Thank you for these resolutions, Dan. I have the following comments on
the spreadsheet:
|
CID
|
Page
|
Line
|
Clause
|
Comment
|
Proposed Change
|
Resolution
|
mgr Comments
|
|
6026
|
111.00
|
9
|
11.11.1
|
shared key authentication can also be used with a cached PMK
|
state that the rRK is necessary only when not doing PMK caching
|
revised: stated that what is shared is either an rRK from ERP or a PMK from a previous FILS authenciated connection.
|
Why does the PMK have to be from a FILS-authenticated connection? Why won't any old authenticated connection do?
|
|
6034
|
116.00
|
28
|
11.11.2.2.2
|
the procedure described in 11.11.2.2.2 reads as a long stream-of-consciousness and is hard to follow
|
rewrite the requriements so the steps are not so confusing
|
revised: enumerated process to make it easier to follow.
|
Enumerations introduced are a good start, but more could be done, specifically to address the "shall then"s
|
|
6668
|
117.00
|
39
|
11.11.2.3.2
|
Having || on the left of an equation is a bit weird and might lead to confusion
|
Define an intermediate value PTK and then use L(); see 1931.62 and 1939.23 of mc/D3.0 for inspiration
|
reject: this is not confusing as illustrated by the fact that the proposed change would restate the procedure identically, but differently. Obviously the commenter understands it.
|
The commenter does *not* understand the equation at the cited location to the extent of being sure what is intended, so as the commenter suggested, it is confusing, and should be
addressed as suggested by the commenter
|
|
6071
|
117.00
|
62
|
11.11.2.3.1
|
IKM is not defined
|
Define IKM
|
revised: key derivation has been rewritten into 2, one for shared key and one for public key.
|
Rewriting has reintroduced the "[|| ss]" which caused issues last time round
|
|
6075
|
118.00
|
39
|
11.11.2.3.1
|
PKT derivation is wrong (i.e., Snonce is missing; PMK should be the first argument; and context change)
|
Suggested change:
KCK || KEK || TK = KDF-X(PMK, "PTK Derivation", SPA ||AA || Snonce||Anonce)
|
accept
|
This will conflict with the resolution for CID 6803
|
|
6801
|
118.00
|
39
|
11.11.2.3.2
|
"SPA ||AA || ANonce" -- no SNonce?
|
Add "|| SNonce" before "|| ANonce" and add a space before "AA"
|
revised: SNonce was added after ANonce.
|
Why after? This seems inconsistent with nearby orderings
|
|
6683
|
123.00
|
27
|
11.11.2.5
|
"Each successive invocation of the encryption operation of GCM shall increment the AEAD counter by one (1). Processing of a received EAPOL-Key frame shall include verification that
the received frame contains a counter that is strictly greater than the counter in the last received EAPOL-key frame, and shall update its copy of the peer's AEAD counter in its PTKSA to the value of the AEAD counter in the received, and verified, frame."
-- this seems to be fragments of behaviour (e.g. missing is specification of what happens in the failure cases). It also seems to be potentially dangerous (you invoke encryption for some unexpected reason, and BAM! your AEAD counter gets incremented)
|
Move this stuff to more appropriate subclauses (maybe 11.11.2.4)
|
reject: this stuff is a component of the cipher mode and, as such, the section dealing with the specifics of the cipher mode is already the most appropriate subclause.
|
I don't understand how the proposed resolution addresses the comment. Where is the specfication of what happens in failure cases, for example?
|
|
6297
|
|
|
|
If FILS is about initial link setup, then why does there need to be any discussion of SA caching?
|
Delete all material related to xxKSA caching
|
reject: the TG voted in this text and disagree about its importance.
|
This is not a responsive resolution. A resolution needs to be provided which addresses the specific question in the comment. If, as the proposed resolution suggests, there was a
vote about this, then presumably there was prior discussion addressing the question, which the resolution needs to reference (specifically enough so that it can be found). See section 2.9.3 of 11/1625 for further information
|
I also have a number of comments on the Word document, which I attach.
Some are just editorial, but some are technical.
Regards,
Mark
--
Mark RISON, Standards Architect, WLAN English/Esperanto/Français
Samsung Cambridge Solution Centre Tel: +44 1223 434600
Innovation Park, Cambridge CB4 0DS Fax: +44 1223 434601
ROYAUME UNI WWW: http://www.samsung.com/uk
From: *** 802.11 TGai - Fast Initial Link Set-Up *** [mailto:STDS-802-11-TGAI@xxxxxxxx]
On Behalf Of Dan Harkins
Sent: 29 December 2014 22:33
To: STDS-802-11-TGAI@xxxxxxxxxxxxxxxxx
Subject: [STDS-802-11-TGAI] 11-14/1621r1 and 11-14/1622r0
I've uploaded 2 documents to mentor that address comments from section 11
that are assigned to me. 11-14/1621r1 is a spreadsheet with proposed resolutions
to the comments (some are accept, some are reject, and some are revised); and,
11-14/1622r0 is a submission proposing text changes to our draft for the CIDs in
11-14/1621r1 that are either accept or revised.
Please take a look, especially if you have and outstanding section 11 comment.
I'd like to get this on the agenda for Atlanta so comments in the next couple of
weeks will help ensure acceptable resolution to these CIDs.
best regards, and Happy New Year to everyone!
_______________________________________________________________________________
IF YOU WISH to be Removed from this reflector, PLEASE DO NOT send your request to this CLOSED reflector. We use this valuable tool to communicate on the issues at hand.
SELF SERVICE OPTION: Point your Browser to -
http://listserv.ieee.org/cgi-bin/wa?SUBED1=STDS-802-11-TGAI and then amend your subscription on the form provided. If you require removal from the reflector press the LEAVE button.
Further information can be found at:
http://www.ieee802.org/11/Email_Subscribe.html _______________________________________________________________________________
_______________________________________________________________________________
IF YOU WISH to be Removed from this reflector, PLEASE DO NOT send your request to this
CLOSED reflector. We use this valuable tool to communicate on the issues at hand.