M.1 General

33.2203GPPGeneric Authentication Architecture (GAA)Generic Bootstrapping Architecture (GBA)TS

Tools: ARFCN - Frequency Conversion for 5G NR/LTE/UMTS/GSM

This annex specifies the use of SIP Digest credentials, as defined in TS 33.203 [16], for GBA. The procedure specified in this annex is called GBA_Digest. GBA_Digest allows access to applications in a more secure way than would be possible with the use of password-based HTTP Digest as specified in RFC 7235 [61] and RFC 7616 [62] without enhancements. It may be useful for environments where a UICC, or a SIM card, is not available to subscribers. The use of GBA_ Digest is restricted to such environments.

Clauses 4 and 5 of the present document do not apply to this Annex unless explicitly stated.

NOTE 1: The use of the term ‘UE’ in this Annex is in line with the use of the term ‘UE’ in TS 33.203 [16], Annex N (on SIP Digest), but differs from that in other 3GPP specifications in that it assumes that a UICC is not available to subscribers in the UE.

NOTE 2: The use of MD5 in HTTP Digest is not recommended and only supported for interoperability.