[{"name":"S2-184664","title":"LS from SA WG3: LS on AS Security Context Setup","source":"SA WG3","contact":"Noamen Ben Henda","contact-id":63310,"tdoctype":"LS in","for":"Action","abstract":"SA WG3 has discussed the conditions for setting up the AS security context in the gNB and observed that this depends on the type of the registration. If the registration does not require UP connection setup, SA WG3 assumes that the AS security context setup is not required unless there are other reasons for which AS security context setup is required. Action: SA WG3 kindly asks SA WG2 to confirm SA WG3's working assumption or clarify the scenarios for setting up AS security.","secretary_remarks":"Postponed S2-183091 from S2#127. A related CR was reviewed. Postponed","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":15370,"status":"postponed","reservation_date":"2018-05-04 06:13:09","uploaded":"2018-05-04 06:17:56","revisionof":"S2-183091","revisedto":"","release":"Rel-15","crspec":"","crspecversion":"","workitem":"","crnumber":"","crrevision":"","crcategory":"","tsg_crp":"","lsreplyto":"","lsto":"SA WG2","Cc":"RAN WG3","lsoriginalls":"S3-180986","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_127BIS_Newport_Beach\/Docs\/S2-184664.zip","group":"S2","meeting":"S2-127","year":2018,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-184674","title":"LS from CT WG1: LS on UE capability related to integrity protection of DRBs","source":"CT WG1","contact":"Lena Chaponniere","contact-id":38080,"tdoctype":"LS in","for":"Action","abstract":"CT WG1 thanks RAN WG2 for their LS on UE capability related to integrity protection of DRBs. CT WG1 would like to provide the following feedback: - It is up to SA WG2 to decide on the need for a UE capability to signal the maximum supported data rate per UE for integrity protection for the DRBs, and to specify how this capability is used by the 5G Core Network - If SA WG2 determines that such UE capability is needed and specifies its handling by the 5G Core Network, it is feasible for CT WG1 to define this UE capability to be signalled via NAS. Action: CT WG1 asks SA WG2 to decide whether a UE capability to signal the maximum supported data rate per UE for integrity protection for the DRBs is needed and to specify how this UE capability is used by the 5G Core Network.","secretary_remarks":"Postponed S2-184293 from S2#127. Related CRs were reviewed. Postponed","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":15410,"status":"postponed","reservation_date":"2018-05-04 06:13:09","uploaded":"2018-05-04 06:17:56","revisionof":"S2-184293","revisedto":"","release":"Rel-15","crspec":"","crspecversion":"","workitem":"","crnumber":"","crrevision":"","crcategory":"","tsg_crp":"","lsreplyto":"","lsto":"RAN WG2, SA WG2","Cc":"RAN WG3, SA WG3","lsoriginalls":"C1-182603","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_127BIS_Newport_Beach\/Docs\/S2-184674.zip","group":"S2","meeting":"S2-127","year":2018,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-184676","title":"LS from CT WG1: Reply LS on SoR mechanism","source":"CT WG1","contact":"Lalith Kumar","contact-id":60520,"tdoctype":"LS in","for":"Information","abstract":"CT WG1 thanks SA WG3 for their liaison statements on 'LS on SoR mechanism' (S3-180998\/ C1-182159). CT WG1 has analysed the SA WG3 LS and recognized the SoR procedure needs to change to not use any messages used for authentication procedure to convey the priority list to the roaming UE. However CT WG1 would like to take SA WG3 opinion, which of the below options are preferred by SA WG3, to give an indication to UE that 'list of preferred PLMN\/access technology combinations' will be sent to the UE: A. Use of parameter in authentication request to indicate the UE that the list of preferred PLMN\/access technology combinations are provided to the UE during initial registration procedure, as described in step 4 below (See 3GPP TS 23.122 Annex C.1 step 4, as copied below). If parameter indicates 'list of preferred PLMN\/access technology combinations' is sent, but UE did not receive during initial registration procedure, the UE understands that VPLMN has removed the list. 4) The HPLMN UDM deci","secretary_remarks":"Noted in parallel session","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":15730,"status":"noted","reservation_date":"2018-05-04 06:13:09","uploaded":"2018-05-04 06:17:56","revisionof":"","revisedto":"","release":"Rel-15","crspec":"","crspecversion":"","workitem":"","crnumber":"","crrevision":"","crcategory":"","tsg_crp":"","lsreplyto":"","lsto":"SA WG3","Cc":"CT WG6, SA WG2, CT WG3, SA WG1, SA WG3LI, CT WG4","lsoriginalls":"C1-182490","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_127BIS_Newport_Beach\/Docs\/S2-184676.zip","group":"S2","meeting":"S2-127","year":2018,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-184679","title":"LS from CT WG1: LS on modification of solution for PLMN and RAT selection policies for roaming based on SA WG2 comments","source":"CT WG1","contact":"Ivo Sedlacek","contact-id":41880,"tdoctype":"LS in","for":"Action","abstract":"CT WG1 would like to thank SA WG2 for LS S2-182723, containing SA WG2 comments on solution for 'PLMN and RAT selection policies for roaming'. CT WG1 agreed CR C1-182813 modifying the solution for 'PLMN and RAT selection policies for roaming'. CR C1-182813 attempts to address the comments raised by SA WG2 in LS S2-182723. Action: CT WG1 would like to ask SA WG2: - to specify the data indicated in C1-182813, that are not defined in Nudm_SDM service yet; and - to specify the Nudm_SDM_Info service operation.","secretary_remarks":"Postponed","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":15360,"status":"postponed","reservation_date":"2018-05-04 06:13:09","uploaded":"2018-05-04 06:17:56","revisionof":"","revisedto":"","release":"Rel-15","crspec":"","crspecversion":"","workitem":"","crnumber":"","crrevision":"","crcategory":"","tsg_crp":"","lsreplyto":"","lsto":"SA WG2","Cc":"CT WG6, SA WG3LI, SA WG3, CT WG3, SA WG1, CT WG4","lsoriginalls":"C1-182779","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_127BIS_Newport_Beach\/Docs\/S2-184679.zip","group":"S2","meeting":"S2-127","year":2018,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-184685","title":"LS from CT WG1: Reply LS on SoR mechanism","source":"CT WG1","contact":"Christian Herrero-Veron","contact-id":45210,"tdoctype":"LS in","for":"Information","abstract":"First of all, CT WG1 thank SA WG3-LI for their LS on SoR mechanism and the information provided. Secondly, CT WG1 would like to inform SA WG3-LI that CT WG1 have analyzed all information provided and decided not to use any message used for authentication procedure to convey the priority list to the roaming UE, and therefore avoiding any lawful interception (LI) incompatibility. Finally, CT WG1 have modified the solution (see attached CR) so that lawful interception (LI) incompatibilities are avoided.","secretary_remarks":"Noted in parallel session","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":15740,"status":"noted","reservation_date":"2018-05-04 06:13:10","uploaded":"2018-05-04 06:17:56","revisionof":"","revisedto":"","release":"Rel-15","crspec":"","crspecversion":"","workitem":"","crnumber":"","crrevision":"","crcategory":"","tsg_crp":"","lsreplyto":"","lsto":"SA WG3LI (SA3LI)","Cc":"SA WG1, SA WG2, SA WG3, TSG SA, CT WG3, TSG CT","lsoriginalls":"C1-182829","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_127BIS_Newport_Beach\/Docs\/S2-184685.zip","group":"S2","meeting":"S2-127","year":2018,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-184686","title":"LS from CT WG1: Reply LS on SoR mechanism","source":"CT WG1","contact":"Lalith Kumar","contact-id":60520,"tdoctype":"LS in","for":"Information","abstract":"CT WG1 thanks SA WG3 for their liaison statements on 'Reply LS on SoR mechanism' (S3-181501\/ C1-182701). CT WG1 has taken into account the SA WG3 feedback and agreed the attached solution.","secretary_remarks":"Noted in parallel session","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":15750,"status":"noted","reservation_date":"2018-05-04 06:13:10","uploaded":"2018-05-04 06:17:56","revisionof":"","revisedto":"","release":"Rel-15","crspec":"","crspecversion":"","workitem":"","crnumber":"","crrevision":"","crcategory":"","tsg_crp":"","lsreplyto":"","lsto":"SA WG3, CT WG6","Cc":"SA WG2, CT WG3, SA WG1, SA WG3LI, CT WG4","lsoriginalls":"C1-182830","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_127BIS_Newport_Beach\/Docs\/S2-184686.zip","group":"S2","meeting":"S2-127","year":2018,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-184696","title":"LS from RAN WG2: LS on reporting Integrity check failure for DRB to network","source":"RAN WG2","contact":"Sudeep Palat","contact-id":70099,"tdoctype":"LS in","for":"Information","abstract":"RAN WG2 is discussing integrity protection (IP) for DRBs in Standalone NR. UE can support integrity protection up to 64kb\/s or the max data rate supported by the UE based on UE capability. Integrity check can be activated at PDU session level, that is, for all DRBs within a PDU