Share this page
  • TOPICS

STIR into Action

  • 6 Jan 2020

Providers of voice over IP in the United States will be required to implement the IETF’s Secure Telephony Identity Revisited (STIR) protocol as a result of recently enacted legislation to address some of the root causes of illegal robocalling on the telephone network.

As part of a broader package of reforms aimed at curbing the explosive growth of robocalls, providers of Session Initiation Protocol (SIP)-based services will be required to implement STIR, the base specification of which was published as RFC 8224 together, with extensions in RFCs 8225, 8226, and 8588. A recent IETF blog post by Jon Peterson provides additional details and background about how the STIR working group approached the problem of authenticating callers using SIP-based services.

The same legislation will require providers of voice services to “take reasonable measures to implement an effective call authentication framework in the non-Internet protocol networks of the provider of voice service.” The STIR working group has been considering this issue as well. Its “STIR Out-of-Band Architecture and Use Cases” document was submitted last month to the Internet Engineering Steering Group for consideration to be published as an IETF RFC. You can find more information about the STIR working group and its work via the IETF Datatracker.