Trust & Security

RFC 8224 (Authenticated Identity in SIP)

RFC 8224 is the IETF specification that defines the Identity SIP header for cryptographically signing the asserted caller-ID. It is the foundation of STIR/SHAKEN.

What it specifies

RFC 8224 obsoletes RFC 4474. It defines:

The Identity header field syntax (a JWS-signed token).
The info parameter (URL to the signing certificate).
How to canonicalize the SIP request before signing (so intermediaries don't break the signature).
How verifying entities fetch the cert, verify the JWS, and act on the result.

Required headers in the signed payload

{
  "alg": "ES256",
  "ppt": "shaken",       // RFC 8588: the SHAKEN PASSporT extension
  "typ": "passport",
  "x5u": "https://cert.didhub.io/shaken.crt"
}
{
  "attest": "A",         // attestation level
  "dest":   { "tn": ["15557654321"] },
  "iat":    1700000000,
  "orig":   { "tn": "15551234567" },
  "origid": "abc123"     // unique call ID, for trace-back
}

Companion RFCs

Related terms

STIR/SHAKEN

Attestation Levels (A, B, C)

SIP INVITE

Ready to get a number?

Pick a DID in 130+ countries from $1.99/month. Activates instantly on most numbers.

Browse numbers Talk to sales