All carriers must get their STIR/SHAKEN certificate by June 30th!
Hey all, I just wanted to send out a reminder that the drop dead date for all carriers to get THEIR OWN STIR/SHAKEN certificate is coming up on June 30th. You can still have an underlying carrier sign your calls for you, but they must sign with YOUR token......not their own! You have to register with the STI-PA to start the process at this link: https://authenticatereg.iconectiv.com/register You must have your own IPES Company Code (aka OCN) and 499 filer ID to get a STIR/SHAKEN certificate. Just getting the certificate can take up to several weeks so please don't wait until the last minute to get one. I would hate to see anyone's network get shut down because they aren't signing their calls as per the FCC guidelines. MARY LOU CAREY BackUP Telecom Consulting Office: 615-791-9969 Cell: 615-796-1111
Hi Mary Lou, Thank you for this. A stupid - and certainly belated - question: how exactly is a carrier defined, in the letter of the regulations underlying this deadline? Or to put it another way: who, as a VoIP service provider of one sort or another, _doesn't_ have to get their own token? -- Alex
On May 31, 2023, at 1:46 PM, Mary Lou Carey via VoiceOps <voiceops at voiceops.org> wrote:
Hey all,
I just wanted to send out a reminder that the drop dead date for all carriers to get THEIR OWN STIR/SHAKEN certificate is coming up on June 30th. You can still have an underlying carrier sign your calls for you, but they must sign with YOUR token......not their own! You have to register with the STI-PA to start the process at this link:
https://authenticatereg.iconectiv.com/register
You must have your own IPES Company Code (aka OCN) and 499 filer ID to get a STIR/SHAKEN certificate. Just getting the certificate can take up to several weeks so please don't wait until the last minute to get one. I would hate to see anyone's network get shut down because they aren't signing their calls as per the FCC guidelines.
MARY LOU CAREY BackUP Telecom Consulting Office: 615-791-9969 Cell: 615-796-1111 _______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org https://puck.nether.net/mailman/listinfo/voiceops
-- Alex Balashov Principal Consultant Evariste Systems LLC Web: https://evaristesys.com Tel: +1-706-510-6800
Any carrier that provides originating VOIP or a combination of originating VOIP / PSTN / Wireless VOICE services needs to get its own certificate. My understanding is that only those who provide PSTN-only voice services do not need to have their own STIR/SHAKEN token because the technology still does not support it. Mary Lou Carey (615) 796-1111 MARY LOU CAREY BackUP Telecom Consulting Office: 615-791-9969 Cell: 615-796-1111 On 2023-05-31 02:11 PM, Alex Balashov wrote:
Hi Mary Lou,
Thank you for this.
A stupid - and certainly belated - question: how exactly is a carrier defined, in the letter of the regulations underlying this deadline? Or to put it another way: who, as a VoIP service provider of one sort or another, _doesn't_ have to get their own token?
-- Alex
On May 31, 2023, at 1:46 PM, Mary Lou Carey via VoiceOps <voiceops at voiceops.org> wrote:
Hey all,
I just wanted to send out a reminder that the drop dead date for all carriers to get THEIR OWN STIR/SHAKEN certificate is coming up on June 30th. You can still have an underlying carrier sign your calls for you, but they must sign with YOUR token......not their own! You have to register with the STI-PA to start the process at this link:
https://authenticatereg.iconectiv.com/register
You must have your own IPES Company Code (aka OCN) and 499 filer ID to get a STIR/SHAKEN certificate. Just getting the certificate can take up to several weeks so please don't wait until the last minute to get one. I would hate to see anyone's network get shut down because they aren't signing their calls as per the FCC guidelines.
