IETF Logo Mail Archive

Re: [pcp] Fwd: New Version Notification for draft-chen-pcp-authentication-sim-00.txt

"Tirumaleswar Reddy (tireddy)" <tireddy@cisco.com> Tue, 12 August 2014 08:22 UTC

Return-Path: <tireddy@cisco.com>
X-Original-To: pcp@ietfa.amsl.com
Delivered-To: pcp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 892E21A0786 for <pcp@ietfa.amsl.com>; Tue, 12 Aug 2014 01:22:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -15.169
X-Spam-Level:
X-Spam-Status: No, score=-15.169 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.668, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ss8kY1b2Uifu for <pcp@ietfa.amsl.com>; Tue, 12 Aug 2014 01:22:17 -0700 (PDT)
Received: from rcdn-iport-3.cisco.com (rcdn-iport-3.cisco.com [173.37.86.74]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 580101A0787 for <pcp@ietf.org>; Tue, 12 Aug 2014 01:22:17 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=8528; q=dns/txt; s=iport; t=1407831737; x=1409041337; h=from:to:cc:subject:date:message-id: content-transfer-encoding:mime-version; bh=L8vq7m8YvHKsx/M7nazOW7LKI5Oh4xFH1JP8s8xrfKk=; b=DQSjB3qmOxx32Ys1BwA4r8sQWjdqsASU/7pAJcjmiyYAWxkf0df0s/QA q27soh8QQY6nt8FH+nX7n3SA+5WO2B2oQuEDhU85bUX2kbXUCzTaaNoXi 7WPCgW2lnsYTFuwdY0kI3mfV1A5/mLy6cuwEib+BcwGb2MqM5wSVmb+he M=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: Al4FAJDN6VOtJA2K/2dsb2JhbABagw1SVwSCdco5h0gBGXkWd4QDAQEBAwEjEUMCDAYBCBEBAgEBAQMCBg4PAwIEHxEUAQIGCQEEDgUIAYglAwkIDa5GkB4NhWwXgSyLYhGBfBYbDRKCYTaBHQWGD4sKhCWCOYIvg2SMcoYyghaBRmyBRw
X-IronPort-AV: E=Sophos;i="5.01,847,1400025600"; d="scan'208";a="346858896"
Received: from alln-core-5.cisco.com ([173.36.13.138]) by rcdn-iport-3.cisco.com with ESMTP; 12 Aug 2014 08:22:16 +0000
Received: from xhc-aln-x06.cisco.com (xhc-aln-x06.cisco.com [173.36.12.80]) by alln-core-5.cisco.com (8.14.5/8.14.5) with ESMTP id s7C8MGO0028503 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Tue, 12 Aug 2014 08:22:16 GMT
Received: from xmb-rcd-x10.cisco.com ([169.254.15.68]) by xhc-aln-x06.cisco.com ([173.36.12.80]) with mapi id 14.03.0195.001; Tue, 12 Aug 2014 03:22:16 -0500
From: "Tirumaleswar Reddy (tireddy)" <tireddy@cisco.com>
To: GangChen <phdgang@gmail.com>
Thread-Topic: [pcp] Fwd: New Version Notification for draft-chen-pcp-authentication-sim-00.txt
Thread-Index: Ac+2BoRCxJsrb9eURWOB+QjX5Ikuxg==
Date: Tue, 12 Aug 2014 08:22:16 +0000
Message-ID: <913383AAA69FF945B8F946018B75898A2831450C@xmb-rcd-x10.cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.21.89.152]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: http://mailarchive.ietf.org/arch/msg/pcp/Drh1qZGqmxHGovnnpQHdwpiTngE
Cc: "pcp@ietf.org" <pcp@ietf.org>
Subject: Re: [pcp] Fwd: New Version Notification for draft-chen-pcp-authentication-sim-00.txt
X-BeenThere: pcp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: PCP wg discussion list <pcp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pcp>, <mailto:pcp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/pcp/>
List-Post: <mailto:pcp@ietf.org>
List-Help: <mailto:pcp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pcp>, <mailto:pcp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 12 Aug 2014 08:22:25 -0000

