The Internet Engineering Task Force are the authoritative source on how to implement things that are used over the internet. The Relevant RFCs to STIR/SHAKEN are below:

  • RFC8224 - Adds the 'Identity' field to the SIP RFC, which contains a PASSporT (a JWT), and defines how an Authentication Service should behave
  • RFC8225 - Defines the PASSPorT JWT Token Format
  • RFC8226 - Defines the method of creating/validating PASSporT signatures
  • RFC8588 - How to implement SHAKEN

Related RFCs, not directly related to SHAKEN/STIR

  • RFC7519 - JSON Web Tokens
  • RFC3261 - The original SIP RFC. Note there are many RFCs referenced as Updates, which should additionally be consulted

ATIS Documents

The Alliance for Telecommunications Industry Solutions (ATIS) has defined various standards for the implementation of the IETF RFCs above.

Policy Documents and OIDs

The officially allocated OIDs by relevant authorities