N.3 SBI Capable NF Discovery and Selection
33.2203GPPGeneric Authentication Architecture (GAA)Generic Bootstrapping Architecture (GBA)TS
N.3.1 General
During the GBA procedures SBI capable network functions such as the BSF and NAF need to discover and select other SBI capable network functions such as the HSS or the UDM and the BSF respectively.
If there is no HSS or if the HSS does not support the N65 and Zh reference points within the GBA architecture, then the BSF shall be configured to discover and use SBA services of a UDM.
N.3.2 SBI Capable HSS Discovery and Selection
An SBI capable BSF performs discovery and selection of an SBI capable HSS. The SBI capable BSF shall utilize the NRF to discover an SBI capable HSS unless the information about SBI capable HSS instance(s) is available by other means, e.g. locally configured on the SBI capable BSF. The HSS selection function in SBI capable BSF entities selects an SBI capable HSS instance based on the available SBI capable HSS instances (obtained from the NRF or locally configured).
An SBI capable BSF always selects an SBI capable HSS within its own PLMN. The HSS selection should consider one of the following factors when available to the SBI capable BSF:
1. HSS Group ID of the UE’s user identity (IMSI/IMPI or MSISDN/IMPU).
2. IMSI/IMPI; e.g. the SBI capable BSF selects an SBI capable HSS instance based on the IMSI/IMPI range the UE’s IMSI/IMPI belongs to, configured locally or based on the results of a discovery procedure with NRF using the UE’s IMSI/IMPI as input for HSS discovery.
3. MSISDN/IMPU; e.g. the SBI capable BSF selects an SBI capable HSS instance based on the MSISDN/IMPU range the UE’s IMSI/IMPU belongs to, configured locally or based on the results of a discovery procedure with NRF using the UE’s MSISDN/IMPU as input for HSS discovery.
Unless the information about the interface type to be used towards HSS is locally configured on the SBI capable BSF, an SBI capable BSF can also use the NRF to decide the type of interface (SBI vs diameter) to be used towards HSS similarly as defined for SBI capable IMS entities in TS 23.228 [65]. For this purpose, an SBI capable BSF can send a Nnrf_NFDiscovery_Request to NRF as defined in TS 23.502 [64] to discover SBI capable HSS instances within a given PLMN. The SBI capable BSF may store all returned SBI capable HSS instances and their NF profiles for subsequent use, including, if applicable, supported IMSI/IMPI and/or MSISDN/IMPU ranges, and/or HSS Group IDs. If no SBI capable HSS instance is available in the PLMN, then the NRF replies to the SBI capable BSF with no information. In this case, the SBI capable BSF may then attempt to communicate with the HSS using legacy GBA protocols.
N.3.3 SBI Capable BSF Discovery and Selection
An SBI capable NAF performs discovery and selection of an SBI capable BSF. The SBI capable NAF shall utilize the NRF to discover an SBI capable BSF unless the information about SBI capable BSF instance(s) is available by other means, e.g. locally configured on the SBI capable NAF. The BSF selection function in SBI capable NAF entities selects an SBI capable BSF instance based on the available SBI capable BSF instances (obtained from the NRF or locally configured).
The BSF selection in an SBI capable NAF shall consider the BSF server name included in the B-TID provided by the UE.
Unless the information about the interface type to be used towards the BSF is locally configured on the SBI capable NAF, an SBI capable NAF can also use the NRF to decide the type of interface (SBI vs diameter) to be used towards BSF. For this purpose, an SBI capable NAF can send a Nnrf_NFDiscovery_Request to NRF as defined in TS 23.502 [64] to discover SBI capable BSF instances within a given PLMN. The SBI capable NAF may store all returned SBI capable BSF instances and their NF profiles for subsequent use. If no SBI capable BSF instance is available in the PLMN, then the NRF replies to the SBI capable NAF with no information. In this case, the SBI capable NAF may then attempt to communicate with the BSF using legacy GBA protocols.
An SBI capable NAF in a PLMN can serve both as an HPLMN NAF for non-roaming UEs or a VPLMN NAF for roaming UEs.
