|
Hi Jeff,
My comment is inlined.
2. Confidentiality of MAC management messages - what is the
specific reason we are considering it?
- It can be
computationally expensive for an SS.
- Geographic
privacy is anyway compromised by including SS-ID in RNG-REQ (and,
incidentally, Service Level Prediction in RNG-RSP "compromises" information
about network provisioning)
- If disclosure of SSIds
is really a concern, the SSIds could actually be left out from EAP-Identity,
REG-REQ, and possibly other msgs
Agree, not all MAC management messages need to be
encrypted. But confidentiality for certain types of MAC management
messages such as PKM EAP is needed.
- Jeff
Jeff Mandin
Security Adhoc
Chair
Thanks,
JH SONG
|