appliedbits
FIELD NOTES PUBLISHED
PUBLISHED 2026-05-24

STIR certificate transparency draft heads for Proposed Standard

IETF STIR WG announce  ·  Russ Housley (via IETF Datatracker)  ·  May 18, 2026  ·  source ↗

Russ Housley has requested publication of draft-ietf-stir-certificate-transparency-02 as a Proposed Standard, on behalf of the STIR working group. The request hit the STIR list on May 18 and moves the document to the next step in the IETF process; the datatracker entry tracks its state.

Disclosure: I’m one of the co-authors of this draft — so read what follows as an interested party’s note, not a neutral one.

Certificate transparency for STIR brings the same auditable-log idea that hardened the web PKI to the certificates underpinning SHAKEN call signing. If a STIR signing certificate is mis-issued or abused, transparency logs make that detectable rather than silent — a meaningful addition to the trust model now that attestation is load-bearing for caller ID.

STIR/SHAKEN’s soft spot has always been the certificate layer: who is allowed to sign, and whether anyone notices when the wrong party does. Transparency logging is exactly the kind of unglamorous plumbing that decides whether the system is actually trustworthy or merely deployed.

Tagsstir-shakencertificate-transparencyietf