session in NR. RAN WG2 has already agreed that the UE will discard any received packet which failed DRB integrity verification check. The PDCP SN in the receiver is not updated for this DRB. RAN WG2 discussed whether it is necessary to report to the network when IP check failure is detected at the UE for a user plane packet but could not reach any consensus. IP verification may also fail due to residual error after CRC check and RAN WG2 has not discussed if it is feasible to identify the reason for the IP verification failure. RAN WG2 would like SA WG3's feedback on the following question(s): Question 1: Whether SA WG3 has a requirement for the UE reporting to the network when DRB integrity verification check fa","secretary_remarks":"Noted in parallel session","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":15340,"status":"noted","reservation_date":"2018-05-04 06:13:10","uploaded":"2018-05-04 06:17:56","revisionof":"","revisedto":"","release":"Rel-15","crspec":"","crspecversion":"","workitem":"","crnumber":"","crrevision":"","crcategory":"","tsg_crp":"","lsreplyto":"","lsto":"SA WG3","Cc":"SA WG2","lsoriginalls":"R2-1806490","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_127BIS_Newport_Beach\/Docs\/S2-184696.zip","group":"S2","meeting":"S2-127","year":2018,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-184699","title":"LS from RAN WG3: Reply LS on User Plane Security Policy","source":"RAN WG3","contact":"Philippe Godin","contact-id":68843,"tdoctype":"LS in","for":"Action","abstract":"RAN WG3 would like to thank SA WG2 for informing on the updates of user plane security policy. RAN WG3 would like to inform SA WG2 that RAN WG3 has implemented the changes corresponding to the user plane security enforcement information received by the NG-RAN node from the SMF as described in the CRs attached by SA WG2. RAN WG3 has agreed the two attached pCR for TS 38.413 and TS 38.423. Action: RAN WG3 kindly ask SA WG2 to take this into account.","secretary_remarks":"Noted in parallel session","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":15500,"status":"noted","reservation_date":"2018-05-04 06:13:10","uploaded":"2018-05-04 06:17:56","revisionof":"","revisedto":"","release":"Rel-15","crspec":"","crspecversion":"","workitem":"","crnumber":"","crrevision":"","crcategory":"","tsg_crp":"","lsreplyto":"","lsto":"SA WG2","Cc":"SA WG3","lsoriginalls":"R3-182437","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_127BIS_Newport_Beach\/Docs\/S2-184699.zip","group":"S2","meeting":"S2-127","year":2018,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-184705","title":"LS from SA WG3: Reply LS to LS on Secured Signalling-only connection","source":"SA WG3","contact":"Suresh Nair","contact-id":70166,"tdoctype":"LS in","for":"Action","abstract":"SA WG3 thanks TSG RAN for the LS (RP-180590\/S3-181121) 'LS on secured Signalling-only connection'. SA WG3 would like to point out that the current 5G AS SMC procedure as described in TS33.501 allows the setup of RRC security without the setup of DRBs. It is up to SA WG2 and RAN WG3 groups to identify the scenarios which need RRC signalling only connection and how to trigger AS security setup. SA WG3 will have to evaluate the security aspects of such scenarios. SA WG3 believes, based on analogy with LTE, that at least MDT reporting and RRC redirect, are scenarios that should not be allowed until after RRC security activation. SA WG3 assumes that all RRC signalling are protected except RRC messages which will be in the exception list in TS38.331. Action: SA WG3 kindly asks TSG RAN, RAN WG3, RAN WG2, SA WG2, WGs to take the above information in to account.","secretary_remarks":"Noted in parallel session","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":15510,"status":"noted","reservation_date":"2018-05-04 06:13:10","uploaded":"2018-05-04 06:17:56","revisionof":"","revisedto":"","release":"Rel-15","crspec":"","crspecversion":"","workitem":"","crnumber":"","crrevision":"","crcategory":"","tsg_crp":"","lsreplyto":"","lsto":"TSG RAN, RAN WG3, RAN WG2, SA WG2","Cc":"TSG SA","lsoriginalls":"S3-181451","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_127BIS_Newport_Beach\/Docs\/S2-184705.zip","group":"S2","meeting":"S2-127","year":2018,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-184706","title":"LS from SA WG3: Reply LS to LS on paging with IMMI\/SUCI in 5GS","source":"SA WG3","contact":"Suresh Nair","contact-id":70166,"tdoctype":"LS in","for":"Action","abstract":"SA WG3 thanks CT WG1 for the LS (C1-181791) 'LS on paging with IMSI\/SUCI in 5GS'. SA WG3 discussed the issue of paging the UE with its permanent identifier (in any form IMSI\/SUCI etc) in SA WG3#86 Bis in Busan and decided against it. Recent publications cite paging the UE with its permanent identifier as a security threat of tracking the UE and compromising subscriber privacy. SA WG3 recommends to page the UE only with its temperary identifier 5G-GUTI. Please also note that the current 5G specifications doesnot explicitly prohibit the UE to listen and respond to paging based on the permanent identifier. SA WG3 thinks it is better to explicitly state that UE shall respond to page only using 5G-GUTI in 5G network. Action: SA WG3 kindly asks CT WG1, SA WG2 to take the above information in to account.","secretary_remarks":"Noted in parallel session","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":15520,"status":"noted","reservation_date":"2018-05-04 06:13:10","uploaded":"2018-05-04 06:17:56","revisionof":"","revisedto":"","release":"Rel-15","crspec":"","crspecversion":"","workitem":"","crnumber":"","crrevision":"","crcategory":"","tsg_crp":"","lsreplyto":"","lsto":"CT WG1, SA WG2","Cc":"CT WG4","lsoriginalls":"S3-181452","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_127BIS_Newport_Beach\/Docs\/S2-184706.zip","group":"S2","meeting":"S2-127","year":2018,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-184707","title":"LS from SA WG3: LS on AUSF\/UDM instance selection and SUCI parameters","source":"SA WG3","contact":"Suresh Nair","contact-id":70166,"tdoctype":"LS in","for":"Action","abstract":"SA WG3 had discussion on AUSF\/UDM selection and SUCI parameters and would like to bring the attention of CT WG1, CT WG4 and SA WG2 few points on this. 1) AUSF\/UDM selection: In networks where multiple UDMs are deployed, a parameter in addition to the MNC+MCC is necessary for the selection of the correct UDM instance and routing the authentication request. SA WG3 expects this parameter to be in the clear for the proper routing. SA WG3 would like remind that AUSF\/UDM selection\/routing based on range value in the encrypted MSIN field is not feasible. 2) SUCI parameters: The new encrypted subscription identity SUCI needs special attention from various WGs. SUCI contains fields to represent e.g., Encryption Algorithm\/Curve identifier, Ephemeral Public key, Encrypted MSIN, MSIN MAC etc. For a complete list of parameters please refer to CR S3-181495, TS 33.501 Annex C.3.4. In addition to these fields, MCC, MNC and the UDM instance selection parameter need to be represented. Action: SA WG3 kin","secretary_remarks":"Response drafted in S2-185363. Final response in S2-186257","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":15540,"status":"replied to","reservation_date":"2018-05-04 06:13:10","uploaded":"2018-05-04 06:17:56","revisionof":"","revisedto":"","release":"Rel-15","crspec":"","crspecversion":"","workitem":"","crnumber":"","crrevision":"","crcategory":"","tsg_crp":"","lsreplyto":"","lsto":"CT WG1, SA WG2, CT WG4","Cc":"-","lsoriginalls":"S3-181494","lsreply":"S2-186257","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_127BIS_Newport_Beach\/Docs\/S2-184707.zip","group":"S2","meeting":"S2-127","year":2018,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-184708","title":"LS from SA WG3: Reply LS on SoR mechanism","source":"SA WG3","contact":"Rajavelsamy Rajadurai","contact-id":33521,"tdoctype":"LS in","for":"Information","abstract":"SA WG3 thanks CT WG1 for their liaison statements on 'LS on SoR mechanism' (S3-181477\/ C1-182490). As mentioned in the previous LS from SA WG3 (S3-180998\/ C1-182159) on this topic, SA WG3 recommends not to include any SoR signalling in the authentication procedure, so option A is excluded. Therefore, SA WG3 considers that option B (Use of USIM configuration) is more suitable. For option B, SA WG3 recommends to have an explicit indication in the USIM for SoR indication. SA WG3 would like to indicate to CT WG1 that, SA WG3 needs to work further on the security aspects of the CT WG1 agreed SoR mechanism. Therefore, SA WG3 would like to request CT WG1, to update SA WG3 once CT WG1 agrees on the SoR mechanism.","secretary_remarks":"Noted in parallel session","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":15760,"status":"noted","reservation_date":"2018-05-04 06:13:10","uploaded":"2018-05-04 06:17:56","revisionof":"","revisedto":"","release":"Rel-15","crspec":"","crspecversion":"","workitem":"","crnumber":"","crrevision":"","crcategory":"","tsg_crp":"","lsreplyto":"","lsto":"CT WG1","Cc":"CT WG6, SA WG2, CT WG3, SA WG1, SA