<?xml version="1.0" encoding="UTF-8"?>
<reference anchor="I-D.ietf-stir-certificate-transparency" target="https://datatracker.ietf.org/doc/html/draft-ietf-stir-certificate-transparency-02">
   <front>
      <title>STI Certificate Transparency</title>
      <author initials="C." surname="Wendt" fullname="Chris Wendt">
         <organization>Somos, Inc.</organization>
      </author>
      <author initials="R." surname="Śliwa" fullname="Robert Śliwa">
         <organization>Somos, Inc.</organization>
      </author>
      <author initials="A." surname="Fenichel" fullname="Alec Fenichel">
         <organization>TransNexus</organization>
      </author>
      <author initials="V. A." surname="Gaikwad" fullname="Vinit Anil Gaikwad">
         <organization>Twilio</organization>
      </author>
      <date month="May" day="18" year="2026" />
      <abstract>
	 <t>   This document describes a framework for the use of the Certificate
   Transparency (CT) protocol for publicly logging the existence of
   Secure Telephone Identity (STI) certificates as they are issued or
   observed.  This allows any interested party that is part of the STI
   eco-system to audit STI certification authority (CA) activity and
   audit both the issuance of suspect certificates and the certificate
   logs themselves.  The intent is for the establishment of a level of
   trust in the STI eco-system that depends on the verification of
   telephone numbers requiring and refusing to honor STI certificates
   that do not appear in a established log.  This effectively
   establishes the precedent that STI CAs must add all issued
   certificates to the logs and thus establishes unique association of
   STI certificates to an authorized provider or assignee of a telephone
   number resource.  The primary role of CT in the STI ecosystem is for
   verifiable trust in the avoidance of issuance of unauthorized
   duplicate telephone number level delegate certificates or provider
   level certificates.  This provides a robust auditable mechanism for
   the detection of unauthorized creation of certificate credentials for
   illegitimate spoofing of telephone numbers or service provider codes
   (SPC).

   The framework borrows the log structure and API model from RFC6962 to
   enable public auditing and verifiability of certificate issuance.
   While the foundational mechanisms for log operation, Merkle Tree
   construction, and Signed Certificate Timestamps (SCTs) are aligned
   with RFC6962, this document contextualizes their application in the
   STIR eco-system, focusing on verifiable control over telephone number
   or service provider code resources.

	 </t>
      </abstract>
   </front>
   <seriesInfo name="Internet-Draft" value="draft-ietf-stir-certificate-transparency-02" />
   
</reference>
