Calling Party Identity Douglas Ranalli Founder, Chief Strategy Officer NetNumber, Inc. dranalli@netnumber.com Calling Party Identity Enhancing SHAKEN attestation and verification with optional calling-party Identity-Header with RCD PASSPorT

High Level Objectives First-Class Treatment for Enterprises: Give the industry a tool within the SHAKEN framework to help enterprise customers with complex calling use-cases to achieve A-Level attestation. Enterprise Defined CNAM: Enable enterprise customers with complex use-cases to define their preferred calling-name display on a call- by-call basis. Keep it simple: Start with the smallest possible addition to the SHAKEN framework to enable the industry to begin working on complex enterprise call origination use-cases.

Proposal Summary Add support in SHAKEN framework for optional ”additional” identity header signed by the calling-party using a Service-Provider delegated certificate. Calling-party identity header provides information to Originating-SP that optionally informs local policy attestation. No change to role defined for Originating-SP Calling-party identity header with rcd PASSPorT provides additional information to Terminating-SPs that optionally informs analytics and CVT functions. No change to roles defined for Terminating-SP

Why Additional Identity-Header? RFC 8224 already defines support for multiple identity-headers. No new standardization required. Optional calling-party identity header adds to the baseline SHAKEN framework without changing the framework. Simple tool that the industry can use to begin working on enterprise use cases today.

Why Service-Provider Delegated Certificates? RFC 8226 already defines role of delegated-certificates For TNs, Number-Blocks or for SPCs – anything allowed in TNAuthList Service-Provider is the regulated entity within SHAKEN framework that is responsible for TN assignment. Baseline SHAKEN A-Level attestation assumes Originating-SP is TN-Provider Service Provider that issued the TN provides valuable ”check and balance” within the SHAKEN framework SP can revoke certificate when TN assignment is changed. SP can revoke certificate when TN is used inappropriately. Issued certificates can be audited at the STI-CR to ensure validity of delegation

Proposal Advantages No new standardization required RFC 8224 supports multiple identity headers RFC 8226 supports TN/block level delegated certificates RCD PASSPorT is IETF Standards Track document: draft-ietf-stir-passport-rcd-04 No change to SHAKEN framework entities or roles No change to STI-PA, STI-CA, Originating-SP or Terminating-SP Calling party signature is optional tool that informs STI-AS and CVT functions Simple, but powerful, incremental enhancement that enables industry to begin innovating to address complex enterprise use-cases

Implementation Proposal New ATIS Document: “Calling-Party Identity to inform SHAKEN STI-AS and STI-VS services” Start with a simple first step – define optional calling-party identity header with RCD PASSPorT Empower the industry to begin PoC activities and learning. Evaluate further enhancements to the SHAKEN framework (if needed) based on learning