Unless the information about the network function (BSF or Zn-Proxy) to be used is locally configured on the SBI capable NAF, the SBI capable NAF shall use the BSF server name in the B-TID to determine if the requested BSF is in the same PLMN or a different one. If the requested BSF is in a different PLMN the SBI capable NAF shall use the legacy Zn interface towards the Zn-Proxy. Otherwise the SBI capable NAF uses the procedures specified earlier in this clause.
N.3.4 UDM Discovery and Selection
See 3GPP TS 23.501 [66] clause 6.3.8.
Annex O (informative):
Change history
|
Change history |
|||||||||
|
Date |
TSG # |
TSG Doc. |
CR |
Rev |
Cat |
Subject/Comment |
Old |
New |
WI |
|
2004-03 |
SP-23 |
SP-040175 |
– |
– |
D |
Presented for approval at TSG SA #23 |
1.2.1 |
2.0.0 |
|
|
2004-03 |
SP-23 |
– |
– |
– |
F |
Approved and placed under Change Control (Rel-6) |
2.0.0 |
6.0.0 |
|
|
2004-06 |
SP-24 |
SP-040375 |
001 |
– |
F |
Removal of Annex A |
6.0.0 |
6.1.0 |
SEC1–SC |
|
2004-06 |
SP-24 |
SP-040376 |
002 |
– |
B |
NAF remove the security associations |
6.0.0 |
6.1.0 |
SEC1–SC |
|
2004-06 |
SP-24 |
SP-040377 |
003 |
1 |
D |
Removal of editors notes on Transaction Identifiers |
6.0.0 |
6.1.0 |
SEC1–SC |
|
2004-06 |
SP-24 |
SP-040378 |
004 |
1 |
B |
Introduction of a UICC-based Generic Bootstrapping Architecture |
6.0.0 |
6.1.0 |
SEC1–SC |
|
2004-06 |
SP-24 |
SP-040379 |
005 |
– |
D |
Editorial corrections to TS 33.220 |
6.0.0 |
6.1.0 |
SEC1–SC |
|
2004-06 |
SP-24 |
SP-040380 |
006 |
– |
C |
Support for NAF in visited network |
6.0.0 |
6.1.0 |
SEC1–SC |
|
2004-06 |
SP-24 |
SP-040381 |
007 |
– |
C |
Editorial changes and clarifications to TS 33.220 |
6.0.0 |
6.1.0 |
SEC1–SC |
|
2004-06 |
SP-24 |
SP-040382 |
008 |
– |
F |
Multiple key derivation mandatory |
6.0.0 |
6.1.0 |
SEC1–SC |
|
2004-06 |
SP-24 |
SP-040383 |
009 |
– |
C |
NAF’s public hostname verification |
6.0.0 |
6.1.0 |
SEC1–SC |
|
2004-09 |
SP-25 |
SP-040619 |
010 |
– |
C |
Detailing of key lifetime |
6.1.0 |
6.2.0 |
SEC1-SC |
|
2004-09 |
SP-25 |
SP-040619 |
011 |
– |
C |
Details of USIM/ISIM usage in GAA |
6.1.0 |
6.2.0 |
SEC1-SC |
|
2004-09 |
SP-25 |
SP-040619 |
012 |
– |
C |
Generic Ua interface requirements |
6.1.0 |
6.2.0 |
SEC1-SC |
|
2004-09 |
SP-25 |
SP-040619 |
013 |
– |
F |
B-TID generation |
6.1.0 |
6.2.0 |
SEC1-SC |
|
2004-09 |
SP-25 |
SP-040619 |
014 |
– |
B |
Securing Zn reference point |
6.1.0 |
6.2.0 |
SEC1-SC |
|
2004-09 |
SP-25 |
SP-040619 |
015 |
– |
D |
GBA User Security Settings |
6.1.0 |
6.2.0 |
SEC1-SC |
|
2004-09 |
SP-25 |
SP-040619 |
016 |
– |
C |
Creation of GBA_U AV in the BSF |
6.1.0 |
