stds-80220-requirements: Network Access Requirements Sec. 4.1.16.1
I thought this comment was put in previously. Here it
is...
The current text states:
A cryptographically generated
challenge-response authentication mechanism for the user to authenticate
the network and for the network to authenticate the user must be
used.
I suggest that we change this to read:
A cryptographically generated
challenge-response authentication mechanism for the network to
authenticate the mobile station shall be used. Mechanisms for the
mobile station to authenticate the network shall be optional.
Rationale:
In section 4.1.16.1, the text seems to read that both authentication
directions are required. Since 802.20's scope is licensed
operation, the likelihood and problems associated with rogue base
stations (or rogue APs) is minimal. The required direction for
authentication is from network to mobile station, so that network
security is maintained and theft-of-service for the license holder is
minimized.
..................................................................................
James
D. Tomcik
QUALCOMM,
Incorporated
(858)
658-3231 (Voice)
(619)
890-9537 (Cellular)
From:
San Diego, CA
PGP:
5D0F 93A6 E99D 39D8 B024 0A9B 6361 ACE9 202C C780
..................................................................................