Trust governance — within-jurisdiction policies, enforcement, and cross-border frameworks
Trust frameworks for caller authentication are technical artifacts — protocols, certificates, signatures — but they only function within governance arrangements that decide who can participate, how they prove their entitlement to participate, and what happens when they violate the rules. The technical specification is one layer; the governance arrangement that operationalizes it is another. This section covers the second layer.
The scope is broader than it might initially seem. STIR/SHAKEN governance includes the obvious — STI-GA, STI-PA, the certificate authority hierarchy — but it also includes the regulatory accountability layer (the FCC’s caller-ID authentication rulemakings), the participation administration layer (RMD, Form 499, RespOrg, STI-PA service-provider accounts), the jurisdictional analogs in other countries (Canada’s CST-GA, deployments in France and other jurisdictions), and the cross-border coordination layer (the ITU-T trust-framework work, CB-TACL, the MoUs that allow trust to flow between jurisdictions). All of these together constitute trust governance.
I work across most of these layers. I co-chair the US STI-GA Technical Committee. I edit the E.RAA4Q.TSCA recommendation in ITU-T SG2; in SG11, I edit Q.VoIP-CLI, which I proposed as a new work item, and contribute text to Q.TSCA. I co-chair the CFCA Telecom Trust Working Group with Guy Pearson, where messaging-trust work is a particular focus. The framing here is from inside the work.
┌───────────────────────────────────────────────────────────┐
│ CROSS-BORDER COORDINATION LAYER │
│ │
│ ATIS IP-NNI Joint Task Force (ATIS-1000087.v002) │
│ Bilateral MoUs (e.g., STI-GA ↔ CST-GA for US–Canada) │
│ ITU-T SG2/SG11/SG17 (E.RAA4Q.TSCA, Q.TSCA, CB-TACL) │
└───────┬─────────────────────┬─────────────────────┬───────┘
│ │ │
▼ ▼ ▼
┌───────────────┐ ┌───────────────┐ ┌───────────────┐
│ UNITED STATES │ │ CANADA │ │ OTHERS │
│ │ │ │ │ │
│ FCC │ │ CRTC │ │ France, UK, │
│ STI-GA │ │ CST-GA │ │ etc., at │
│ STI-PA │ │ Canadian PA │ │ various │
│ RMD, Form 499 │ │ │ │ deployment │
│ NANC/CATA │ │ │ │ stages │
│ RespOrg │ │ │ │ │
└───────────────┘ └───────────────┘ └───────────────┘
WITHIN-JURISDICTION GOVERNANCE — one stack per country
Within-jurisdiction governance
Each national trust framework has its own participation rules, enforcement mechanisms, and regulatory authority. The US framework is the most developed because the FCC has been most aggressive in mandating deployment, but other jurisdictions have analogous arrangements and the comparison is illuminating.
United States
The US framework’s institutional history runs through two governance bodies whose work this section catalogs separately. The FCC Robocall Strike Force (2016-2017) is where STIR and SHAKEN were combined into a single industry-endorsed framework with regulatory weight. The NANC Call Authentication Trust Anchor Working Group (2018-2024) then produced the consensus reports that established the STI-GA, defined SHAKEN best practices, and provided the substantive analysis behind nearly every major FCC caller-authentication rulemaking that followed. NANC was not rechartered in 2025; CATA dissolved with it. The reports remain authoritative.
The FCC’s caller-ID authentication rulemaking proceeding (WC Docket 17-97) has now produced eight Reports and Orders, with each successive R&O tightening the participation rules. The Robocall Mitigation Database (RMD) is the registry where all US voice service providers must file robocall mitigation plans; ejection from the RMD effectively cuts a provider off from authorized SHAKEN participation, and as of late 2025 the FCC has been actively pruning deficient RMD certifications. Form 499 filings establish a provider’s identity and revenue base for FCC purposes, and they’re a prerequisite for STI-PA registration. STI-PA service-provider accounts are the operational bridge between FCC registration and SHAKEN certificate issuance — the mechanism by which a provider proves its FCC-recognized status when obtaining authority tokens for ACME-based certificate issuance. RespOrg participation is the toll-free number administration regime, which intersects with SHAKEN through ATIS-1000093 and through the question of whose attestation applies when calls originate under toll-free numbers.