6.2.0 |
SEC1-SC |
|
2004-09 |
SP-25 |
SP-040619 |
017 |
– |
F |
Clarification of the definition of a default type of NAF-specific key |
6.1.0 |
6.2.0 |
SEC1-SC |
|
2004-12 |
SP-26 |
SP-040855 |
018 |
1 |
C |
BSF discovery using default domain method |
6.2.0 |
6.3.0 |
SEC1-SC |
|
2004-12 |
SP-26 |
SP-040855 |
019 |
1 |
C |
Local validity condition set by NAF |
6.2.0 |
6.3.0 |
SEC1-SC |
|
2004-12 |
SP-26 |
SP-040855 |
020 |
3 |
C |
GBA User Security Settings (GUSS) usage in GAA and Introduction of NAF groups |
6.2.0 |
6.3.0 |
SEC1-SC |
|
2004-12 |
SP-26 |
SP-040855 |
021 |
2 |
C |
Details of USIM/ISIM selection in GAA |
6.2.0 |
6.3.0 |
SEC1-SC |
|
2004-12 |
SP-26 |
SP-040855 |
023 |
– |
B |
TLS profile for securing Zn’ reference point |
6.2.0 |
6.3.0 |
SEC1-SC |
|
2004-12 |
SP-26 |
SP-040855 |
025 |
2 |
F |
Optimization of the GBA_U key derivation procedure |
6.2.0 |
6.3.0 |
SEC1-SC |
|
2004-12 |
SP-26 |
SP-040855 |
027 |
2 |
F |
Requirement on ME capabilities for GBA_U |
6.2.0 |
6.3.0 |
SEC1-SC |
|
2004-12 |
SP-26 |
SP-040855 |
034 |
1 |
D |
Adding a note about replay protection |
6.2.0 |
6.3.0 |
SEC1-SC |
|
2004-12 |
SP-26 |
SP-040855 |
035 |
1 |
C |
Complete the MAC modification for GBA_U |
6.2.0 |
6.3.0 |
SEC1-SC |
|
2004-12 |
SP-26 |
SP-040855 |
036 |
1 |
F |
Removal of unnecessary editor’s notes |
6.2.0 |
6.3.0 |
SEC1-SC |
|
2004-12 |
SP-26 |
SP-040855 |
038 |
1 |
C |
Fetching of one AV only on each Zh run between BSF and HSS |
6.2.0 |
6.3.0 |
SEC1-SC |
|
2004-12 |
SP-26 |
SP-040855 |
039 |
1 |
B |
Clean up of TS 33.220 |
6.2.0 |
6.3.0 |
SEC1-SC |
|
2004-12 |
SP-26 |
SP-040855 |
040 |
1 |
F |
New key management for ME based GBA keys |
6.2.0 |
6.3.0 |
SEC1-SC |
|
2004-12 |
SP-26 |
SP-040855 |
041 |
1 |
C |
Key derivation function |
6.2.0 |
6.3.0 |
SEC1-SC |
|
2004-12 |
SP-26 |
SP-040855 |
042 |
1 |
D |
Re-negotation of keys |
6.2.0 |
6.3.0 |
SEC1-SC |
|
2004-12 |
SP-26 |
SP-040855 |
043 |
1 |
C |
No GUSS/USS update procedures in Release-6 |
6.2.0 |
6.3.0 |
GBA-SSC |
|
2004-12 |
SP-26 |
SP-040855 |
044 |
1 |
C |
Clarify the number of NAF-specific keys stored in the UE per NAF‑Id |
6.2.0 |
6.3.0 |
SEC1-SC |
|
2005-03 |
SP-27 |
SP-040139 |
045 |
1 |
F |
Key derivation function: character encoding |
6.3.0 |
6.4.0 |
SEC1-SC |
|
2005-03 |
SP-27 |
SP-040139 |
047 |
1 |
D |
Bootstrapping timestamp |
6.3.0 |
6.4.0 |
SEC1-SC |
|
2005-03 |
SP-27 |
SP-040139 |
048 |
– |
F |
Storage of B-TID in GBA_U NAF Derivation procedure |
6.3.0 |
6.4.0 |
SEC1-SC |
|
2005-06 |
SP-28 |
SP-050262 |
050 |
1 |
F |
Usage of USS for local policy enforcement in BSF |
6.4.0 |
6.5.0 |
SEC1-SC |
|
2005-06 |