WG3-LI, CT WG4","lsoriginalls":"S3-181501","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_127BIS_Newport_Beach\/Docs\/S2-184708.zip","group":"S2","meeting":"S2-127","year":2018,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-184709","title":"LS from SA WG3: LS on Not sending SUCI in response to a hash failure","source":"SA WG3","contact":"Adrian Escott","contact-id":24089,"tdoctype":"LS in","for":"Information","abstract":"SA WG3 have observed that it is unnecessary to include the UE identity in the NAS Security Mode Complete message when the check of the hash in the NAS Security Mode Command fails in the UE (see subclause 6.4.6 of TS 33.501). The reason for it being not necessary to send the UE identity is that that the correct UE has already been identified by the AMF if the security set-up between the UE and AMF succeeds. It may be beneficial not to send an identity as the SUCI parameter (when carrying a SUPI protected by a non-NULL scheme) will be significantly larger than a SUPI. Hence it would be efficient not to send it if it is not needed. SA WG3 also recognise that it may introduce additional complexity in defining the signalling to not send the SUCI. This complexity vs efficiency decision is better understood by CT WG1 than SA WG3, so SA WG3 leaves the decision on this to CT WG1. SA WG3 will align TS 33.501 with the decision that CT WG1 takes on sending a UE identity in response to a hash failu","secretary_remarks":"Noted in parallel session","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":15530,"status":"noted","reservation_date":"2018-05-04 06:13:10","uploaded":"2018-05-04 06:17:56","revisionof":"","revisedto":"","release":"Rel-15","crspec":"","crspecversion":"","workitem":"","crnumber":"","crrevision":"","crcategory":"","tsg_crp":"","lsreplyto":"","lsto":"CT WG1","Cc":"SA WG2","lsoriginalls":"S3-181545","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_127BIS_Newport_Beach\/Docs\/S2-184709.zip","group":"S2","meeting":"S2-127","year":2018,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-184764","title":"Handling of maximum supported data rate per UE for integrity protection","source":"Ericsson","contact":"Shabnam Sultana","contact-id":21207,"tdoctype":"CR","for":"Approval","abstract":"Summary of change: 'UE Integrity Protection Maximum Data Rate' added to the UE 5GSM Capability provided at PDU Session Establishment.   Capability for SMF to accept or reject a PDU Session Establishment request based on the 'UE Integrity Protection Maximum Data Rate'.  Provisoning of the 'UE Integrity Protection Maximum Data Rate' to RAN as part of UP setup","secretary_remarks":"Revised in parallel session, merging S2-184948, to S2-186100.","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":15420,"status":"revised","reservation_date":"2018-05-17 20:17:08","uploaded":"2018-05-22 12:49:04","revisionof":"","revisedto":"S2-186100","release":"Rel-15","crspec":23.501,"crspecversion":"15.1.0","workitem":[{"winame":"5GS_Ph1"}],"crnumber":334.0,"crrevision":"","crcategory":"F","tsg_crp":"","lsreplyto":"","lsto":"","Cc":"","lsoriginalls":"","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_127BIS_Newport_Beach\/Docs\/S2-184764.zip","group":"S2","meeting":"S2-127","year":2018,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-184765","title":"Handling of maximum supported data rate per UE for integrity protection","source":"Ericsson","contact":"Shabnam Sultana","contact-id":21207,"tdoctype":"CR","for":"Approval","abstract":"Summary of change: 'UE Integrity Protection Maximum Data Rate' added to the UE 5GSM Capability provided at PDU Session Establishment.   Capability for SMF to accept or reject a PDU Session Establishment request based on the 'UE Integrity Protection Maximum Data Rate'.  Provisoning of the 'UE Integrity Protection Maximum Data Rate' to RAN as part of UP setup","secretary_remarks":"Revised in parallel session, merging S2-184949, to S2-186101.","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":15440,"status":"revised","reservation_date":"2018-05-17 20:17:09","uploaded":"2018-05-22 12:49:04","revisionof":"","revisedto":"S2-186101","release":"Rel-15","crspec":23.502,"crspecversion":"15.1.0","workitem":[{"winame":"5GS_Ph1"}],"crnumber":394.0,"crrevision":"","crcategory":"F","tsg_crp":"","lsreplyto":"","lsto":"","Cc":"","lsoriginalls":"","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_127BIS_Newport_Beach\/Docs\/S2-184765.zip","group":"S2","meeting":"S2-127","year":2018,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-184771","title":"Nudm service update to support Steering of Roaming","source":"Ericsson, Samsung","contact":"Shabnam Sultana","contact-id":21207,"tdoctype":"CR","for":"Approval","abstract":"Summary of change: The use of Nudm_SDM service for the delivery of SoR information from UDM to the UE via the AMF is defined in the registration and subscription update procedures. Appropiate reference to TS 23.122 are provided.   A new operation (Info) is defined within the Nudm_SDM service. SoR information is included in Access and Mobility Subscription Data type. Appropriate references to TS 33.501 are provided regarding the security procedures to protect SoR information.","secretary_remarks":"Agreed in parallel session. Block approved","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":15770,"status":"agreed","reservation_date":"2018-05-17 22:19:50","uploaded":"2018-05-22 01:20:53","revisionof":"","revisedto":"","release":"Rel-15","crspec":23.502,"crspecversion":"15.1.0","workitem":[{"winame":"5GS_Ph1"}],"crnumber":397.0,"crrevision":"","crcategory":"F","tsg_crp":"SP-180487","lsreplyto":"","lsto":"","Cc":"","lsoriginalls":"","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_127BIS_Newport_Beach\/Docs\/S2-184771.zip","group":"S2","meeting":"S2-127","year":2018,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-184772","title":"AUSF\/UDM selection using SUCI","source":"Ericsson","contact":"Shabnam Sultana","contact-id":21207,"tdoctype":"discussion","for":"Agreement","abstract":"This paper discusses how AUSF and UDM are selected when SUCI is used and the HN deploys different sets of AUSF\/UDM instances to manage different sets\/ranges of SUPIs.","secretary_remarks":"Not Handled","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":15560,"status":"not treated","reservation_date":"2018-05-17 22:19:51","uploaded":"2018-05-22 01:20:53","revisionof":"","revisedto":"","release":"Rel-15","crspec":"","crspecversion":"","workitem":"","crnumber":"","crrevision":"","crcategory":"","tsg_crp":"","lsreplyto":"","lsto":"","Cc":"","lsoriginalls":"","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_127BIS_Newport_Beach\/Docs\/S2-184772.zip","group":"S2","meeting":"S2-127","year":2018,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-184773","title":"NF Registration via the NRF","source":"Ericsson","contact":"Shabnam Sultana","contact-id":21207,"tdoctype":"CR","for":"Approval","abstract":"Summary of change: 1. It is proposed that the UDM provides Region ID for registration with the NRF. Then there can be a mapping table between the Region ID and IMSI(s). This helps the UDM register without a scalability issue. The same solution can be applicable also for UDR, AUSF.  2) Include GUAMI(s) in the NRF, also include TAI as an optional entry.  [Rev 2]: Proposes combining AUSF Group ID and UDM Group ID into a single parameter i.e. AUSF\/UDM Group Id. Privacy considerations regarding the AUSF\/UDM Group ID as part of the SUCI are included.   Finally, it is proposed to use the AUSF\/UDM Group ID as input for the AUSF\/UDM selection if present within the SUCI when different UDM\/AUSF instances manage specific sets of SUPIs.","secretary_remarks":"Revision of (agreed) S2-183996 from S2#127. Withdrawn in parallel session","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":15600,"status":"withdrawn","reservation_date":"2018-05-17 22:19:51","uploaded":"2018-05-22 01:20:53","revisionof":"S2-183996","revisedto":"","release":"Rel-15","crspec":23.501,"crspecversion":"15.1.0","workitem":[{"winame":"5GS_Ph1"}],"crnumber":227.0,"crrevision":2.0,"crcategory":"F","tsg_crp":"","lsreplyto":"","lsto":"","Cc":"","lsoriginalls":"","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_127BIS_Newport_Beach\/Docs\/S2-184773.zip","group":"S2","meeting":"S2-127","year":2018,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-184774","title":"NF Discovery via the NRF","source":"Ericsson","contact":"Shabnam Sultana","contact-id":21207,"tdoctype":"CR","for":"Approval","abstract":"Summary of change: Update the NF Discovery procedure to include SUPI also for UDM, AUSF. Also update relevant and necessary parameters for AMF Discovery.  [Rev 2]: Includes the UDM\/AUSF Group Id as possible output of the UDM\/AUSF discovery procedure. This can be then used as input for the AUSF\/UDM selection when SUCI is used and different UDM\/AUSF instances manage specific sets of SUPIs.","secretary_remarks":"Revision of (agreed) S2-183997 from S2#127. Withdrawn in parallel session","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":15610,"status":"withdrawn","reservation_date":"2018-05-17 22:19:52","uploaded":"2018-05-22 01:20:53","revisionof":"S2-183997","revisedto":"","release":"Rel-15","crspec":23.502,"crspecversion":"15.1.0","workitem":[{"winame":"5GS_Ph1"}],"crnumber":263.0,"crrevision":2.0,"crcategory":"F","tsg_crp":"","lsreplyto":"","lsto":"","Cc":"","lsoriginalls":"","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_127BIS_Newport_Beach\/Docs\/S2-184774.zip","group":"S2","meeting":"S2-127","year":2018,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-184781","title":"SEPP fully redundant and next-hop IPX proxy","source":"Ericsson","contact":"Shabnam Sultana","contact-id":21207,"tdoctype":"CR","for":"Approval","abstract":"Summary of change: Adding statement that SEPP can be fully redundant.","secretary_remarks":"Agreed in parallel session. Block approved","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":15710,"status":"agreed","reservation_date":"2018-05-17 22:19:57","uploaded":"2018-05-22 01:20:53","revisionof":"","revisedto":"","release":"Rel-15","crspec":23.501,"crspecversion":"15.1.0","workitem":[{"winame":"5GS_Ph1"}],"crnumber":339.0,"crrevision":"","crcategory":"F","tsg_crp":"SP-180488","lsreplyto":"","lsto":"","Cc":"","lsoriginalls":"","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_127BIS_Newport_Beach\/Docs\/S2-184781.zip","group":"S2","meeting":"S2-127","year":2018,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-184933","title":"NRF Service Operations","source":"Nokia, Nokia Shanghai Bell","contact":"Devaki Chandramouli","contact-id":68275,"tdoctype":"CR","for":"Approval","abstract":"Summary of change: 1) It is proposed to add GUAMI for the case of AMF for appropriate service operations 2) It is proposed to add Group ID for the case of UDM, AUSF, UDR for appropriate service operations 3) If the target NF is UDM or AUSF, the request may include Routing ID that was part of SUCI. This is the case of initial Registration request in which the UE provides only the SUCI and the Routing ID that is in the unencrypted part is used for UDM, AUSF discovery by AUSF, AMF respectively.","secretary_remarks":"Agreed in parallel session. Block approved","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":15620,"status":"agreed","reservation_date":"2018-05-21 01:29:25","uploaded":"2018-05-22 14:18:12","revisionof":"","revisedto":"","release":"Rel-15","crspec":23.502,"crspecversion":"15.1.0","workitem":[{"winame":"5GS_Ph1"}],"crnumber":419.0,"crrevision":"","crcategory":"F","tsg_crp":"SP-180487","lsreplyto":"","lsto":"","Cc":"","lsoriginalls":"","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_127BIS_Newport_Beach\/Docs\/S2-184933.zip","group":"S2","meeting":"S2-127","year":2018,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-184938","title":"UDM-AUSF Discovery","source":"Nokia, Nokia Shanghai Bell, Verizon","contact":"Devaki Chandramouli","contact-id":68275,"tdoctype":"CR","for":"Approval","abstract":"Summary of change: 1) It is proposed to add External Group ID as one option for UDM Discovery e.g. for NEF. 2) It is also proposed to add UDM Group ID and AUSF Group ID for their discovery & selection.","secretary_remarks":"Revised in parallel session, merging S2-185360, to S2-186103.","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":15630,"status":"revised","reservation_date":"2018-05-21 01:29:29","uploaded":"2018-05-22 14:18:12","revisionof":"","revisedto":"S2-186103","release":"Rel-15","crspec":23.502,"crspecversion":"15.1.0","workitem":[{"winame":"5GS_Ph1"}],"crnumber":422.0,"crrevision":"","crcategory":"F","tsg_crp":"","lsreplyto":"","lsto":"","Cc":"","lsoriginalls":"","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_127BIS_Newport_Beach\/Docs\/S2-184938.zip","group":"S2","meeting":"S2-127","year":2018,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-184939","title":"AS Security Setup","source":"Nokia, Nokia Shanghai Bell","contact":"Devaki Chandramouli","contact-id":68275,"tdoctype":"CR","for":"Approval","abstract":"Summary of change: It is proposed to add AS security setup for Service request. Some considerations on doing it in step 3a versus step 12: 1) Providing the AS security context in step 12 could incur a delay (i.e. steps 4 to 11 have to be executed) if RAN needs to perform RRC release with redirection prior to step 12. 2) In step 3, we have the information necessary to configure AS security context. AMF can also provide HRL (handover restriction list). 3) In step 12, it is sufficient to provide PDU session (UP related) context. Thus it is proposed to provide AS secuirty context in step 3a for Service Request. AMF can also provide HRL at this point. In step 12, PDU session (UP related) context is included, security context is included only if it was not provided earlier.","secretary_remarks":"Revised in parallel session, merging S2-185068, to S2-186110.","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":15380,"status":"revised","reservation_date":"2018-05-21 01:29:30","uploaded":"2018-05-22 14:18:12","revisionof":"","revisedto":"S2-186110","release":"Rel-15","crspec":23.502,"crspecversion":"15.1.0","workitem":[{"winame":"5GS_Ph1"}],"crnumber":423.0,"crrevision":"","crcategory":"F","tsg_crp":"","lsreplyto":"","lsto":"","Cc":"","lsoriginalls":"","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_127BIS_Newport_Beach\/Docs\/S2-184939.zip","group":"S2","meeting":"S2-127","year":2018,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-184947","title":"Discussion on UE capability related to integrity protection of DRBs for signalling of the maximum supported data rate per UE for integrity protection","source":"Qualcomm Incorporated","contact":"Faccin Stefano","contact-id":60610,"tdoctype":"discussion","for":"Decision","abstract":"The paper discusses the UE capability related to integrity protection of DRBs for signalling of the maximum supported data rate per UE for integrity protection.","secretary_remarks":"Not Handled","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":15470,"status":"not treated","reservation_date":"2018-05-21 01:45:10","uploaded":"2018-05-22 13:33:13","revisionof":"","revisedto":"","release":"Rel-15","crspec":"","crspecversion":"","workitem":"","crnumber":"","crrevision":"","crcategory":"","tsg_crp":"","lsreplyto":"","lsto":"","Cc":"","lsoriginalls":"","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_127BIS_Newport_Beach\/Docs\/S2-184947.zip","group":"S2","meeting":"S2-127","year":2018,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-184948","title":"UE capability related to integrity protection of DRBs for signalling of the maximum supported data rate per UE for integrity protection","source":"Qualcomm Incorporated","contact":"Faccin Stefano","contact-id":60610,"tdoctype":"CR","for":"Approval","abstract":"Summary of change: In order to align with RAN WG2 decisions, the UE provides the maximum supported data rate for integrity protection in NAS MM signalling to the AMF (the Registration procedure is suggested) as part of the UE MM capabilities. The AMF provides such information to the RAN when a UE context is established in the RAN.  When the SMF requests the activation of UP integrity protection for a PDU session, the RAN enforces, based on RAN specific mechanisms, the maximum supported data rate for integrity protection for the UE, and may reject the PDU session establishment.","secretary_remarks":"Merged into S2-186100","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":15480,"status":"merged","reservation_date":"2018-05-21 01:47:43","uploaded":"2018-05-22 13:33:13","revisionof":"","revisedto":"","release":"Rel-15","crspec":23.501,"crspecversion":"15.1.0","workitem":[{"winame":"5GS_Ph1"}],"crnumber":374.0,"crrevision":"","crcategory":"F","tsg_crp":"","lsreplyto":"","lsto":"","Cc":"","lsoriginalls":"","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_127BIS_Newport_Beach\/Docs\/S2-184948.zip","group":"S2","meeting":"S2-127","year":2018,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-184949","title":"UE capability related to integrity protection of DRBs for signalling of the maximum supported data rate per UE for integrity protection","source":"Qualcomm Incorporated","contact":"Faccin Stefano","contact-id":60610,"tdoctype":"CR","for":"Approval","abstract":"Summary of change: In order to align with RAN WG2 decisions, the UE provides the maximum supported data rate for integrity protection in NAS MM signalling to the AMF (the Registration procedure is suggested) as part of the UE MM capabilities. The AMF provides such information to the RAN when a UE context is established in the RAN.  