Proposed solutions to comments on section 7

Slides:



Advertisements
Similar presentations
Doc.: IEEE /147March 2000 TGe SecuritySlide 1 The Status of TGe S Draft Text Jesse Walker Intel Corporation (503)
Advertisements

Doc.: IEEE /095r0 Submission January 2003 Dan Harkins, Trapeze Networks.Slide 1 Fast Re-authentication Dan Harkins.
Doc.: r0-I Submission July 22, 2003 Paul Lambert, Airgo NetworksSlide 1 Enabling Encryption in Hotspots by Decoupling the Privacy Field from.
Doc.: IEEE /0032r0 Submission NameAffiliationsAddressPhone Hitoshi MORIOKAAllied Telesis R&D Center Tenjin, Chuo-ku, Fukuoka
Doc.: IEEE /431r0 Submission July 2002 Carlos Rios, RiosTek LLC Slide 1 Pre-Shared Key RSN Extensions Enrollment, Authentication and Key Management.
Doc.: IEEE /0509r3 Submission Proposed Resolution to CID 72, 119 and 128 Qian ChenSlide 1 May 2014 Date:
Doc.: IEEE ai Submission Paul Lambert, Marvell TGai Discovery Proposal Author: Abstract Short high-level proposal for discovery techniques.
Doc.: IEEE /1378r0 Submission November 2008 Darwin Engwer, Nortel NetworksSlide 1 Improving Multicast Reliability Date: Authors:
Doc.:IEEE /0476r1 Submission Apr Santosh Pandey, Cisco SystemsSlide 1 Management Frame Policy Definition Authors: Date:
Doc.: IEEE /0100r2 Submission January 2010 Kazuyuki Sakoda, Sony CorporationSlide 1 MAC beaconing sync comment resolution Date: Authors:
Doc.: IEEE /0485r0 Submission May 2004 Jesse Walker and Emily Qi, Intel CorporationSlide 1 Management Protection Jesse Walker and Emily Qi Intel.
Doc.: IEEE /0448r0 Submission March, 2007 Srinivas SreemanthulaSlide 1 Joiint TGU : Emergency Identifiers Notice: This document has been.
Doc.: IEEE /0896r0 SubmissionJae Seung Lee, ETRISlide 1 Probe Request Filtering Criteria Date: July 2012.
Doc.: IEEE g Submission November, 2010 Roberto Aiello, ItronSlide 1 Project: IEEE P Working Group for Wireless Personal Area.
1 Example security systems n Kerberos n Secure shell.
Proposed solutions to comments on section 7
Authentication and Upper-Layer Messaging
PANA Discussion and Open Issues (draft-ietf-pana-pana-01.txt)
Wireless II.
PANA Issues and Resolutions
Security for location determination at a Public Domain
Management Frame Policy Definition
802.1X and key interactions Tim Moore November 2001
Pre-association Security Negotiation for 11az SFD Follow up
Directed Multicast Service (DMS)
doc.: IEEE xxx Bob Beach Symbol Technologies
Pre-association Security Negotiation for 11az SFD Follow up
Discussion on CID2199 Date: Authors: Jan 2014 Name Company
Enabling signal and enablement
Coexistence of Legacy & RSN STAs in Public WLAN
Pre-Association Security Negotiation (PASN) for 11az
WUR MAC Consideration Date: Authors: Nov 2016 Liwen Chu
Nancy Cam-Winget, Cisco Systems Inc
CID#102 - Channel Allocation
Proposed Modifications to e-D4.0 Direct Link Protocol
Jesse Walker and Emily Qi Intel Corporation
Security for Measurement Requests and Information
Directed Multicast Service (DMS)
Enabling signal and enablement
doc.: IEEE /454r0 Bob Beach Symbol Technologies
GCMP Restriction Date: Authors: January 2011 May 2010
TGi Security Agenda and Status
Management Frame Policy Definition
CID#89-Directed Multicast Service (DMS)
Channel Allocation March 2008 Authors: Date: Month Year
Roaming timings and PMK lifetime
Discussion on CID2199 Date: Authors: Jan 2014 Name Company
Mutliband-60GHz-Location-Capability-Publishing
Responses to Clause 5 Comments
TGai FILS: GAS/ANQP Signaling Reduction
11af architecture Date: Authors: May 2011 Month Year
Roaming timings and PMK lifetime
Roaming Improvements to TGe
CR for CID 1115 Date: Authors: May 2019
Month Year doc.: IEEE yy/xxxxr0 May 2006
Synchronization of Quiet Periods for Incumbent User Detection
MAC beaconing sync comment resolution
Link Adaptation Subfield for VHT
TGi Draft 1 Clause – 8.5 Comments
AP Connection Period in TDLS
Directed Multicast Service (DMS)
Congestion Control Comments Resolution
11ay Fast Association Authentication
TGi Draft 1 Clause – 8.5 Comments
11ay Fast Association Authentication
CR for CID 1115 Date: Authors: May 2019
Request for Legacy IE ID for RSN Extension
Enhancement of Low Power Medium Access STAs
Comment Resolution Motions
Patrick Worfolk (Kiwi Networks)
Presentation transcript:

Proposed solutions to comments on section 7

Minor comments Doc 294 Minor comments and resolutions Bad use of “shall” Incorrect cut and paste Not always saying only use ESN functionality if ESN capable Define ID numbers Better diagrams Not clear encrypting only data frames Description of usage of elements should be in section 5 not 7 NULL security to 0.0.0.0 and move rest down We do not mandate all ESN – make recommended not mandatory

Major comments Unspecified authentication Kerberos Optimization Which elements are in which messages How Multicast Ciphers are negotiated ESN without ULA

Unspecified authentication Use of unspecified authentication to allow 802.1X to decide WG discussed this before and there were deployments that it was useful for – reject

Kerberos optimization Information elements are optional, all authentication methods must run without the information elements. The elements defined are optimized for Kerberos

Beacon Client may optimize if supplied but if not can find out either via probe or associate/re-associate ASE optional UCSE optional MCSE optional Realm Name optional Principal Name optional

Probe Request Client asks for what it wants to optimize, a STA that is not ESN capable does not supply the elements in the response 802.11d Request Element containing ASE, UCSE, MCSE, Realm Name or Principal Name element IDs

Probe Response If ESN capable must supply whatever elements were asked for in Probe Req Request Element ASE optional UCSE optional MCSE optional Realm Name optional Principle Name optional

Associate Request ASE optional UCSE optional MCSE optional Left to other STA if not supplied UCSE optional MCSE optional Nonce optional Authentication methods must be able to handle not having them, but optimize the auth protocol

Associate Response ASE optional UCSE optional MCSE optional Must be supplied if defaults not correct and must be within request scope UCSE optional MCSE optional Realm Name optional Authentication methods must be able to handle not having them, but can be used to optimize the auth protocol Principle Name optional Nonce optional

Re-associate Request ASE optional UCSE optional MCSE optional Left to other STA if not supplied UCSE optional MCSE optional

Re-associate Response ASE optional Must be supplied if not defaults not correct and must be within request scope UCSE optional MCSE optional Realm Name optional Authentication methods must be able to handle not having them, but optimize the auth protocol Principle Name optional

UCSE/MCSE Each STA/STA pair can negotiate a different UCS The AP decides the MCS and forces all STAs to it (may be based on the first STA) If MCSE is not specified in response defaults to AES not to UCSE

ESN without ULA Should AES without ULA is allowed in ESN? E.g. For IBSS No allowed, need to support ULA within IBSS

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.