----- Original Message -----
Sent: Wednesday, June 02, 2004 10:26
AM
Subject: Re: [STDS-802-16-MOBILE] [security]
Issue Resolution and Timeline
In particular, don't create a race condition. Those
messages necessary to enter the system prior to key exchange cannot be
encrypted.
Ken
Hi Jeff,
My comment is inlined.
2. Confidentiality of MAC management messages - what is the
specific reason we are considering it?
- It can be
computationally expensive for an SS.
- Geographic
privacy is anyway compromised by including SS-ID in RNG-REQ (and,
incidentally, Service Level Prediction in RNG-RSP "compromises" information
about network provisioning)
- If disclosure of
SSIds is really a concern, the SSIds could actually be left out from
EAP-Identity, REG-REQ, and possibly other msgs
Agree, not all MAC management messages need to be
encrypted. But confidentiality for certain types of MAC management
messages such as PKM EAP is needed.
- Jeff
Jeff Mandin
Security
Adhoc Chair
Thanks,
JH SONG