When the SMF requests the activation of UP integrity protection for a PDU session, the RAN enforces, based on RAN specific mechanisms, the maximum supported data rate for integrity protection for the UE, and may reject the PDU session establishment.","secretary_remarks":"Merged into S2-186101","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":15490,"status":"merged","reservation_date":"2018-05-21 01:49:41","uploaded":"2018-05-22 13:33:13","revisionof":"","revisedto":"","release":"Rel-15","crspec":23.502,"crspecversion":"15.1.0","workitem":[{"winame":"5GS_Ph1"}],"crnumber":424.0,"crrevision":"","crcategory":"F","tsg_crp":"","lsreplyto":"","lsto":"","Cc":"","lsoriginalls":"","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_127BIS_Newport_Beach\/Docs\/S2-184949.zip","group":"S2","meeting":"S2-127","year":2018,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-184955","title":"UDM-AUSF Discovery","source":"Nokia, Nokia Shanghai Bell, Verizon","contact":"Devaki Chandramouli","contact-id":68275,"tdoctype":"CR","for":"Approval","abstract":"Summary of change: 1) It is proposed to add External Group ID as one option for UDM Discovery e.g. for NEF. 2) It is also proposed to add Routing ID part of SUCI for UDM\/AUSF discovery & selection.","secretary_remarks":"Revised in parallel session, merging S2-185347 and S2-185251, to S2-186102.","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":15570,"status":"revised","reservation_date":"2018-05-21 02:43:44","uploaded":"2018-05-22 14:18:12","revisionof":"","revisedto":"S2-186102","release":"Rel-15","crspec":23.501,"crspecversion":"15.1.0","workitem":[{"winame":"5GS_Ph1"}],"crnumber":375.0,"crrevision":"","crcategory":"F","tsg_crp":"","lsreplyto":"","lsto":"","Cc":"","lsoriginalls":"","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_127BIS_Newport_Beach\/Docs\/S2-184955.zip","group":"S2","meeting":"S2-127","year":2018,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-185147","title":"SEPP Flow","source":"Ericsson","contact":"Shabnam Sultana","contact-id":21207,"tdoctype":"CR","for":"Approval","abstract":"Summary of change: Flow for the signalling between an NF in VPMN via vSEPP and hSEPP to NF in hPMN is included in the specification.","secretary_remarks":"Revised to S2-185490.","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":15800,"status":"revised","reservation_date":"2018-05-21 20:50:29","uploaded":"2018-05-22 01:22:52","revisionof":"","revisedto":"S2-185490","release":"Rel-15","crspec":23.502,"crspecversion":"15.1.0","workitem":[{"winame":"5GS_Ph1"}],"crnumber":462.0,"crrevision":"","crcategory":"F","tsg_crp":"","lsreplyto":"","lsto":"","Cc":"","lsoriginalls":"","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_127BIS_Newport_Beach\/Docs\/S2-185147.zip","group":"S2","meeting":"S2-127","year":2018,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-185251","title":"Update to UDM discovery","source":"CATT","contact":"Hucheng Wang","contact-id":56627,"tdoctype":"CR","for":"Approval","abstract":"Summary of change: 1. Clarifying that the unencrypted routing assistance information within the SUCI should be used to discover a UDM in HPLMN. 2. Clarifying that the SUCI can be used for UDM discovery.","secretary_remarks":"Merged into S2-186102","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":15670,"status":"merged","reservation_date":"2018-05-22 05:29:43","uploaded":"2018-05-22 06:25:08","revisionof":"","revisedto":"","release":"Rel-15","crspec":23.501,"crspecversion":"15.1.0","workitem":[{"winame":"5GS_Ph1"}],"crnumber":421.0,"crrevision":"","crcategory":"F","tsg_crp":"","lsreplyto":"","lsto":"","Cc":"","lsoriginalls":"","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_127BIS_Newport_Beach\/Docs\/S2-185251.zip","group":"S2","meeting":"S2-127","year":2018,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-185347","title":"Updates to clause 6.3.8 UDM discovery function","source":"NEC","contact":"Kundan Tiwari","contact-id":75778,"tdoctype":"CR","for":"Approval","abstract":"Summary of change: Updated clause 6.3.8 UDM discovery function with SUPI range indicator as the UDM routing\/discovery information.","secretary_remarks":"Merged into S2-186102","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":15650,"status":"merged","reservation_date":"2018-05-22 09:38:21","uploaded":"2018-05-22 10:52:00","revisionof":"","revisedto":"","release":"Rel-15","crspec":23.501,"crspecversion":"15.1.0","workitem":[{"winame":"5GS_Ph1"}],"crnumber":432.0,"crrevision":"","crcategory":"F","tsg_crp":"","lsreplyto":"","lsto":"","Cc":"","lsoriginalls":"","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_127BIS_Newport_Beach\/Docs\/S2-185347.zip","group":"S2","meeting":"S2-127","year":2018,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-185360","title":"Changes to usage of SUPI as NF instance(s) service discovery information","source":"NEC","contact":"Kundan Tiwari","contact-id":75778,"tdoctype":"CR","for":"Approval","abstract":"Summary of change: Clause 4.17.4 NF\/NF service discovery in the same PLMN and clause 5.2.7.3.2 Nnrf_NFDiscovery service operation are updated to include SUPI range indicator as an NF instance discovery information as an alternative to SUPI.","secretary_remarks":"Merged into S2-186103","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":15660,"status":"merged","reservation_date":"2018-05-22 09:43:04","uploaded":"2018-05-22 10:52:00","revisionof":"","revisedto":"","release":"Rel-15","crspec":23.502,"crspecversion":"15.1.0","workitem":[{"winame":"5GS_Ph1"}],"crnumber":485.0,"crrevision":"","crcategory":"F","tsg_crp":"","lsreplyto":"","lsto":"","Cc":"","lsoriginalls":"","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_127BIS_Newport_Beach\/Docs\/S2-185360.zip","group":"S2","meeting":"S2-127","year":2018,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-185363","title":"Reply LS to 'LS on AUSF\/UDM instance selection and SUCI parameters'","source":"NEC Europe Ltd","contact":"Kundan Tiwari","contact-id":75778,"tdoctype":"LS out","for":"Approval","abstract":"To: SA WG3, CT WG1, CT WG4","secretary_remarks":"Response to S2-184707. Revised in parallel session to S2-186104.","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":15680,"status":"revised","reservation_date":"2018-05-22 09:47:15","uploaded":"2018-05-22 10:52:00","revisionof":"","revisedto":"S2-186104","release":"Rel-15","crspec":"","crspecversion":"","workitem":"","crnumber":"","crrevision":"","crcategory":"","tsg_crp":"","lsreplyto":"","lsto":"SA WG3, CT WG1, CT WG4","Cc":"","lsoriginalls":"","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_127BIS_Newport_Beach\/Docs\/S2-185363.zip","group":"S2","meeting":"S2-127","year":2018,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-185465","title":"Correction on the authentication supported via non-3GPP access","source":"Orange","contact":"Xiaofeng Huang","contact-id":34683,"tdoctype":"CR","for":"Approval","abstract":"Summary of change: 1) Fix the introductory text in clauses 4.12.2.1 and 4.12.2.2 to clarify that both 5G-AKA and EAP-AKA' are supported. 2) Remove the note which indicates that only EAP-AKA' is supported for the authentication of UE via non-3GPP access","secretary_remarks":"Noted in parallel session","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":15720,"status":"noted","reservation_date":"2018-05-22 13:48:58","uploaded":"2018-05-22 14:47:34","revisionof":"","revisedto":"","release":"Rel-15","crspec":23.502,"crspecversion":"15.1.0","workitem":[{"winame":"5GS_Ph1"}],"crnumber":504.0,"crrevision":"","crcategory":"F","tsg_crp":"","lsreplyto":"","lsto":"","Cc":"","lsoriginalls":"","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_127BIS_Newport_Beach\/Docs\/S2-185465.zip","group":"S2","meeting":"S2-127","year":2018,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-185481","title":"LS from SA WG3: Reply LS on UE capability related to integrity protection of DRBs","source":"SA WG3","contact":"Anand Palanigounder","contact-id":26706,"tdoctype":"LS in","for":"Action","abstract":"SA WG3 thanks SA WG2 and RAN WG2 for their LS on UE capability related to integrity protection of DRBs. It is SA WG3 view that the maximum supported data rate per UE for integrity protection of DRBs parameter shall at least be integrity protected to protect against bidding down attacks. It is also SA WG3 preference that this parameter is confidentiality protected. The use of NAS for signalling this parameter ensures that such protections are always provided. On the other hand, if AS signalling is used, then such protections can only be guaranteed if the NG-RAN only request the UE capability after AS security is activated (i.e., after AS Security Mode Command is performed). It is SA WG3 understanding that NG-RAN can perform UE capability query before AS security is activated. Therefore, SA WG3 recommends the use of NAS signalling to send this parameter to the serving network in Release 15. Action: SA WG2 and RAN WG2 are kindly requested to take the above information into account.","secretary_remarks":"Postponed","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":15830,"status":"postponed","reservation_date":"2018-05-23 05:42:42","uploaded":"2018-05-23 05:43:19","revisionof":"","revisedto":"","release":"Rel-15","crspec":"","crspecversion":"","workitem":"","crnumber":"","crrevision":"","crcategory":"","tsg_crp":"","lsreplyto":"","lsto":"SA WG2, RAN WG2","Cc":"RAN WG3, CT WG1","lsoriginalls":"S3-181930","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_127BIS_Newport_Beach\/Docs\/S2-185481.zip","group":"S2","meeting":"S2-127","year":2018,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-185482","title":"LS from SA WG3: LS response on