liviu at opensips.org
Tue Dec 3 08:48:43 EST 2019
On 03.12.2019 15:39, volga629 via Users wrote:
> Thank you reply, so any bad actor can't use as example with self sign
> certificates ? So digital signature must be produced from well known
> authorized CA certificate key pair ?
Correct. The bad actor's self-signed X509 STIR/SHAKEN certificate can
distinguished from an officially recognized one (exactly like HTTPS certs).
> Can you point on one of the well know CA authority which authorized
> for SHAKEN/STIR.
The last known info I have is this  "call for certification
authorities", back in
July. I'm not sure whether the deadline is over, or if any CAs have
started popping up,
but from what I just searched, things haven't progressed much.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Users