Re: [STDS-802-16-MOBILE] [security] Issue Resolution and Timeline

[Ken Stanwood <kstanwood@CYGNUSCOM.COM>]

Title:

In particular, don't create a race condition.  Those messages necessary to enter the system prior to key exchange cannot be encrypted.

 

Ken

---

From: owner-stds-802-16-mobile@LISTSERV.IEEE.ORG [mailto:owner-stds-802-16-mobile@LISTSERV.IEEE.ORG] On Behalf Of JunHyuk Song
Sent: Tuesday, June 01, 2004 6:02 PM
To: STDS-802-16-MOBILE@LISTSERV.IEEE.ORG
Subject: Re: [STDS-802-16-MOBILE] [security] Issue Resolution and Timeline

Hi Jeff,

 

My comment is inlined.

2.  Confidentiality of MAC management messages - what is the specific reason we are considering it?

    - It can be computationally expensive for an SS.

    - Geographic privacy is anyway compromised by including SS-ID in RNG-REQ (and, incidentally, Service Level Prediction in RNG-RSP "compromises" information about network provisioning)

    - If disclosure of SSIds is really a concern, the SSIds could actually be left out from EAP-Identity, REG-REQ, and possibly other msgs

Agree, not all MAC management messages need to be encrypted.  But confidentiality for certain types of MAC management messages such as PKM EAP is needed.

 

- Jeff

Jeff Mandin
Security Adhoc Chair

 

Thanks,

JH SONG