Canada
The CRTC has mandated SHAKEN deployment through proceedings paralleling the FCC’s. The Canadian Secure Token Governance Authority (CST-GA) plays the role analogous to the US STI-GA, and the Canadian PA is the operational counterpart to the US STI-PA. The CRTC procedures for handling provider compliance issues differ from the FCC’s; that comparison is its own subject.
France and other international deployments
International SHAKEN deployment has been advancing in parallel, with national regulators making their own decisions about whether and how to mandate caller authentication. France is one of the earlier candidate deployments and the contours of French regulatory engagement with the framework are worth tracking specifically; other European jurisdictions, the UK, and several Asian markets have parallel work in progress at varying stages.
Per-country pages will cover each jurisdiction’s specifics. The US apparatus has the most surface area to document — RMD, Form 499, STI-PA, RespOrg — and those pages will go first.
Cross-border frameworks
Trust frameworks designed for one jurisdiction don’t naturally interoperate with another. The cross-border layer is where the work happens to make them coordinate.
The primary work is at the ATIS/SIP Forum IP-NNI Joint Task Force, where the cross-border architecture for SHAKEN was developed, and the primary specification is ATIS-1000087.v002 — Initial Cross-Border SHAKEN — which defines the certificate format, the trust-anchor list mechanics, and the operational arrangements that let a SHAKEN-signed call cross from one national framework to another and have the signature accepted on the receiving side. The version reference matters; v002 is the current operational version and earlier drafts predate the deployment work.
The primary deployed instance is US–Canada. The STI-GA and CST-GA signed an MoU — the first bilateral arrangement of its kind — coordinating US and Canadian SHAKEN so that providers can sign calls in one country and have the signature accepted in the other. The MoU is the governance instrument; ATIS-1000087.v002 is the technical specification that makes the arrangement executable. Similar bilateral arrangements may emerge as other jurisdictions deploy.
The ITU-T work on cross-border trust is derivative of and aligns with the ATIS framework. Study Group 2 covers numbering and addressing; Study Group 11 covers signalling; Study Group 17 covers security. Trust-framework work touches all three. Relevant recommendations include E.RAA4Q.TSCA (SG2, in development) and Q.TSCA (SG11, in development); SG17 hosted a March 2026 Geneva workshop on trustable and interoperable digital identities (for humans and agentic AI) that is producing follow-up work. Two ITU-T terms travel widely in this space — the TSCA tradition (Trust Service for Caller Authentication) provides a portable vocabulary for cross-border trust services, and CB-TACL (Cross-Border Trust Anchor Certificate List) is the ITU-T term for the trust-anchor exchange concept. Both point back to the ATIS-1000087.v002 framework for the underlying governance and trust-list mechanics.
Where this fits
This section bridges STIR/SHAKEN — the technical framework — into the broader policy and enforcement layer that determines what the framework actually does in deployment. The technical specifications are tractable; the jurisdictional politics are not. This section tries to be clear about which is which.
The honest framing: most of the unresolved questions in caller-authentication trust live at the governance layer rather than the protocol layer. A protocol can be designed in eighteen months; a multi-jurisdiction governance arrangement can take a decade.
In this section
-
Do Not Originate (DNO)
A reference description of Do Not Originate as it operates today — the categories of numbers eligible for inclusion, the list sources that maintain those numbers, the operational pattern providers use to scrub against the lists, and the regulatory framework that codifies the obligation. DNO is structurally a default-deny mechanism on calling-number provenance — distinct from caller-ID authentication, distinct from analytics-based blocking, and orthogonal to STIR/SHAKEN. Two tiers compose the eligibility model — numbers that structurally cannot originate (invalid, unallocated, unassigned) and numbers that can originate but the assigned holder has declared they won't.