Initial NAS message protection","source":"SA WG3","contact":"Adrian Escott","contact-id":24089,"tdoctype":"LS in","for":"Action","abstract":"SA WG3 thanks SA WG2 for their reply LS on Initial NAS message protection (S3-181627\/S2-184510). In their LS, SA WG2 ask SA WG3 the following questions: Question 1: in the initial NAS message protection solution proposed by SA WG3, are the parameters that need to be ciphered always sent once the full security context has been established between the UE and the network? Question 2: what procedures besides Registration does SA WG3 expect the initial NAS message protection solution should apply? SA WG3 would like to provide the following responses to the questions: Response to Question 1: the parameters that need to be ciphered are sent once the UE has a full security context via NAS Security Mode Complete message or partially ciphered in the initial NAS message. The parameters that need to be ciphered are sent in the initial NAS message if the UE has a full security context when it sends the message. The parameters that need to be ciphered are only sent in the NAS Security Mode Complete","secretary_remarks":"Postponed","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":15840,"status":"postponed","reservation_date":"2018-05-23 05:42:42","uploaded":"2018-05-23 05:43:19","revisionof":"","revisedto":"","release":"Rel-15","crspec":"","crspecversion":"","workitem":"","crnumber":"","crrevision":"","crcategory":"","tsg_crp":"","lsreplyto":"","lsto":"SA WG2, CT WG1","Cc":"-","lsoriginalls":"S3-181933","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_127BIS_Newport_Beach\/Docs\/S2-185482.zip","group":"S2","meeting":"S2-127","year":2018,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-185486","title":"LS from SA WG3: LS on TLS and inter PLMN routing","source":"SA WG3","contact":"Maurice Pope","contact-id":648,"tdoctype":"LS in","for":"Action","abstract":"SA WG3 would like to inform SA WG2 and CT WG4 about an issue with TLS termination and inter-PLMN routing and provide SA WG3's solution recommendation. According to TS 33.501, clause 13.1, transport security inside one PLMN is based on TLS. For service invocation between different PLMNs, the SEPP needs to terminate TLS in order to modify requests and responses. However, according to TS 29.500, clause 6.1.4.3, the FQDN in the Request URL contains the FQDN of the remote PLMN. With the current agreements in TS 33.501 and TS 29.500, in order to terminate TLS, the SEPP needs to provide a certificate on behalf of the remote PLMN. 'Solution #8: Inter PLMN routing and TLS: Solution Options' in the attached S3-181957 describes three different solution options for the problem. SA WG3 prefers the option described in 4.3.8.3: 'Using local SEPP FQDN in request URL'. With this solution option, the request URL would point to the next hop instead of the final target and the real target FQDN used for ro","secretary_remarks":"Response drafted in S2-185489. Postponed","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":15790,"status":"postponed","reservation_date":"2018-05-24 06:48:45","uploaded":"2018-05-24 06:49:30","revisionof":"","revisedto":"","release":"Rel-15","crspec":"","crspecversion":"","workitem":"","crnumber":"","crrevision":"","crcategory":"","tsg_crp":"","lsreplyto":"","lsto":"SA WG2, CT WG4","Cc":"","lsoriginalls":"S3-181956","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_127BIS_Newport_Beach\/Docs\/S2-185486.zip","group":"S2","meeting":"S2-127","year":2018,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-185487","title":"LS from SA WG3: Reply LS on reporting Integrity check failure for DRB to network from RAN WG2","source":"SA WG3","contact":"Maurice Pope","contact-id":648,"tdoctype":"LS in","for":"Information","abstract":"SA WG3 thanks RAN WG2 for their LS on integrity protection (IP) for DRBs in Standalone NR. SA WG3 discussed the questions and would like to provide the following answer. RAN WG2 Question 1: Whether SA WG3 has a requirement for the UE reporting to the network when DRB integrity verification check failures are detected? SA WG3 Answer 1: In Rel-15, SA WG3 has no security requirement for the UE to report DRB IP verification failures. SA WG3 will study this issue to determine whether such reporting is useful.","secretary_remarks":"Noted in parallel session","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":15780,"status":"noted","reservation_date":"2018-05-24 06:48:45","uploaded":"2018-05-24 06:49:30","revisionof":"","revisedto":"","release":"Rel-15","crspec":"","crspecversion":"","workitem":"","crnumber":"","crrevision":"","crcategory":"","tsg_crp":"","lsreplyto":"","lsto":"RAN WG2","Cc":"SA WG2","lsoriginalls":"S3-181998","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_127BIS_Newport_Beach\/Docs\/S2-185487.zip","group":"S2","meeting":"S2-127","year":2018,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-185489","title":"[DRAFT] Reply LS on TLS and inter PLMN routing","source":"Ericsson","contact":"Maurice Pope","contact-id":648,"tdoctype":"LS out","for":"Approval","abstract":"To: SA WG3, CT WG4","secretary_remarks":"LATE DOC: Response to S2-185486. Not Handled","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":15820,"status":"not treated","reservation_date":"2018-05-27 13:46:14","uploaded":"2018-05-31 17:57:54","revisionof":"","revisedto":"","release":"Rel-15","crspec":"","crspecversion":"","workitem":"","crnumber":"","crrevision":"","crcategory":"","tsg_crp":"","lsreplyto":"","lsto":"SA WG3, CT WG4","Cc":"","lsoriginalls":"","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_127BIS_Newport_Beach\/Docs\/S2-185489.zip","group":"S2","meeting":"S2-127","year":2018,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-185490","title":"SEPP Flow","source":"Ericsson","contact":"Shabnam Sultana","contact-id":21207,"tdoctype":"CR","for":"Approval","abstract":"Summary of change: Flow for the signalling between an NF in VPMN via vSEPP and hSEPP to NF in hPMN is included in the specification.","secretary_remarks":"Revision of S2-185147. LATE DOC: Noted in parallel session","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":15810,"status":"noted","reservation_date":"2018-05-27 13:46:14","uploaded":"2018-05-31 17:57:54","revisionof":"S2-185147","revisedto":"","release":"Rel-15","crspec":23.502,"crspecversion":"15.1.0","workitem":[{"winame":"5GS_Ph1"}],"crnumber":462.0,"crrevision":1.0,"crcategory":"F","tsg_crp":"","lsreplyto":"","lsto":"","Cc":"","lsoriginalls":"","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_127BIS_Newport_Beach\/Docs\/S2-185490.zip","group":"S2","meeting":"S2-127","year":2018,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-185491","title":"LS from CT WG1: Reply LS on initial NAS message protection","source":"CT WG1","contact":"Maurice Pope","contact-id":648,"tdoctype":"LS in","for":"Action","abstract":"CT WG1 thanks SA WG2 and SA WG3 for their LS on initial NAS message protection. CT WG1 has discussed the initial NAS message protection defined in SA WG3 TS TS 33.501 v15.0.0 subclause 6.4.6 and would like to provide below information. Based on SA WG2's LS response, the following IEs were identified by SA WG2 to be sent in the clear: (UE identity, Requested NSSAI, Last registered TAI, UE security information, Additional GUTI, indication that the UE is moving from EPC (called 'UE status' in CT WG1). CT WG1 identified NAS protocol impacts on both UE and network side, which CT WG1 has not fully analysed as CT WG1 is not aware of the reasons behind this enhancement. Hence CT WG1 like to understand justification for the work for this enhancement and would ask below questions: Question#1 to SA WG3: What are technical problems resolved by this SA WG3 feature and what real benefits gained from this SA WG3 feature given the identified cleartext IEs? CT WG1 would also like to understand the crit","secretary_remarks":"Response drafted in S2-185986. This was Postponed","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":15850,"status":"postponed","reservation_date":"2018-05-27 13:46:17","uploaded":"2018-05-27 13:57:53","revisionof":"","revisedto":"","release":"Rel-15","crspec":"","crspecversion":"","workitem":"","crnumber":"","crrevision":"","crcategory":"","tsg_crp":"","lsreplyto":"","lsto":"SA WG2, SA WG3","Cc":"","lsoriginalls":"C1-183727","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_127BIS_Newport_Beach\/Docs\/S2-185491.zip","group":"S2","meeting":"S2-127","year":2018,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-185497","title":"LS from CT WG4: Reply LS on AUSF\/UDM instance selection and SUCI parameters","source":"CT WG4","contact":"Maurice Pope","contact-id":648,"tdoctype":"LS in","for":"Action","abstract":"CT WG4 would like to thank SA WG3 for the LS on AUSF\/UDM instance selection and SUCI parameters. CT WG4 has taken into account of the attention brought by SA WG3 and agreed the attached structure of SUCI. Also, CT WG4 has realized that CT WG6 is involved to define some data provisioned in USIM. Then this LS is also sent to CT WG6. Action: CT WG4 kindly asks SA WG3, SA WG2, CT WG1 and CT WG6 to take the above information into account in their work.","secretary_remarks":"Related contributions were reviewed. Postponed","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":15550,"status":"postponed","reservation_date":"2018-05-27 13:46:18","uploaded":"2018-05-27 13:57:54","revisionof":"","revisedto":"","release":"Rel-15","crspec":"","crspecversion":"","workitem":"","crnumber":"","crrevision":"","crcategory":"","tsg_crp":"","lsreplyto":"","lsto":"SA WG3, SA WG2, CT WG1, CT WG6","Cc":"","lsoriginalls":"C4-184576","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_127BIS_Newport_Beach\/Docs\/S2-185497.zip","group":"S2","meeting":"S2-127","year":2018,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-185498","title":"LS from CT WG4: LS OUT on TLS and inter PLMN routing","source":"CT WG4","contact":"Maurice Pope","contact-id":648,"tdoctype":"LS in","for":"Information","abstract":"CT WG4 thanks SA WG3 for their LS on TLS and inter PLMN routing. CT WG4 had an initial discussion on the LS and would like to provide the following initial feedback. 