MARY LOU CAREY BackUP Telecom Consulting Office: 615-791-9969 Cell: 615-796-1111 _______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org https://puck.nether.net/mailman/listinfo/voiceops
On May 31, 2023, at 3:45 PM, Mary Lou Carey <marylou at backuptelecom.com> wrote:
Any carrier that provides originating VOIP or a combination of originating VOIP / PSTN / Wireless VOICE services needs to get its own certificate
I hate to press this point further, but must: what exactly are originating VoIP "services"? -- Alex Balashov Principal Consultant Evariste Systems LLC Web: https://evaristesys.com Tel: +1-706-510-6800
Anytime your customer uses a DID or Telephone Number to make a phone call to another party, that is an originating voice service. If the network you use / lease operates via a VOIP (Voice Over Internet Protocol) switch then you must have a STIR / SHAKEN certificate. If the underlying carrier you use has a direct trunking connection with the local ILEC / RBOC then you're most likely delivering via a PSTN connection. MARY LOU CAREY BackUP Telecom Consulting Office: 615-791-9969 Cell: 615-796-1111 On 2023-05-31 02:47 PM, Alex Balashov wrote:
On May 31, 2023, at 3:45 PM, Mary Lou Carey <marylou at backuptelecom.com> wrote:
Any carrier that provides originating VOIP or a combination of originating VOIP / PSTN / Wireless VOICE services needs to get its own certificate
I hate to press this point further, but must: what exactly are originating VoIP "services"?
I once again hate to press this point further, but what exactly is meant by "your customer uses" and "another party"? I don't mean this from a place of needless pedantry: there's a legitimate question here around what the limits of this concept are. Does the customer have to be human, and do the calls placed have to be manually dialed or automatically dialed on behalf of a human caller or agent of some sort? How "other" does the "another party" have to be? For example, where would a (legitimate) outbound dialing service, such as an appointment reminder or other business automation service, fall on this spectrum? Since the beneficiaries of such an offering are third parties, presumably it is safe to say that the service provider is providing an originating voice service to a "customer" who "uses" it to make calls to "another party" not themselves. But what about companies who are themselves internal consumers of such a service, i.e. have an in-house telephony apparatus of some sort? What if the outbound calling is to members of one's own organisation and not to other parties, but on their personal mobiles? I suppose I was never quite sure where the delineation for "interconnected VoIP provider" or "VoIP service provider" falls. I have a commonsensical idea of what that is, and in most cases whether a company is inside or outside this bracket is fairly self-evident. However, for purposes of this regulation, that may not be enough. -- Alex
On May 31, 2023, at 4:03 PM, Mary Lou Carey <marylou at backuptelecom.com> wrote:
Anytime your customer uses a DID or Telephone Number to make a phone call to another party, that is an originating voice service. If the network you use / lease operates via a VOIP (Voice Over Internet Protocol) switch then you must have a STIR / SHAKEN certificate. If the underlying carrier you use has a direct trunking connection with the local ILEC / RBOC then you're most likely delivering via a PSTN connection.
MARY LOU CAREY BackUP Telecom Consulting Office: 615-791-9969 Cell: 615-796-1111
On 2023-05-31 02:47 PM, Alex Balashov wrote:
On May 31, 2023, at 3:45 PM, Mary Lou Carey <marylou at backuptelecom.com> wrote: Any carrier that provides originating VOIP or a combination of originating VOIP / PSTN / Wireless VOICE services needs to get its own certificate I hate to press this point further, but must: what exactly are originating VoIP "services"?
-- Alex Balashov Principal Consultant Evariste Systems LLC Web: https://evaristesys.com Tel: +1-706-510-6800
The purpose of STIR/SHAKEN is to verify that the carrier knows their customer and that the customer is NOT making robocalls or fraudulent calls. It doesn't matter who the caller is or who the called party is. It matters that the call was made using a telephone number and that the type of network was VOIP or non-PSTN wireless. So All VOIP carriers not only need to have a Robocall Mitigation Plan in place. They need to get their OWN certificate/token assigned from an approved certificate authority company. It's easy to tell which carriers do not have their own certificate/token because when a certificate is assigned the carrier's name is listed on the STI-PA approved carrier list. https://authenticate.iconectiv.com/authorized-service-providers-authenticate Carriers who filed a robocall mitigation plan, but do not show up on the approved STI-PA approved carrier list are in danger of having their traffic shut down. Don't think the STI-PA will not notice or do anything! If you want to play Russian Roulette with your network, no one can stop you but I would highly suggest registering for a certificate if you haven't gotten one yet. In the last year, I've had several companies come to me that were contacted by the STI-PA and given 30 days to get their own certificate assigned. Filing a Robocall Mitigation Plan is not enough! You have to get your own token assigned! June 30, 2023 is NEXT MONTH so if you don't have it done, you don't have any time to waste! MARY LOU CAREY BackUP Telecom Consulting Office: 615-791-9969 Cell: 615-796-1111 On 2023-05-31 03:13 PM, Alex Balashov wrote:
I once again hate to press this point further, but what exactly is meant by "your customer uses" and "another party"?
