viability of implementing this call authentication mechanism for TDM networks, should be considered along with this specification.

The mechanisms specified in this document are based on ITU Q.763 (12/1999), Signalling System No. 7 - ISDN user part formats and codes, rather than ATIS-1000113, Signaling System No. 7 (SS7) - Integrated Services Digital Network (ISDN) User Part. However, a similar approach could be used for ATIS ISUP, taking into consideration that the parameters, code values, and procedures of ATIS ISUP are different from ITU-T ISUP and are not specified in this document.

Purpose

The current SHAKEN framework provides a set of tools that enable verification of the calling party's authorization to use a calling telephone number for a call. It assumes that the SIP Identity header can be carried end-to-end between Originating Service Providers (OSPs) and Terminating Service Providers (TSPs). Currently this is not always possible due to the use of TDM-based signaling at various segments of the end-to-end signaling path.

The mechanisms described in this document address this problem by carrying verified "shaken" attestation levels over TDM signaling.