SP-28 |
SP-050262 |
051 |
1 |
F |
Correcting figure 4.4 |
6.4.0 |
6.5.0 |
SEC1-SC |
|
2005-06 |
SP-28 |
SP-050263 |
052 |
– |
B |
GBA User Security Settings (GUSS) transfer optimisation |
6.4.0 |
7.0.0 |
SEC1-SC |
|
2005-09 |
SP-29 |
SP-050553 |
0054 |
– |
A |
Clarification of anonymous access to NAF in GBA |
7.0.0 |
7.1.0 |
SEC1-SC |
|
2005-09 |
SP-29 |
SP-050554 |
0056 |
– |
A |
Removing IMPI from USS |
7.0.0 |
7.1.0 |
SEC1-SC |
|
2005-09 |
SP-29 |
SP-050572 |
0057 |
– |
C |
Informative annex on usage of USS for local policy enforcement in BSF |
7.0.0 |
7.2.0 |
SEC1-SC |
|
2005-09 |
SP-29 |
SP-050557 |
0059 |
– |
A |
Removing duplication of text relating to BSF addressing |
7.0.0 |
7.1.0 |
SEC-SC1 |
|
2005-09 |
SP-29 |
SP-050555 |
0061 |
– |
A |
Clarification of lifetime of derived keys |
7.0.0 |
7.1.0 |
SEC1-SC |
|
2005-09 |
SP-29 |
SP-050575 |
0062 |
– |
B |
Introduction of key selection mechanism |
7.0.0 |
7.2.0 |
SEC1-SC |
|
2005-09 |
SP-29 |
SP-050556 |
0064 |
– |
A |
Addition of the Dz interface for multiple HSS deployments |
7.0.0 |
7.1.0 |
SEC1-SC |
|
2005-09 |
SP-29 |
SP-050565 |
0066 |
– |
A |
Removing requirement to send authentication vectors in batches |
7.0.0 |
7.1.0 |
GBA |
|
2005-09 |
SP-29 |
SP-050551 |
0068 |
– |
A |
Clarification concerning input parameter encoding for GBA_U NAF derivation procedure |
7.0.0 |
7.1.0 |
SEC1-SC |
|
2005-09 |
SP-29 |
SP-050577 |
0069 |
1 |
B |
Normative annex on 2G GBA |
7.0.0 |
7.1.0 |
2G GBA |
|
2005-09 |
SP-29 |
SP-050552 |
0071 |
– |
A |
Providing Ua-security protocol based key separation |
7.0.0 |
7.1.0 |
SEC1-SC |
|
2005-10 |
post SP-29 |
– |
– |
– |
– |
Editorial change to align annexes between Release 6 and Release 7 based on CRs at SP-29 |
7.1.0 |
7.1.1 |
|
|
2005-12 |
SP-30 |
SP-050768 |
0073 |
– |
A |
NAF_Id encoding |
7.1.1 |
7.2.0 |
SEC1-SC |
|
2005-12 |
SP-30 |
SP-050775 |
0074 |
– |
B |
Informative annex with examples on interoperator GBA usage |
7.1.1 |
7.2.0 |
GAA2 |
|
2005-12 |
SP-30 |
SP-050775 |
0075 |
– |
F |
Clarification of local policy enforcement |
7.1.1 |
7.2.0 |
GAA2 |
|
2005-12 |
SP-30 |
SP-050777 |
0076 |
– |
F |
Alignment of 2G GBA with recent CRs |
7.1.1 |
7.2.0 |
2GGBA |
|
2005-12 |
SP-30 |
SP-050777 |
0077 |
– |
F |
Addition of information requested by SA plenary on 2G GBA |
7.1.1 |
7.2.0 |
2GGBA |
|
2005-12 |
SP-30 |
SP-050777 |
0078 |
– |
F |
IMPI obtained from IMSI in 2G GBA |
7.1.1 |
7.2.0 |
2GGBA |
|
2005-12 |
SP-30 |
SP-050775 |
0079 |
– |
F |
Removal of possible interoperability problems |
7.1.1 |
7.2.0 |
GAA2 |
|
2006-03 |
SP-31 |
SP-060061 |
0080 |
– |
B |
D-proxy renaming to Zn-Proxy |