I don't mean this from a place of needless pedantry: there's a legitimate question here around what the limits of this concept are. Does the customer have to be human, and do the calls placed have to be manually dialed or automatically dialed on behalf of a human caller or agent of some sort? How "other" does the "another party" have to be?
For example, where would a (legitimate) outbound dialing service, such as an appointment reminder or other business automation service, fall on this spectrum? Since the beneficiaries of such an offering are third parties, presumably it is safe to say that the service provider is providing an originating voice service to a "customer" who "uses" it to make calls to "another party" not themselves.
But what about companies who are themselves internal consumers of such a service, i.e. have an in-house telephony apparatus of some sort?
What if the outbound calling is to members of one's own organisation and not to other parties, but on their personal mobiles?
I suppose I was never quite sure where the delineation for "interconnected VoIP provider" or "VoIP service provider" falls. I have a commonsensical idea of what that is, and in most cases whether a company is inside or outside this bracket is fairly self-evident. However, for purposes of this regulation, that may not be enough.
-- Alex
On May 31, 2023, at 4:03 PM, Mary Lou Carey <marylou at backuptelecom.com> wrote:
Anytime your customer uses a DID or Telephone Number to make a phone call to another party, that is an originating voice service. If the network you use / lease operates via a VOIP (Voice Over Internet Protocol) switch then you must have a STIR / SHAKEN certificate. If the underlying carrier you use has a direct trunking connection with the local ILEC / RBOC then you're most likely delivering via a PSTN connection.
MARY LOU CAREY BackUP Telecom Consulting Office: 615-791-9969 Cell: 615-796-1111
On 2023-05-31 02:47 PM, Alex Balashov wrote:
On May 31, 2023, at 3:45 PM, Mary Lou Carey <marylou at backuptelecom.com> wrote: Any carrier that provides originating VOIP or a combination of originating VOIP / PSTN / Wireless VOICE services needs to get its own certificate I hate to press this point further, but must: what exactly are originating VoIP "services"?
Every voice service provider is required to file an RMDB certification indicating your SHAKEN implementation status and file a robocall mitigation plan if you have not certified that you have completely implemented SHAKEN. "Voice service" is defined here: https://www.ecfr.gov/current/title-47/chapter-I/subchapter-B/part-64/subpart...) If you have fewer than 100,000 subscribers and are a facilities-based service provider, then you have an extension for when SHAKEN must be implemented. This extension ends on June 30th, 2023. If you have calls that leave your network via non-SIP signaling, then you have an extension for when SHAKEN must be implemented. This extension currently does not have an end date. You must explicitly claim your extension(s) in your robocall mitigation plan. Note that in the near future, all voice service providers will be required to file a robocall mitigation plan, regardless of SHAKEN implementation status. See https://www.ecfr.gov/current/title-47/chapter-I/subchapter-B/part-64/subpart... for more information. - Alec ________________________________ From: VoiceOps <voiceops-bounces at voiceops.org> on behalf of Alex Balashov via VoiceOps <voiceops at voiceops.org> Sent: Wednesday, May 31, 2023 15:47 To: Mary Lou Carey <marylou at backuptelecom.com> Cc: voiceops at voiceops.org <voiceops at voiceops.org> Subject: Re: [VoiceOps] All carriers must get their STIR/SHAKEN certificate by June 30th!
