1. ACLI Configuration Guide
  2. SIP Signaling Services
  3. Diversion Info and History-Info Header Mapping
  4. Anonymization of History and Diversion Information

Anonymization of History and Diversion Information

The ESBC supports anonymization of entries for both History-Info and Diversion, independent of the interworking function. You configure this function separately from the interworking function. The ESBC applies anonymization rules as long as the circumstances meet all anonymization criteria. This anonymization configuration is global. For untrusted peers, the ESBC changes input header addresses to the anonymous SIP URI syntax sip:anonymous@anonymous.invalid.

This feature uses functionality independent of the IWF to confirm whether or not the remote target is trusted. The ESBC checks the session-agent trust mode. If the session-agent reports "trust-me", then assuming nothing else conflicts, the system trusts the agent. This functionality also refers to the IWF state.

If IWF is configured, the ESBC performs anonymization on the output generated after conversion per RFC 7544.

If IWF is not configured:

  • Remote peer trusted - The ESBC does not anonymize the History-Info header or Diversion header. The Privacy header field values in incoming History-Info or Diversion header of INVITE shall be used likewise in outgoing header.
  • Remote peer untrusted - The ESBC checks sip-config, anonymize-history-for-untrusted setting, introduced by this feature, to determine whether it should anonymize the entries in History-Info or Diversion headers with Privacy fields set to full/history. If anonymize-history-for-untrusted is configured, the ESBC anonymizes the input received in the initial INVITE.

The ESBC uses the following steps when it is sending messages to untrusted peer.

  1. Based on the mode set, do the conversion between headers.
  2. If mode is not set, check for History-Info and Diversion headers entries in outgoing message.
  3. For the entries where privacy value is other than "none" in History-Info and "off" in Diversion, anonymize the entries if anonymize-history-for-untrusted is set.
  4. For HI entries with a privacy value other than "none", and for diversion entries that have a privacy value other than "off", the ESBC does not anonymize entries if is not set.
  5. In case the entries have Privacy settings as "none" in History-Info or "off" in Diversion, do not anonymize the entries even if anonymize-history-for-untrusted is set.

If a privacy header is present in INVITE with value as "history" or "header" or "full" and the outgoing INVITE is going to untrusted remote side, then all the History-Info and Diversion entries shall be anonymized as per above section, given anonymize-history-for-untrusted is set.

The ESBC anonymizes all History-Info and Diversion entries regardless of the value of the privacy header of each History-Info or Diversion entry. If a privacy header with above values appears in incoming INVITE, every History-Info and Diversion entry will be anonymized.