7.2.0 |
7.3.0 |
SEC7-GAA2 (GAAExt) |
|
2006-03 |
SP-31 |
SP-060061 |
0082 |
– |
B |
Protection of Zn/Zn’ reference point for http based protocols |
7.2.0 |
7.3.0 |
SEC7-GAA2 (GAAExt) |
|
2006-03 |
SP-31 |
SP-060051 |
0084 |
– |
A |
Restricting the TLS CipherSuites in Annex E and cleanup of references |
7.2.0 |
7.3.0 |
SEC1-SC |
|
2006-03 |
SP-31 |
SP-060061 |
0085 |
– |
F |
Clarifications of requirement |
7.2.0 |
7.3.0 |
SEC7-2GGBA |
|
2006-03 |
SP-31 |
SP-060056 |
0087 |
– |
A |
GBA keys handling and UICC presence detection |
7.2.0 |
7.3.0 |
TEI |
|
2006-03 |
SP-31 |
SP-060049 |
0089 |
– |
A |
Clarify the confusion of the useof NAF-ID and FQDN |
7.2.0 |
7.3.0 |
(SEC1) (GAAext) |
|
2006-03 |
SP-31 |
SP-060061 |
0090 |
– |
F |
key derivation clarifications |
7.2.0 |
7.3.0 |
SEC7-GAA2 (GAAExt) |
|
2006-03 |
SP-31 |
SP-060061 |
0091 |
– |
F |
Use of SIM for a Ua application |
7.2.0 |
7.3.0 |
SEC7-GAA2 (GAAExt) |
|
2006-06 |
SP-32 |
SP-060424 |
0093 |
1 |
F |
UICC removal |
7.3.0 |
7.4.0 |
TEI |
|
2006-06 |
SP-32 |
SP-060380 |
0095 |
– |
A |
Minimum lifetime of Keys |
7.3.0 |
7.4.0 |
TEI7 |
|
2006-09 |
SP-33 |
SP-060500 |
0096 |
– |
F |
Clarification of notes |
7.4.0 |
7.5.0 |
SEC7 |
|
2006-09 |
SP-33 |
SP-060500 |
0097 |
– |
F |
Corrections of some incorrect reference |
7.4.0 |
7.5.0 |
GAA2 |
|
2006-09 |
SP-33 |
SP-060493 |
0099 |
– |
A |
Sending FQDN over Zn |
7.4.0 |
7.5.0 |
SEC1-SC |
|
2006-09 |
SP-33 |
SP-060496 |
0101 |
– |
A |
Correction to the UICC selection procedure in GBA |
7.4.0 |
7.5.0 |
TEI6 |
|
2006-12 |
SP-34 |
SP-060810 |
0103 |
1 |
F |
Addition of note on out-of-order case for BSF |
7.5.0 |
7.6.0 |
GAA2 (GAAExt) |
|
2006-12 |
SP-34 |
SP-060810 |
0104 |
1 |
F |
Using pseudonyms over Zn to ensure service continuity |
7.5.0 |
7.6.0 |
GAA2 (GAAExt) |
|
2006-12 |
SP-34 |
SP-060810 |
0105 |
1 |
C |
UICC application selection for service continuity |
7.5.0 |
7.6.0 |
GAA2 (GAAExt) |
|
2006-12 |
SP-34 |
SP-060810 |
0106 |
1 |
F |
Two NAF applications having the same NAF keys |
7.5.0 |
7.6.0 |
GAA2 (GAAExt) |
|
2006-12 |
SP-34 |
SP-060801 |
0110 |
1 |
F |
Correction of Requirements on GBA keys |
7.5.0 |
7.6.0 |
SEC7-GAA2 |
|
2006-12 |
SP-34 |
SP-060811 |
0111 |
– |
C |
Suppression of NAF Group attribute within USS on Zn and Zn’ interfaces |
7.5.0 |
7.6.0 |
SEC7-GAA2 |
|
2006-12 |
SP-34 |
SP-060809 |
0112 |
1 |
F |
Addition of text regarding the use of the NDS authentication framework |
7.5.0 |
7.6.0 |
NDSAFTLS |
|
2007-03 |
SP-35 |
SP-070160 |
0113 |
1 |
F |
Key deletion method for applications |
7.6.0 |
7.7.0 |
SEC7-GAA2 |
|
2007-03 |
SP-35 |
SP-070160 |
0114 |
