Toll-Free Number Assignment and Administration – SHAKEN/STIR Delegate Certificates Enterprise Origination Julio Armenta jarmenta@somos.com 844-439-2763 October 3rd 2019

SOMOS Somos operates the SMS/800 Toll-Free Number (TFN) Registry, the database for the management and administration of Toll-Free Numbers in the North American Numbering Plan (NANP). The Toll-Free Number database is accessed by Toll-Free Service Providers (also known as Responsible Organizations, Resp Orgs) for reserving and managing Toll-Free Numbers. ATIS-0417001-003 Industry Guidelines for Toll-Free Number Administration.

Toll-Free Number Assignment Process SP Reserves Toll-Free Number Routing Information Routing Data Customer selects a Resp Org and asks for a TFN. Resp Org reserves a TFN from the pool of available numbers in the SMS/800 TFN Registry. The TFN is marked as assigned to the Resp Org. Resp Org also provisions routing information. Routing data is delivered to Routing DB Providers and used by SPs to route calls. Resp Org works with Transit Networks and SPs to setup the Toll-Free service. Enterprise is able to receive Toll-Free calls and make calls using the TFN as call back number. 2 3 3 Resp Org (800-555-1212) Routing DB Providers 1 4 SP Transit Network 5 5 5 Enterprise Customer

Responsible Organization (Resp Org) Resp Org has been designated by the FCC as the agent for the subscriber to obtain, manage and administer Toll-Free Numbers and provide routing reference information in the SMS/800 Toll-Free Number (TFN) Registry. Reservation, assignment, or activation of Toll-Free Numbers may only be made by a Resp Org based upon negotiations with a specific prospective Customer. Toll-Free Numbers are assigned by Resp Orgs to their Customers from a common pool of available numbers.

Process To Become A Responsible Organization (Resp Org) The process entails the following: Online application (deposit): Any person, company, or organization that can demonstrate the required skills and financial responsibility for managing Toll-Free Numbers can apply to become a Toll-Free Service Provider (Resp Org) in the SMS/800 Toll-Free Number Registry. Training. Attend a SMS/800 Toll-Free Number Registry class or self-train with materials about Toll- Free. Successful completion of an exam on Toll-Free Industry practices. Exam on knowledge of customer records, number administration, and service provisioning. After the exam is passed, the applicant will be certified as a Toll-Free Service Provider (Resp Org). A Resp Org ID will be assigned.

Resp Org Identification (Resp Org ID) Each Resp Org is identified by a 5 character code (Resp Org ID) provided by the SMS/800 Toll-Free Number (TFN) Registry administrator. Every Toll-Free Number reserved in the SMS/800 Toll-Free Number (TFN) Registry must have an associated Resp Org ID. The SMS/800 Toll-Free Number (TFN) Registry Help Desk maintains the contact information associated with each operational Resp Org ID.

SHAKEN/STIR Delegate Certificate Management Framework For Enterprises/Business Entities Telephone Number Provider (TN Provider): An entity that is authoritative over a set of telephone numbers, and that can delegate a subset of those telephone numbers to another entity to attest for signing. TN Provider is authorized by the STI-PA to obtain end-user certificates from an STI-CA. Enterprise Customers use Toll-Free numbers as callback number for contacting customers. Responsible Organizations (Resp Orgs) are the TN Providers for Toll-Free Numbers.

Toll-Free Number Enterprise Originating Call Originating SP and Resp Org are different entities. Resp Org reserves 8005551212 from the pool of available numbers in the SMS/800 TFN Registry. Resp Org assigns 8005551212 to Enterprise Customer. Enterprise calls 5553214321 using 8005551212 as caller ID. Reserves Toll-Free Number Routing Information Resp Org (800-555-1212) SIP INVITE To: +15553214321 From: +18005551212 Originating SP Terminating SP Enterprise Customer

Recommendation Authorize Resp Orgs to obtain end-user certificates from an STI-CA under the Delegate Certificate framework. Authorize the use of the Resp Org ID to obtain SPC tokens.

Delegate Certificate For Toll-Free Number Example Example Use Case: TNSP-a as RespOrg (with Resp Org ID JTN01) assigns TFN 1-800-555-1212 to Enterprise CAF-1 Cert Management Procedure: 0) Subordinate CA (hosted by the Resp Org) obtains SPC Token from STI-PA (SPC=JTN01) Subordinate CA obtains delegate CA cert from STI-CA Subordinate CA issues delegate EE cert to CAF-1 (TN = 1-800-555-1212) When verifying PASSporTs signed by delegate EE cert… STI-VS recognize that delegate CA cert TNAuthList contains a 5-character RespOrg ID STI-VS can therefore verify that calling TFN is in-scope of delegate CA cert. STI-CA STI-CA Root Certificate Issuer: STI-CA Subject: STI-CA STI-CA public key Signature CA intermediate/root cert TFN Registry 1) Issue delegate CA certificate RespOrg (TNSP-a) Delegate CA Certificate Issuer: STI-CA Subject: TNSP-a Basic Constraints: cA = true TNAuthList SPC = JTN01 TNSP-a public key Signature Certificate path Subordinate CA Delegate CA cert 2) Issue delegate end-entity certificate Constrains Scope Delegate end-entity Certificate Issuer: TNSP-a Subject: CAF-1 TNAuthList TN = 1-800-555-1212 CAF-1 public key Signature VoIP Entity (CAF-1) Delegate end-entity cert

Thank you.