1. The solution option 'Using local SEPP FQDN in request URL', would mean CT WG4 has to invent an application level message routing mechanism outside of standard HTTP routing as specified in IETF RFC 7230. CT WG4 would like to consider this solution only as a last resort if no other solution is possible. 2. CT WG4 noticed that in the attached SA WG3 document in S3-181957, for the solution '4.3.8.2 TLS tunnel or VPN from NF to SEPP', there is a disadvantage mentioned 'Would not work if QUIC is introduced in a future release.' CT WG4 would do further analysis on QUIC as part of a Study Item agreed for Rel-16 timeframe, and CT WG4 kindly asks SA WG3 to provide further information on the exact issues foreseen by SA WG3 in relation to QUIC. CT WG4 will further analyze the impact to CT WG4 specifications and HTTP routing and wou","secretary_remarks":"Noted in parallel session","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":15350,"status":"noted","reservation_date":"2018-05-27 13:46:18","uploaded":"2018-05-27 13:57:54","revisionof":"","revisedto":"","release":"Rel-15","crspec":"","crspecversion":"","workitem":"","crnumber":"","crrevision":"","crcategory":"","tsg_crp":"","lsreplyto":"","lsto":"SA WG3","Cc":"SA WG2","lsoriginalls":"C4-184612","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_127BIS_Newport_Beach\/Docs\/S2-185498.zip","group":"S2","meeting":"S2-127","year":2018,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-185509","title":"LS from SA WG3: LS response on Initial NAS message protection","source":"SA WG3","contact":"Maurice Pope","contact-id":648,"tdoctype":"LS in","for":"Information","abstract":"SA WG3 thanks CT WG1 for their reply LS on Initial NAS message protection (C1-183727\/ S3-182086). In their LS, CT WG1 ask SA WG3 the following questions: Question#1 to SA WG3: What are technical problems resolved by this SA WG3 feature and what real benefits gained from this SA WG3 feature given the identified cleartext IEs? Question#2 to SA WG2, SA WG3: What are the criteria determining which IEs should be ciphered or be sent in the clear? Question#3 to SA WG3: Whether initial NAS message protection is mandatory or optional for the UE and\/or the network? Question#4 to SA WG3: Which UE security related IEs should be sent in the clear? SA WG3 would like to provide the following responses to the questions: Response to Question 1: one of the major goals of the 5GS security is to enhance the security compared to 4G. To minimize the risk that an attacker may misuse the IEs sent in the clear in the initial NAS message(s), SA WG3 decided to confidentiality protect (i.e., cipher) all the IEs t","secretary_remarks":"Postponed","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":15870,"status":"postponed","reservation_date":"2018-05-27 13:46:18","uploaded":"2018-05-27 13:57:54","revisionof":"","revisedto":"","release":"Rel-15","crspec":"","crspecversion":"","workitem":"","crnumber":"","crrevision":"","crcategory":"","tsg_crp":"","lsreplyto":"","lsto":"CT WG1","Cc":"SA WG2","lsoriginalls":"S3-182087","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_127BIS_Newport_Beach\/Docs\/S2-185509.zip","group":"S2","meeting":"S2-127","year":2018,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-185986","title":"[DRAFT] Reply LS on initial NAS message protection","source":"SA WG2","contact":"Maurice Pope","contact-id":648,"tdoctype":"LS out","for":"Approval","abstract":"To: CT WG1. CC: SA WG3","secretary_remarks":"Created at meeting. Response to S2-185491. Not Handled","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":15860,"status":"not treated","reservation_date":"2018-05-29 21:08:13","uploaded":"2018-06-02 18:27:54","revisionof":"","revisedto":"","release":"Rel-15","crspec":"","crspecversion":"","workitem":"","crnumber":"","crrevision":"","crcategory":"","tsg_crp":"","lsreplyto":"","lsto":"CT WG1","Cc":"SA WG3","lsoriginalls":"","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_127BIS_Newport_Beach\/Docs\/S2-185986.zip","group":"S2","meeting":"S2-127","year":2018,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-186078","title":"Analysis of UDM Routing information in SUCI","source":"NEC, Nokia, Ericsson","contact":"Kundan Tiwari","contact-id":66053,"tdoctype":"discussion","for":"Discussion","abstract":"-","secretary_remarks":"Created at meeting. Not Handled","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":15880,"status":"not treated","reservation_date":"2018-05-31 18:43:01","uploaded":"2018-06-02 18:27:54","revisionof":"","revisedto":"","release":"","crspec":"","crspecversion":"","workitem":"","crnumber":"","crrevision":"","crcategory":"","tsg_crp":"","lsreplyto":"","lsto":"","Cc":"","lsoriginalls":"","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_127BIS_Newport_Beach\/Docs\/S2-186078.zip","group":"S2","meeting":"S2-127","year":2018,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-186100","title":"Handling of maximum supported data rate per UE for integrity protection","source":"Ericsson, Qualcomm Incorporated","contact":"Shabnam Sultana","contact-id":21207,"tdoctype":"CR","for":"Approval","abstract":"Summary of change: 'UE Integrity Protection Maximum Data Rate' added to the UE 5GSM Capability provided at PDU Session Establishment.   Capability for SMF to accept or reject a PDU Session Establishment request based on the 'UE Integrity Protection Maximum Data Rate'.  Provisoning of the 'UE Integrity Protection Maximum Data Rate' to RAN as part of UP setup","secretary_remarks":"Revision of S2-184764, merging S2-184948. Agreed in parallel session. Block approved","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":15430,"status":"agreed","reservation_date":"2018-05-31 14:23:21","uploaded":"2018-06-02 18:27:54","revisionof":"S2-184764","revisedto":"","release":"Rel-15","crspec":23.501,"crspecversion":"15.1.0","workitem":[{"winame":"5GS_Ph1"}],"crnumber":334.0,"crrevision":1.0,"crcategory":"F","tsg_crp":"SP-180485","lsreplyto":"","lsto":"","Cc":"","lsoriginalls":"","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_127BIS_Newport_Beach\/Docs\/S2-186100.zip","group":"S2","meeting":"S2-127","year":2018,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-186101","title":"Handling of maximum supported data rate per UE for integrity protection","source":"Ericsson, Qualcomm Incorporated","contact":"Shabnam Sultana","contact-id":21207,"tdoctype":"CR","for":"Approval","abstract":"Summary of change: 'UE Integrity Protection Maximum Data Rate' added to the UE 5GSM Capability provided at PDU Session Establishment.   Capability for SMF to accept or reject a PDU Session Establishment request based on the 'UE Integrity Protection Maximum Data Rate'.  Provisoning of the 'UE Integrity Protection Maximum Data Rate' to RAN as part of UP setup","secretary_remarks":"Revision of S2-184765, merging S2-184949. Revised in parallel session to S2-186256.","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":15450,"status":"revised","reservation_date":"2018-05-31 14:23:22","uploaded":"2018-06-02 18:27:54","revisionof":"S2-184765","revisedto":"S2-186256","release":"Rel-15","crspec":23.502,"crspecversion":"15.1.0","workitem":[{"winame":"5GS_Ph1"}],"crnumber":394.0,"crrevision":1.0,"crcategory":"F","tsg_crp":"","lsreplyto":"","lsto":"","Cc":"","lsoriginalls":"","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_127BIS_Newport_Beach\/Docs\/S2-186101.zip","group":"S2","meeting":"S2-127","year":2018,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-186102","title":"UDM-AUSF Discovery","source":"Nokia, Nokia Shanghai Bell, Verizon, NEC, CATT, Ericsson","contact":"Devaki Chandramouli","contact-id":68275,"tdoctype":"CR","for":"Approval","abstract":"Summary of change: 1) It is proposed to add External Group ID as one option for UDM Discovery e.g. for NEF. 2) It is also proposed to add Routing ID part of SUCI for UDM\/AUSF discovery & selection.","secretary_remarks":"Revision of S2-184955, merging S2-185347 and S2-185251. Revised in parallel session to S2-186105.","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":15580,"status":"revised","reservation_date":"2018-05-31 