RE: stds-80220-requirements: Network Access Requirements Sec. 4.1.16.1

["Chickinsky, Alan" <alan.chickinsky@ngc.com>]

Jim-

 

You appear to be crossing the line between upper layer protocols and the MAC layer.  Asking for a "lenge-response authentication" suggests that 802.20 MAC has a user interface.  It does not.  That is a layer 7 protocol. 

 

a. chickinsky

-----Original Message-----
From: Jim Tomcik [mailto:jtomcik@qualcomm.com]
Sent: Sunday, September 07, 2003 12:44 AM
To: stds-80220-requirements@ieee.org
Subject: stds-80220-requirements: Network Access Requirements Sec. 4.1.16.1

I thought this comment was put in previously.  Here it is...


The current text states:

A cryptographically generated challenge-response authentication mechanism for the user to authenticate the network and for the network to authenticate the user must be used.

I suggest that we change this to read:

A cryptographically generated challenge-response authentication mechanism for the network to authenticate the mobile station shall be used.  Mechanisms for the mobile station to authenticate the network shall be optional.

Rationale:
In section 4.1.16.1, the text seems to read that both authentication directions are required.  Since 802.20's scope is licensed operation, the likelihood and problems associated with rogue base stations (or rogue APs) is minimal.  The required direction for authentication is from network to mobile station, so that network security is maintained and theft-of-service for the license holder is minimized.

..................................................................................

                James D. Tomcik

                QUALCOMM, Incorporated

                (858) 658-3231 (Voice)

                (619) 890-9537 (Cellular)

                From:  San Diego, CA

                PGP: 5D0F 93A6 E99D 39D8 B024  0A9B 6361 ACE9 202C C780

..................................................................................