> -----Original Message-----
> From: GangChen [mailto:phdgang@gmail.com]
> Sent: Tuesday, August 12, 2014 11:43 AM
> To: Tirumaleswar Reddy (tireddy)
> Cc: pcp@ietf.org
> Subject: Re: [pcp] Fwd: New Version Notification for draft-chen-pcp-
> authentication-sim-00.txt
> 
> Hi Tiru,
> 2014-08-08 19:00 GMT+08:00, Tirumaleswar Reddy (tireddy)
> <tireddy@cisco.com>:
> >> -----Original Message-----
> >> From: GangChen [mailto:phdgang@gmail.com]
> >> Sent: Friday, August 08, 2014 12:32 PM
> >> To: Tirumaleswar Reddy (tireddy)
> >> Cc: pcp@ietf.org
> >> Subject: Re: [pcp] Fwd: New Version Notification for draft-chen-pcp-
> >> authentication-sim-00.txt
> >>
> >> 2014-08-01 1:32 GMT+08:00, Tirumaleswar Reddy (tireddy)
> >> <tireddy@cisco.com>:
> >> >> -----Original Message-----
> >> >> From: GangChen [mailto:phdgang@gmail.com]
> >> >> Sent: Wednesday, July 23, 2014 5:17 PM
> >> >> To: Tirumaleswar Reddy (tireddy)
> >> >> Cc: pcp@ietf.org
> >> >> Subject: Re: [pcp] Fwd: New Version Notification for
> >> >> draft-chen-pcp- authentication-sim-00.txt
> >> >>
> >> >> 2014-07-21 22:17 GMT+08:00, Tirumaleswar Reddy (tireddy)
> >> >> <tireddy@cisco.com>:
> >> >> >> -----Original Message-----
> >> >> >> From: GangChen [mailto:phdgang@gmail.com]
> >> >> >> Sent: Friday, July 04, 2014 3:41 PM
> >> >> >> To: pcp@ietf.org
> >> >> >> Subject: [pcp] Fwd: New Version Notification for
> >> >> >> draft-chen-pcp-authentication-
> >> >> >> sim-00.txt
> >> >> >>
> >> >> >> WG,
> >> >> >>
> >> >> >> I have submitted a draft to describe the consideration of PCP
> >> >> >> authentication with (U)SIM support. The process is detailed in
> >> >> >> EAP and GBA framework.
> >> >> >
> >> >> > Interesting draft. This solves the problem that for PCP
> >> >> > authentication to work in Mobile networks, PCP client does not
> >> >> > have use username and password but only use SIM credentials
> >> >> > (EAP-SIM).  Other operators like Deutsche-Telekom are already
> >> >> > using SIM authentication for ISP offered services (Slide 11
> >> >> > http://www.gsma.com/personaldata/wp-
> >> content/uploads/2014/03/OpenID-
> >> >> Con
> >> >> > nect-at-Deutsche-Telekom-Torsten-Lodderstedt.pdf)
> >> >>
> >> >> Thank you for the comments. I would like to further highlight the
> >> >> technical advantage using GBA to PCP. The thought is to leverage
> >> >> the deployed GBA infrastructure. AFAIK, GBA is indispensable to
> >> >> the mobile operators, who like to offer voice service in the LTE
> >> >> age. It's low-cost and lightweight implementation to the PCP
> >> >> server.(only one simply message extension makes it work, as draft
> >> >> proposed at Section 3).
> >> >
> >> > The other technique mentioned in the draft is using HTTP
> >> > authentication
> >> and
> >> > not EAP.
> >> >
> >> > 1. what is the need for this mechanism when EAP-SIM can be used ?
> >>
> >> EAP requires layer 2 support. However, if a user directly use 3GPP
> >> radio link, it can't support the EAP framework.
> >
> > I don't see a problem. EAP-SIM will be exchanged over PCP i.e. EAP
> > messages will be sent in the EAP Payload option defined in PCP
> authentication draft.
> 
> The issue is EAP is out of 3GPP-access security architecture. Please refer to
> 33.401 which describes the security framework of 3GPP access, e.g. 3G, 4G.
> 
> EAP is normally used at non-3GPP access, you could refer to 33.402.
> It's applied to WLAN access.