14:23:23","uploaded":"2018-06-02 18:27:54","revisionof":"S2-184955","revisedto":"S2-186105","release":"Rel-15","crspec":23.501,"crspecversion":"15.1.0","workitem":[{"winame":"5GS_Ph1"}],"crnumber":375.0,"crrevision":1.0,"crcategory":"F","tsg_crp":"","lsreplyto":"","lsto":"","Cc":"","lsoriginalls":"","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_127BIS_Newport_Beach\/Docs\/S2-186102.zip","group":"S2","meeting":"S2-127","year":2018,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-186103","title":"UDM-AUSF Discovery","source":"Nokia, Nokia Shanghai Bell, Verizon, NEC, CATT, Ericsson","contact":"Devaki Chandramouli","contact-id":68275,"tdoctype":"CR","for":"Approval","abstract":"Summary of change: 1) It is proposed to add External Group ID as one option for UDM Discovery e.g. for NEF. 2) It is also proposed to add UDM Group ID and AUSF Group ID for their discovery & selection.","secretary_remarks":"Revision of S2-184938, merging S2-185360. Agreed in parallel session. Block approved","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":15640,"status":"agreed","reservation_date":"2018-05-31 14:26:01","uploaded":"2018-06-02 18:27:54","revisionof":"S2-184938","revisedto":"","release":"Rel-15","crspec":23.502,"crspecversion":"15.1.0","workitem":[{"winame":"5GS_Ph1"}],"crnumber":422.0,"crrevision":1.0,"crcategory":"F","tsg_crp":"SP-180490","lsreplyto":"","lsto":"","Cc":"","lsoriginalls":"","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_127BIS_Newport_Beach\/Docs\/S2-186103.zip","group":"S2","meeting":"S2-127","year":2018,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-186104","title":"Reply LS to 'LS on AUSF\/UDM instance selection and SUCI parameters'","source":"SA WG2","contact":"Kundan Tiwari","contact-id":75778,"tdoctype":"LS out","for":"Approval","abstract":"To: SA WG3, CT WG1, CT WG4","secretary_remarks":"Revision of S2-185363. Revised in parallel session to S2-186257.","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":15690,"status":"revised","reservation_date":"2018-05-31 14:26:02","uploaded":"2018-06-02 18:27:54","revisionof":"S2-185363","revisedto":"S2-186257","release":"Rel-15","crspec":"","crspecversion":"","workitem":"","crnumber":"","crrevision":"","crcategory":"","tsg_crp":"","lsreplyto":"","lsto":"SA WG3, CT WG1, CT WG4","Cc":"","lsoriginalls":"","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_127BIS_Newport_Beach\/Docs\/S2-186104.zip","group":"S2","meeting":"S2-127","year":2018,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-186105","title":"UDM-AUSF Discovery","source":"Nokia, Nokia Shanghai Bell, Verizon, NEC, CATT, Ericsson","contact":"Devaki Chandramouli","contact-id":68275,"tdoctype":"CR","for":"Approval","abstract":"Summary of change: 1) It is proposed to add External Group ID as one option for UDM Discovery e.g. for NEF. 2) It is also proposed to add Routing ID part of SUCI for UDM\/AUSF discovery & selection.","secretary_remarks":"Revision of S2-186102. Agreed in parallel session. Block approved","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":15590,"status":"agreed","reservation_date":"2018-05-31 14:26:02","uploaded":"2018-06-02 18:27:54","revisionof":"S2-186102","revisedto":"","release":"Rel-15","crspec":23.501,"crspecversion":"15.1.0","workitem":[{"winame":"5GS_Ph1"}],"crnumber":375.0,"crrevision":2.0,"crcategory":"F","tsg_crp":"SP-180490","lsreplyto":"","lsto":"","Cc":"","lsoriginalls":"","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_127BIS_Newport_Beach\/Docs\/S2-186105.zip","group":"S2","meeting":"S2-127","year":2018,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-186110","title":"AS Security Setup","source":"Nokia, Nokia Shanghai Bell","contact":"Devaki Chandramouli","contact-id":68275,"tdoctype":"CR","for":"Approval","abstract":"Summary of change: It is proposed to add AS security setup for Service request. Some considerations on doing it in step 3a versus step 12: 1) Providing the AS security context in step 12 could incur a delay (i.e. steps 4 to 11 have to be executed) if RAN needs to perform RRC release with redirection prior to step 12. 2) In step 3, we have the information necessary to configure AS security context. AMF can also provide HRL (handover restriction list). 3) In step 12, it is sufficient to provide PDU session (UP related) context. Thus it is proposed to provide AS secuirty context in step 3a for Service Request. AMF can also provide HRL at this point. In step 12, PDU session (UP related) context is included, security context is included only if it was not provided earlier.","secretary_remarks":"Revision of S2-184939, merging S2-185068. Revised in parallel session to S2-186255.","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":15390,"status":"revised","reservation_date":"2018-05-31 14:31:13","uploaded":"2018-06-02 18:27:54","revisionof":"S2-184939","revisedto":"S2-186255","release":"Rel-15","crspec":23.502,"crspecversion":"15.1.0","workitem":[{"winame":"5GS_Ph1"}],"crnumber":423.0,"crrevision":1.0,"crcategory":"F","tsg_crp":"","lsreplyto":"","lsto":"","Cc":"","lsoriginalls":"","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_127BIS_Newport_Beach\/Docs\/S2-186110.zip","group":"S2","meeting":"S2-127","year":2018,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-186255","title":"AS Security Setup","source":"Nokia, Nokia Shanghai Bell, Qualcomm","contact":"Devaki Chandramouli","contact-id":68275,"tdoctype":"CR","for":"Approval","abstract":"Summary of change: It is proposed to add AS security setup for Service request. Some considerations on doing it in step 3a versus step 12: 1) Providing the AS security context in step 12 could incur a delay (i.e. steps 4 to 11 have to be executed) if RAN needs to perform RRC release with redirection prior to step 12. 2) In step 3, we have the information necessary to configure AS security context. AMF can also provide HRL (handover restriction list). 3) In step 12, it is sufficient to provide PDU session (UP related) context. Thus it is proposed to provide AS secuirty context in step 3a for Service Request. AMF can also provide HRL at this point. In step 12, PDU session (UP related) context is included, security context is included only if it was not provided earlier.","secretary_remarks":"Revision of S2-186110. Agreed in parallel session. Block approved","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":15400,"status":"agreed","reservation_date":"2018-06-02 16:43:12","uploaded":"2018-06-02 18:27:55","revisionof":"S2-186110","revisedto":"","release":"Rel-15","crspec":23.502,"crspecversion":"15.1.0","workitem":[{"winame":"5GS_Ph1"}],"crnumber":423.0,"crrevision":2.0,"crcategory":"F","tsg_crp":"SP-180479","lsreplyto":"","lsto":"","Cc":"","lsoriginalls":"","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_127BIS_Newport_Beach\/Docs\/S2-186255.zip","group":"S2","meeting":"S2-127","year":2018,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-186256","title":"Handling of maximum supported data rate per UE for integrity protection","source":"Ericsson, Qualcomm Incorporated","contact":"Shabnam Sultana","contact-id":21207,"tdoctype":"CR","for":"Approval","abstract":"Summary of change: 'UE Integrity Protection Maximum Data Rate' added to the UE 5GSM Capability provided at PDU Session Establishment.   Capability for SMF to accept or reject a PDU Session Establishment request based on the 'UE Integrity Protection Maximum Data Rate'.  Provisoning of the 'UE Integrity Protection Maximum Data Rate' to RAN as part of UP setup","secretary_remarks":"Revision of S2-186101. Agreed in parallel session. Block approved","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":15460,"status":"agreed","reservation_date":"2018-06-02 16:43:13","uploaded":"2018-06-02 18:27:55","revisionof":"S2-186101","revisedto":"","release":"Rel-15","crspec":23.502,"crspecversion":"15.1.0","workitem":[{"winame":"5GS_Ph1"}],"crnumber":394.0,"crrevision":2.0,"crcategory":"F","tsg_crp":"SP-180485","lsreplyto":"","lsto":"","Cc":"","lsoriginalls":"","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_127BIS_Newport_Beach\/Docs\/S2-186256.zip","group":"S2","meeting":"S2-127","year":2018,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-186257","title":"Reply LS to 'LS on AUSF\/UDM instance selection and SUCI parameters'","source":"SA WG2","contact":"Kundan Tiwari","contact-id":75778,"tdoctype":"LS out","for":"Approval","abstract":"To: SA WG3, CT WG1, CT WG4","secretary_remarks":"Revision of S2-186104. Agreed in parallel session. Block approved","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":15700,"status":"approved","reservation_date":"2018-06-02 16:43:14","uploaded":"2018-06-02 18:27:55","revisionof":"S2-186104","revisedto":"","release":"Rel-15","crspec":"","crspecversion":"","workitem":"","crnumber":"","crrevision":"","crcategory":"","tsg_crp":"","lsreplyto":"S2-184707","lsto":"SA WG3, CT WG1, CT WG4","Cc":"","lsoriginalls":"","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_127BIS_Newport_Beach\/Docs\/S2-186257.zip","group":"S2","meeting":"S2-127","year":2018,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0}]