HTTP/2 200 date: Tue, 07 Oct 2025 07:22:45 GMT content-type: text/plain; charset=utf-8 content-encoding: gzip content-security-policy: default-src 'self' 'unsafe-inline' data: https://datatracker.ietf.org/ https://www.ietf.org/ https://ietf.org/ https://analytics.ietf.org https://static.ietf.org; frame-ancestors 'self' ietf.org *.ietf.org meetecho.com *.meetecho.com cross-origin-opener-policy: unsafe-none etag: W/"95f8f8747f97a7a7b1ddd842d677958a" referrer-policy: strict-origin-when-cross-origin strict-transport-security: max-age=3600; includeSubDomains vary: Cookie, Accept-Encoding x-content-type-options: nosniff x-frame-options: SAMEORIGIN cf-cache-status: MISS expires: Tue, 07 Oct 2025 11:22:45 GMT cache-control: public, max-age=14400 set-cookie: __cf_bm=LrTe4TzgYFVlFteo7vEJFomshbvnVojbiYhUOPsuDUg-1759821765-1.0.1.1-L_UK0dUE2Gl0BJGTyjxfZP1zSE4Np6MvPgB8uaSKeNo6.bT2kMo80_JWdzaIfq8H9vcJQdXt01IPF2FXBbSUmFmGuxGRf7x1dm3XfCrEQ4g; path=/; expires=Tue, 07-Oct-25 07:52:45 GMT; domain=.ietf.org; HttpOnly; Secure; SameSite=None server: cloudflare cf-ray: 98aba62ebdecad8b-BLR alt-svc: h3=":443"; ma=86400 @misc{rfc7340, series = {Request for Comments}, number = 7340, howpublished = {RFC 7340}, publisher = {RFC Editor}, doi = {10.17487/RFC7340}, url = {https://www.rfc-editor.org/info/rfc7340}, author = {Jon Peterson and Henning Schulzrinne and Hannes Tschofenig}, title = {{Secure Telephone Identity Problem Statement and Requirements}}, pagetotal = 25, year = 2014, month = sep, abstract = {Over the past decade, Voice over IP (VoIP) systems based on SIP have replaced many traditional telephony deployments. Interworking VoIP systems with the traditional telephone network has reduced the overall level of calling party number and Caller ID assurances by granting attackers new and inexpensive tools to impersonate or obscure calling party numbers when orchestrating bulk commercial calling schemes, hacking voicemail boxes, or even circumventing multi-factor authentication systems trusted by banks. Despite previous attempts to provide a secure assurance of the origin of SIP communications, we still lack effective standards for identifying the calling party in a VoIP session. This document examines the reasons why providing identity for telephone numbers on the Internet has proven so difficult and shows how changes in the last decade may provide us with new strategies for attaching a secure identity to SIP sessions. It also gives high-level requirements for a solution in this space.}, }