The mechanism used for 3GPP-access could be quite different to the one used to authenticate to PCP server, it need not be the same. Can you please provide more technical details why mobile devices and PCP server cannot use EAP-SIM or some other EAP method over PCP to authenticate to the PCP server in the Mobile network ?

-Tiru

> 
> BRs
> 
> Gang
> > -Tiru
> >
> >>
> >> Gang
> >>
> >>
> >> > 2. It deviates from REQ-6 of fate sharing
> >> > http://tools.ietf.org/html/draft-reddy-pcp-auth-req-04 that was
> >> > discussed
> >> in
> >> > the WG sometime back.
> >> >
> >> > -Tiru
> >> >
> >> >>
> >> >> BRs
> >> >>
> >> >> Gang
> >> >>
> >> >>
> >> >> >
> >> >> > -Tiru
> >> >> >
> >> >> >> Thank you for the comments in advance.
> >> >> >>
> >> >> >> Best Regards
> >> >> >>
> >> >> >> Gang
> >> >> >>
> >> >> >> ---------- Forwarded message ----------
> >> >> >> From: internet-drafts@ietf.org
> >> >> >> Date: Fri, 04 Jul 2014 03:03:05 -0700
> >> >> >> Subject: New Version Notification for
> >> >> >> draft-chen-pcp-authentication-sim-00.txt
> >> >> >> To: Gang Chen <phdgang@gmail.com>
> >> >> >>
> >> >> >>
> >> >> >> A new version of I-D, draft-chen-pcp-authentication-sim-00.txt
> >> >> >> has been successfully submitted by Gang Chen and posted to the
> >> >> >> IETF repository.
> >> >> >>
> >> >> >> Name:		draft-chen-pcp-authentication-sim
> >> >> >> Revision:	00
> >> >> >> Title:		(U)SIM based PCP Authentication
> >> >> >> Document date:	2014-07-03
> >> >> >> Group:		Individual Submission
> >> >> >> Pages:		8
> >> >> >> URL:
> >> >> >> http://www.ietf.org/internet-drafts/draft-chen-pcp-authenticati
> >> >> >> on-sim
> >> >> >> -00.txt
> >> >> >> Status:
> >> >> >> https://datatracker.ietf.org/doc/draft-chen-pcp-authentication-
> >> >> >> sim/
> >> >> >> Htmlized:
> >> >> >> http://tools.ietf.org/html/draft-chen-pcp-authentication-sim-00
> >> >> >>
> >> >> >>
> >> >> >> Abstract:
> >> >> >>    With (U)SIM support, PCP authentication could leverage the
> >> >> >>    credentials stored in (U)SIM.  The document details PCP
> >> >> >>    authentication considerations based on (U)SIM support.  The
> >> >> >>    authentication procedures in EAP and GBA framework have been
> >> >> >>    specifically elaborated.  In order to complete the process,
> >> >> >> new code
> >> >> >>    and option are also proposed.
> >> >> >>
> >> >> >>
> >> >> >>
> >> >> >>
> >> >> >> Please note that it may take a couple of minutes from the time
> >> >> >> of submission until the htmlized version and diff are available
> >> >> >> at tools.ietf.org.
> >> >> >>
> >> >> >> The IETF Secretariat
> >> >> >>
> >> >> >
> >> >> >
> >> >
> >

v2.23.0 | Report a Bug | By Email