Thread Links Date Links
Thread Prev Thread Next Thread Index Date Prev Date Next Date Index

Re: [STDS-802-16-MOBILE] [security] Issue Resolution and Timeline



Title:
In particular, don't create a race condition.  Those messages necessary to enter the system prior to key exchange cannot be encrypted.
 
Ken


From: owner-stds-802-16-mobile@LISTSERV.IEEE.ORG [mailto:owner-stds-802-16-mobile@LISTSERV.IEEE.ORG] On Behalf Of JunHyuk Song
Sent: Tuesday, June 01, 2004 6:02 PM
To: STDS-802-16-MOBILE@LISTSERV.IEEE.ORG
Subject: Re: [STDS-802-16-MOBILE] [security] Issue Resolution and Timeline

Hi Jeff,
 
My comment is inlined.

2.  Confidentiality of MAC management messages - what is the specific reason we are considering it?

    - It can be computationally expensive for an SS.

    - Geographic privacy is anyway compromised by including SS-ID in RNG-REQ (and, incidentally, Service Level Prediction in RNG-RSP "compromises" information about network provisioning)

    - If disclosure of SSIds is really a concern, the SSIds could actually be left out from EAP-Identity, REG-REQ, and possibly other msgs
Agree, not all MAC management messages need to be encrypted.  But confidentiality for certain types of MAC management messages such as PKM EAP is needed.
 

- Jeff

Jeff Mandin
Security Adhoc Chair
 
Thanks,
JH SONG