Liviu Chircu liviu at opensips.org
Mon Dec 2 23:56:08 EST 2019

On 03.12.2019 03:59, volga629 via Users wrote:
> If call from originator is being replaced by middle with same source 
> and destination and change Identity  header with keys and certificate 
> location is possible that terminator will authorize it ?

Hi Volga,

Yes, it is perfectly possible to rebuild the Identity header and 
re-attribute the
asserted source/destination to yourself.  In order to do this, you only 
need to own
an officially recognized STIR/SHAKEN X509 cert along with its private 
key, issued by
a STIR/SHAKEN certification authority.

So, while this is possible, I don't see why anyone in their right mind 
would do it.
Doing so would jeopardize the image of the carrier, putting their 
business at risk.
It's similar to how public IP routing in the internet works: any ISP 
could MITM any
piece of traffic, yet none do.  Or do they? :)

Best regards,

Liviu Chircu
OpenSIPS Developer

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20191203/c20acf6b/attachment.html>

More information about the Users mailing list