Re: [802.21] Security SG: Scope issues (MIH-level Security)
Yoshi:
I though about your question. MIH level security implies two
aspects (1) entity authentication (and keys); (2) protection (encryption,
integrity protection).
Whether the protection can be achieved through transport level security
depends on whether we can de-couple the protection with authentication
(and keys). If the protection is applied through IPsec, the tunnel is
established through IKE (mutual authenticate by signature with PKI), will
this tunnel dedicate to MIH?
Authentication and key establishment are based on MIH trust model.
Transport level protection may not.
The question is coupling or de-coupling (1) and (2).
Lily
At 04:29 PM 12/18/2007, Yoshihiro Ohba wrote:
We had good discussion on scope
issues on SSOH (Security Signaling
Optimization during Handover) problem.
Let me start another thread to discuss scope issues on another
security-related problem, i.e., MIH-level security mechanisms
(MIHS).
Since MIHS has not been discussed much, we need more discussion so
that we can formulate MIHS part of PAR before January meeting.
Please state your opinion on the following issue by December 21
(Fri),
2007.
Issue: What are the use cases that require MIH-level security
instead
of transport-level security?
Best Regards,
Yoshihiro Ohba