Thread Links | Date Links | ||||
---|---|---|---|---|---|
Thread Prev | Thread Next | Thread Index | Date Prev | Date Next | Date Index |
It seems from today’s meeting that the general feeling was that if we want a PASN solution for Device ID, then option 2 was looked upon more favorably.
A question over option 2 is whether opaque ID is used, or must be used, or not. As far as the STA is concerned it makes no difference as it is entirely controlled by the AP/ESS.
In either case the OTA ID in msg 1 has to change every exchange and also the AP must provide a “new ID” every time in msg 2. I think we need to first sort out the opaque question CID so that we are on the same page as to when and how the AP uses the opaque ID.
Hence I suggest that before we again discuss device ID/PASN, we first settle on language to cover the opaque CID. As Jarkko pointed out the STA has no idea or input on this and I think that has to be clear. May I propose the following text as a starting point “An AP may allocate the Device ID in an opaque form. Then, if for any reason the non-AP STA sends that Device ID in an unencrypted frame, the underlining device identification is private (opaque) from third parties. The AP can use the procedure
in Annex Z, which affords the required security and privacy, to protect the device identification within a Device ID. NOTE: If the AP is allocating an identification that has external meaning (a username, account number, etc.), it may choose to allocate the Device ID in an opaque form.
If we have this text in place, I suggest it then gets easier to define the option 2 PASN method. Graham To unsubscribe from the STDS-802-11-TGBH list, click the following link: https://listserv.ieee.org/cgi-bin/wa?SUBED1=STDS-802-11-TGBH&A=1 |