B.2 General

24.5473GPPIdentity management - Service Enabler Architecture Layer for Verticals (SEAL)Protocol specificationRelease 17TS

Tools: ARFCN - Frequency Conversion for 5G NR/LTE/UMTS/GSM

When the VAL UE is authenticating directly to the SEAL/VAL server without proxies, then the DTLS profile of ACE-OAUTH [20] may be used. In order to authorize clients and protect communication across proxies, the OSCORE profile of ACE-OAUTH [21] shall be used.

The client shall support UDP transport defined in IETF RFC 7252 [17] and should support TCP transport defined in IETF RFC 8323 [18]:

a) when UDP transport and OSCORE profile of ACE-OAUTH [21] are used, datagram transport layer security (DTLS) may be used;

b) when TCP transport and OSCORE profile of ACE-OAUTH [21] are used, transport layer security (TLS) may be used;

c) when UDP transport and DTLS profile of ACE-OAUTH [20] are used, datagram transport layer security (DTLS) shall be used; and

d) when TCP transport and DTLS profile of ACE-OAUTH [20] are used, transport layer security (TLS) shall be used.

Proof-of-Possession token type is used with ACE-OAUTH [19].