<div dir="ltr">On the inbound side, a carrier would perform the STI-VS (verification service) to derive the attestation from the passport and handle the call according to local policy. An intermediate carrier can't really "reattest" the call because being an intermediate,they likely can't attest to the validity of the end user. As STIR/SHAKEN stands today, the identity header doesn't do much other than provide a place to "point the finger" when a caller is being TRACEDback. That's a huge step forward from where we've been, but it really doesn't do much for name or number presentation (today). <div><br></div><div>I'm not aware of a 302 script out there, but you didn't really specify if you want to be the redirect server or if you want to consume the 302 from another service. If you haven't seen it yet, the "self-signed" stir/shaken post is a great walkthrough on how to set it up. It's worth a go to understand the pieces. However, know that there are no carriers that will accept self-signed certificates. To make this work in the wild, you will need a certificate from a STI-CA. </div><div><br></div><div><div><a href="https://blog.opensips.org/2022/10/31/how-to-generate-self-signed-stir-shaken-certificates/">https://blog.opensips.org/2022/10/31/how-to-generate-self-signed-stir-shaken-certificates/</a><br></div><div><br></div></div><div><br></div><div>-Brett</div><div><br><div><br></div><div><br></div><div><br></div></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Fri, Apr 21, 2023 at 4:01 AM johan <<a href="mailto:johan@democon.be">johan@democon.be</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">1. In the case that you are intermediate provider and the call comes in <br>
with identity header, can you then juste USE the identity coming in or <br>
do you need to reattest.<br>
<br>
2. is there somewhere a mini script.cfg which is doing stir/shaken magic <br>
with 302 redirect ?<br>
<br>
<br>
wkr,<br>
<br>
<br>
_______________________________________________<br>
Users mailing list<br>
<a href="mailto:Users@lists.opensips.org" target="_blank">Users@lists.opensips.org</a><br>
<a href="http://lists.opensips.org/cgi-bin/mailman/listinfo/users" rel="noreferrer" target="_blank">http://lists.opensips.org/cgi-bin/mailman/listinfo/users</a><br>
</blockquote></div>