M.7 TLS Profile

33.2203GPPGeneric Authentication Architecture (GAA)Generic Bootstrapping Architecture (GBA)TS

Tools: ARFCN - Frequency Conversion for 5G NR/LTE/UMTS/GSM

M.7.1 General

The UE and the BSF shall support TLS according to the TLS profile given in TS 33.310 [19], Annex E.

The certificates shall comply with the requirements for TLS certificates in clause 6.1 of TS 33.310 [19].

Support of certificate revocation and of the related fields in certificates is optional. If supported, the certificate and CRL profiles in clauses 6.1 and 6.1a of TS 33.310 [19] should be followed.

NOTE 1: The management of Root Certificates is out of scope of the present document.

NOTE 2: If no revocation of certificates is deployed, it should be noted, however, that choosing short lifetimes for BSF certificates may considerably reduce the risk, in case BSF certificates may ever be compromised.

M.7.2 Authentication of the BSF

The Client shall authenticate the BSF by use of a server certificate. If the BSF also supports 2G GBA under the same BSF address (cf. TS 23.003 [11]) it is recommended that this certificate be the same as the one used for BSF authentication in 2G GBA, cf. clause I.6.2. The client shall match the server name as specified in RFC 2818 [18], section 3.1.

NOTE: If the BSF addresses derived for the 2G GBA case and the GBA_Digest case differ, but the BSF is the same, then the operator can issue a BSF certificate with two server names or with a wildcard server name to ensure the client check of the server name works correctly, or the operator can issue two different BSF certificates.

The terminal shall use a preconfigured list of trusted root certificates for GBA_Digest BSF server certificate validation. It is recommended that this list be the same as the one used for 2G GBA BSF server certificate validation, cf. clause I.6.2. BSF server certificate validation shall not require manual user interaction.

M.7.3 Authentication of the UE

The BSF shall not request a certificate in a Server Hello Message from the UE. The BSF shall authenticate the UE as specified in clause M.6.3.

M.7.4 Set-up of Security parameters

The TLS Handshake Protocol negotiates a session, which is identified by a Session ID. The Client and the BSF shall allow for resuming a session. The lifetime of a Session ID is subject to local policies of the UE and the BSF.