-
FCC current rulemaking on caller identity, KYC, and KYUP
Three FCC items currently shape the regulatory trajectory of the caller-identity authentication framework. The Ninth Further Notice of Proposed Rulemaking (October 2025) proposes verified caller name via STIR/RCD and asks whether legacy CNAM should be deprecated. The KYC Further Notice of Proposed Rulemaking (April 30, 2026) proposes one rule — per-call penalties for KYC violations — and asks many questions about customer-information collection, verification, and retention. The KYUP Further Notice of Proposed Rulemaking (scheduled to be voted May 20, 2026) proposes a host of due-diligence rules on voice service providers, alongside attestation-standard codification and STIR/SHAKEN loophole-closing. Together these items map the FCC's current direction — tightening accountability at originating-provider, upstream-provider, and content-presentation layers simultaneously. This page summarizes each, with status and what to expect next.
-
FCC Robocall Strike Force — the moment STIR and SHAKEN became one framework
The FCC Robocall Strike Force, convened by Chairman Tom Wheeler in 2016 and chaired by AT&T CEO Randall Stephenson, is where the technical work that became STIR/SHAKEN moved from parallel standards efforts at the IETF and the ATIS/SIP Forum IP-NNI Joint Task Force into a unified, industry-endorsed framework with regulatory weight. The framework convergence had happened a year earlier, at an FCC workshop in September 2015 where Jon Peterson and I recommended bringing STIR and SHAKEN together; the Strike Force's two phases — the 60-day sprint that produced the October 2016 Initial Report and the six-month follow-up that produced the April 2017 status report — formalized that combination as US industry policy and accelerated the standards delivery to a deployable timeline. Everything in current US caller-authentication deployment traces through these reports.
-
NANC CATA — the working group that established the US STI-GA, edited a decade of caller-authentication policy reports, and was shut down in 2025
The Call Authentication Trust Anchor (CATA) Working Group of the North American Numbering Council (NANC) is where US caller-authentication governance got worked out from 2018 onward. The CATA WG's foundational May 2018 report established the STI-GA and STI-PA structure for SHAKEN deployment; subsequent CATA reports through 2024 produced the policy substrate for nearly every major FCC caller-authentication rulemaking — best practices for implementation, terminating provider handling, robocall mitigation outside the US, foreign-originated calls, international cellular roaming, direct access to numbers by interconnected VoIP providers. NANC was not rechartered in 2025; CATA dissolved with it. The reports remain. I was a participant and edited every CATA WG report; this page catalogs the body of work and why it still matters even after the institutional venue is gone.
-
Robocall Mitigation Database (RMD) — the US registry, the operational blocking lever, and the enforcement turn
The Robocall Mitigation Database is the registry that operationalizes US caller-authentication compliance — the FCC's mechanism for binding a provider's regulatory status to its ability to send traffic into the US phone network. Established by the FCC's Second Caller ID Authentication Report and Order in September 2020 and codified at 47 CFR § 64.6305, the RMD requires every voice service provider, gateway provider, and non-gateway intermediate provider to file a certification of STIR/SHAKEN implementation status alongside a robocall mitigation plan. Removal from the RMD cuts a provider off from the network — intermediate and terminating providers are forbidden from accepting traffic from a delisted source. The 2024–2025 enforcement turn under Chairman Carr has made this lever operational in a way it wasn't before, with over 1,200 providers removed in August 2025 and a first-of-its-kind national-security-grounded action against three Chinese providers in December 2025. This page covers what the RMD requires, how the blocking mechanism works, how the requirements have grown across successive rulemakings, and where current enforcement sits.
Planned
- sti-pa-participation · how US service providers establish STI-PA accounts and obtain certificates
- resp-org · RespOrg participation rules and toll-free number administration
- canada-cst-ga · the Canadian Secure Token Governance Authority and CRTC procedures
- france-stir-shaken · France as a candidate for international STIR/SHAKEN deployment
- itu-t-trust-frameworks · the work in SG2, SG11, and SG17
- cb-tacl · the Cross-Border Trust Anchor Certificate List architecture
- q-tsca · the Trust Service for Caller Authentication tradition (and Q.VoIP-CLI)
- sti-ga-cst-ga-mou · the US/Canada coordination memorandum
- jurisdictional-trust · how trust frameworks designed for one regulator interoperate with another