appliedbits
LIBRARY LIBRARY TOPIC
Last updated 2026-05-06 5 entries

Trust governance — within-jurisdiction policies, enforcement, and cross-border frameworks

Trust frameworks for caller authentication are technical artifacts — protocols, certificates, signatures — but they only function within governance arrangements that decide who can participate, how they prove their entitlement to participate, and what happens when they violate the rules. The technical specification is one layer; the governance arrangement that operationalizes it is another. This section covers the second layer.

The scope is broader than it might initially seem. STIR/SHAKEN governance includes the obvious — STI-GA, STI-PA, the certificate authority hierarchy — but it also includes the regulatory accountability layer (the FCC’s caller-ID authentication rulemakings), the participation administration layer (RMD, Form 499, RespOrg, STI-PA service-provider accounts), the jurisdictional analogs in other countries (Canada’s CST-GA, deployments in France and other jurisdictions), and the cross-border coordination layer (the ITU-T trust-framework work, CB-TACL, the MoUs that allow trust to flow between jurisdictions). All of these together constitute trust governance.

I work across most of these layers. I co-chair the US STI-GA Technical Committee. I edit the E.RAA4Q.TSCA recommendation in ITU-T SG2; in SG11, I edit Q.VoIP-CLI, which I proposed as a new work item, and contribute text to Q.TSCA. I co-chair the CFCA Telecom Trust Working Group with Guy Pearson, where messaging-trust work is a particular focus. The framing here is from inside the work.

      ┌───────────────────────────────────────────────────────────┐
      │              CROSS-BORDER COORDINATION LAYER              │
      │                                                           │
      │  ATIS IP-NNI Joint Task Force (ATIS-1000087.v002)         │
      │  Bilateral MoUs (e.g., STI-GA ↔ CST-GA for US–Canada)     │
      │  ITU-T SG2/SG11/SG17 (E.RAA4Q.TSCA, Q.TSCA, CB-TACL)      │
      └───────┬─────────────────────┬─────────────────────┬───────┘
              │                     │                     │
              ▼                     ▼                     ▼
      ┌───────────────┐     ┌───────────────┐     ┌───────────────┐
      │ UNITED STATES │     │    CANADA     │     │    OTHERS     │
      │               │     │               │     │               │
      │ FCC           │     │ CRTC          │     │ France, UK,   │
      │ STI-GA        │     │ CST-GA        │     │ etc., at      │
      │ STI-PA        │     │ Canadian PA   │     │ various       │
      │ RMD, Form 499 │     │               │     │ deployment    │
      │ NANC/CATA     │     │               │     │ stages        │
      │ RespOrg       │     │               │     │               │
      └───────────────┘     └───────────────┘     └───────────────┘

      WITHIN-JURISDICTION GOVERNANCE — one stack per country

Within-jurisdiction governance

Each national trust framework has its own participation rules, enforcement mechanisms, and regulatory authority. The US framework is the most developed because the FCC has been most aggressive in mandating deployment, but other jurisdictions have analogous arrangements and the comparison is illuminating.

United States

The US framework’s institutional history runs through two governance bodies whose work this section catalogs separately. The FCC Robocall Strike Force (2016-2017) is where STIR and SHAKEN were combined into a single industry-endorsed framework with regulatory weight. The NANC Call Authentication Trust Anchor Working Group (2018-2024) then produced the consensus reports that established the STI-GA, defined SHAKEN best practices, and provided the substantive analysis behind nearly every major FCC caller-authentication rulemaking that followed. NANC was not rechartered in 2025; CATA dissolved with it. The reports remain authoritative.

The FCC’s caller-ID authentication rulemaking proceeding (WC Docket 17-97) has now produced eight Reports and Orders, with each successive R&O tightening the participation rules. The Robocall Mitigation Database (RMD) is the registry where all US voice service providers must file robocall mitigation plans; ejection from the RMD effectively cuts a provider off from authorized SHAKEN participation, and as of late 2025 the FCC has been actively pruning deficient RMD certifications. Form 499 filings establish a provider’s identity and revenue base for FCC purposes, and they’re a prerequisite for STI-PA registration. STI-PA service-provider accounts are the operational bridge between FCC registration and SHAKEN certificate issuance — the mechanism by which a provider proves its FCC-recognized status when obtaining authority tokens for ACME-based certificate issuance. RespOrg participation is the toll-free number administration regime, which intersects with SHAKEN through ATIS-1000093 and through the question of whose attestation applies when calls originate under toll-free numbers.

Canada

The CRTC has mandated SHAKEN deployment through proceedings paralleling the FCC’s. The Canadian Secure Token Governance Authority (CST-GA) plays the role analogous to the US STI-GA, and the Canadian PA is the operational counterpart to the US STI-PA. The CRTC procedures for handling provider compliance issues differ from the FCC’s; that comparison is its own subject.

France and other international deployments

International SHAKEN deployment has been advancing in parallel, with national regulators making their own decisions about whether and how to mandate caller authentication. France is one of the earlier candidate deployments and the contours of French regulatory engagement with the framework are worth tracking specifically; other European jurisdictions, the UK, and several Asian markets have parallel work in progress at varying stages.

Per-country pages will cover each jurisdiction’s specifics. The US apparatus has the most surface area to document — RMD, Form 499, STI-PA, RespOrg — and those pages will go first.

Cross-border frameworks

Trust frameworks designed for one jurisdiction don’t naturally interoperate with another. The cross-border layer is where the work happens to make them coordinate.

The primary work is at the ATIS/SIP Forum IP-NNI Joint Task Force, where the cross-border architecture for SHAKEN was developed, and the primary specification is ATIS-1000087.v002Initial Cross-Border SHAKEN — which defines the certificate format, the trust-anchor list mechanics, and the operational arrangements that let a SHAKEN-signed call cross from one national framework to another and have the signature accepted on the receiving side. The version reference matters; v002 is the current operational version and earlier drafts predate the deployment work.

The primary deployed instance is US–Canada. The STI-GA and CST-GA signed an MoU — the first bilateral arrangement of its kind — coordinating US and Canadian SHAKEN so that providers can sign calls in one country and have the signature accepted in the other. The MoU is the governance instrument; ATIS-1000087.v002 is the technical specification that makes the arrangement executable. Similar bilateral arrangements may emerge as other jurisdictions deploy.

The ITU-T work on cross-border trust is derivative of and aligns with the ATIS framework. Study Group 2 covers numbering and addressing; Study Group 11 covers signalling; Study Group 17 covers security. Trust-framework work touches all three. Relevant recommendations include E.RAA4Q.TSCA (SG2, in development) and Q.TSCA (SG11, in development); SG17 hosted a March 2026 Geneva workshop on trustable and interoperable digital identities (for humans and agentic AI) that is producing follow-up work. Two ITU-T terms travel widely in this space — the TSCA tradition (Trust Service for Caller Authentication) provides a portable vocabulary for cross-border trust services, and CB-TACL (Cross-Border Trust Anchor Certificate List) is the ITU-T term for the trust-anchor exchange concept. Both point back to the ATIS-1000087.v002 framework for the underlying governance and trust-list mechanics.

Where this fits

This section bridges STIR/SHAKEN — the technical framework — into the broader policy and enforcement layer that determines what the framework actually does in deployment. The technical specifications are tractable; the jurisdictional politics are not. This section tries to be clear about which is which.

The honest framing: most of the unresolved questions in caller-authentication trust live at the governance layer rather than the protocol layer. A protocol can be designed in eighteen months; a multi-jurisdiction governance arrangement can take a decade.