[STDS-802-16] Cleaning up 802.16e security
Title: Message
All,
I think the input to
the security work went rather well. We got most of the underlying mechanisms in
the spec. Compare this with the time it took 802.11i to get to this stage. Of
course we had the benefit of their hindsight.
As some of us
discussed in the meeting, there are a few things to be done with the security
work but also there seems to be agreement that we need to identify and limit the
list of things we need to do, in order to bring the work to a
close.
My list of things to
be done is as follows:
EAP Key agreement
Generic Management Frame Protection
PKMv2 Key Hierarchy
PKMv2 Security State Machines
Test Vectors (for the crypto algorithms operating over
packets)
Vulnerability analysis/corrections
General clean up of the contributions that were accepted (we have LB14c for
that)
I have vague
memories of Jeff having another item for this list but its leaked from
my head.
I will try to
coordinate a consensus position on what the key heirarchy should be. So I'd
appreciate comment on it. Particularly from anyone who disliked the current
proposal enough to vote against it. I don't think the discussion in the meeting
shed much light on what the concerns were, since I still don't
know.
EAP Key agreement is
in a similar situation. Jeff provided text, but it didn't pass. Therefore any
input on what is needed to make it pass is welcome.
Anyone who can
commit to filling in other parts of the framework should declare their interest,
so people interested in contributing to the same areas can compare
notes.
Hopefully we can
reach some sort of consensus before the next meeting.
Regards,
DJ