On May 31, 2023, at 3:45 PM, Mary Lou Carey <marylou at backuptelecom.com> wrote:
Any carrier that provides originating VOIP or a combination of originating VOIP / PSTN / Wireless VOICE services needs to get its own certificate
I hate to press this point further, but must: what exactly are originating VoIP "services"? -- Alex Balashov Principal Consultant Evariste Systems LLC Web: https://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fevaristesys.com%2F&data=05%7C01%7Calec.fenichel%40transnexus.com%7C572ef648327a447f2bad08db620ff53b%7C8e2972a2d21d49acb00518e8ceaadee3%7C0%7C0%7C638211592938356306%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=3f38XhxySROiJ6npB%2BBzI3UmO1V26LKcJ56dP02wQ8Q%3D&reserved=0<https://evaristesys.com/> Tel: +1-706-510-6800 _______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org https://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fpuck.nether.net%2Fmailman%2Flistinfo%2Fvoiceops&data=05%7C01%7Calec.fenichel%40transnexus.com%7C572ef648327a447f2bad08db620ff53b%7C8e2972a2d21d49acb00518e8ceaadee3%7C0%7C0%7C638211592938356306%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=saWmyhymBIuTLRe2EXLVHgOGdvBzfH9rbGAH64j9TP0%3D&reserved=0<https://puck.nether.net/mailman/listinfo/voiceops>
There was an extension for "small" providers (under 100k lines) ends on June 30, 2023. That extension was basically was targeting rural LECs. It was amended so it only included those who have physical infrastructure to their clients. Those who do not operate such legacy infrastructure are supposed to be signing their calls as of June 30, 2022. There are further "gateway" orders about how any operator is supposed to handle calls arriving on their network that are not signed. Michael Graves mgraves at mstvp.com o: (713) 861-4005 c: (713) 201-1262 sip:mgraves at mjg.onsip.com -----Original Message----- From: VoiceOps <voiceops-bounces at voiceops.org> On Behalf Of Mary Lou Carey via VoiceOps Sent: Wednesday, May 31, 2023 2:46 PM To: Alex Balashov <abalashov at evaristesys.com> Cc: voiceops at voiceops.org Subject: Re: [VoiceOps] All carriers must get their STIR/SHAKEN certificate by June 30th! Importance: High Any carrier that provides originating VOIP or a combination of originating VOIP / PSTN / Wireless VOICE services needs to get its own certificate. My understanding is that only those who provide PSTN-only voice services do not need to have their own STIR/SHAKEN token because the technology still does not support it. Mary Lou Carey (615) 796-1111 MARY LOU CAREY BackUP Telecom Consulting Office: 615-791-9969 Cell: 615-796-1111 On 2023-05-31 02:11 PM, Alex Balashov wrote:
Hi Mary Lou,
Thank you for this.
A stupid - and certainly belated - question: how exactly is a carrier defined, in the letter of the regulations underlying this deadline? Or to put it another way: who, as a VoIP service provider of one sort or another, _doesn't_ have to get their own token?
-- Alex
On May 31, 2023, at 1:46 PM, Mary Lou Carey via VoiceOps <voiceops at voiceops.org> wrote:
Hey all,
I just wanted to send out a reminder that the drop dead date for all carriers to get THEIR OWN STIR/SHAKEN certificate is coming up on June 30th. You can still have an underlying carrier sign your calls for you, but they must sign with YOUR token......not their own! You have to register with the STI-PA to start the process at this link:
https://authenticatereg.iconectiv.com/register
You must have your own IPES Company Code (aka OCN) and 499 filer ID to get a STIR/SHAKEN certificate. Just getting the certificate can take up to several weeks so please don't wait until the last minute to get one. I would hate to see anyone's network get shut down because they aren't signing their calls as per the FCC guidelines.
MARY LOU CAREY BackUP Telecom Consulting Office: 615-791-9969 Cell: 615-796-1111 _______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org https://puck.nether.net/mailman/listinfo/voiceops
VoiceOps mailing list VoiceOps at voiceops.org https://puck.nether.net/mailman/listinfo/voiceops
participants (4)
-
abalashov@evaristesys.com -
alec.fenichel@transnexus.com -
marylou@backuptelecom.com -
mgraves@mstvp.com