2 |
F |
Encode problems in HTTP digest AKA authentication between UE and BSF |
7.6.0 |
7.7.0 |
GAA2 |
|
2007-03 |
SP-35 |
SP-070160 |
0116 |
1 |
F |
GBA key names clarification |
7.6.0 |
7.7.0 |
SEC7-GAA2 |
|
2007-03 |
SP-35 |
SP-070160 |
0118 |
– |
D |
Correction of Note in Annex H |
7.6.0 |
7.7.0 |
SEC7-GAA2 |
|
2007-03 |
SP-35 |
SP-070146 |
0120 |
1 |
A |
Clarification on NAF_Id coding |
7.6.0 |
7.7.0 |
TEI6 |
|
2007-03 |
SP-35 |
SP-070147 |
0122 |
– |
A |
Clarification of mapping of GUSS to IMPIs and IMSIs |
7.6.0 |
7.7.0 |
SEC7-GAA2 |
|
2007-06 |
SP-36 |
SP-070338 |
0123 |
1 |
B |
Details of HLR – BSF reference point |
7.7.0 |
7.8.0 |
GAAExt |
|
2007-06 |
SP-36 |
SP-070327 |
0124 |
– |
F |
Clarifying the terms 2G and 3G for GBA |
7.7.0 |
7.8.0 |
2G_GBA |
|
2007-06 |
SP-36 |
SP-070327 |
0126 |
1 |
A |
GBA NAF Keys storage policy in the UICC |
7.7.0 |
7.8.0 |
SEC1-SC |
|
2007-06 |
SP-36 |
SP-070340 |
0108 |
3 |
B |
Introduction of temporary identifier for bootstrapping procedure |
7.8.0 |
8.0.0 |
TEI8 |
|
2007-09 |
SP-37 |
SP-070594 |
0128 |
4 |
A |
Correction to HLR – BSF reference point |
8.0.0 |
8.1.0 |
SEC7-GAA2 |
|
2007-12 |
SP-38 |
SP-070792 |
0129 |
1 |
D |
Addition of information for developers on B-TID uniquenss |
8.1.0 |
8.2.0 |
TEI8 |
|
2007-12 |
SP-38 |
SP-070785 |
0132 |
1 |
A |
2G GBA Certificate Management |
8.1.0 |
8.2.0 |
TEI8 |
|
2007-12 |
SP-38 |
SP-070787 |
0134 |
1 |
A |
Usage of OMA References – Update of Reference |
8.1.0 |
8.2.0 |
TEI8 |
|
2008-03 |
SP-39 |
SP-080141 |
0138 |
1 |
A |
Simultaneous handling of Zh’ and Zh in a BSF |
8.2.0 |
8.3.0 |
SEC7-GAA2 |
|
2008-03 |
SP-39 |
SP-080143 |
0136 |
– |
F |
Move Manual TLS certificate handling |
8.2.0 |
8.3.0 |
TEI8 |
|
2008-09 |
SP-41 |
SP-080143 |
0139 |
1 |
F |
Zh and Zh’ intra-operator domain reference points |
8.3.0 |
8.4.0 |
TEI8 |
|
2008-12 |
SP-42 |
SP-080744 |
0140 |
– |
F |
Add FC number space value allocations and clarification on length parameter |
8.4.0 |
8.5.0 |
TEI8 |
|
2008-12 |
SP-42 |
SP-080744 |
0141 |
– |
F |
Using Unicode Standard Normalization Form when encoding using UTF-8 |
8.4.0 |
8.5.0 |
TEI8 |
|
2009-03 |
SP-43 |
SP-090137 |
0142 |
– |
F |
Add FC number space value allocations for HSPA SRVCC |
8.5.0 |
8.6.0 |
TEI8 |
|
2009-06 |
SP-44 |
SP-090420 |
0142 |
1 |
F |
Ua security protocol identifiers for IMS based MBMS |
8.6.0 |
8.7.0 |
TEI8 |
|
2009-06 |
SP-44 |
SP-090420 |
0143 |
1 |
F |
Clarify sending of MSISDN in Zn |
8.6.0 |
8.7.0 |
TEI8 |
|
2009-06 |
SP-44 |
SP-090276 |
0142 |
– |
C |
Modification of References |
8.7.0 |
9.0.0 |
TEI9 |
|
2009-06 |
SP-44 |
SP-090276 |
0144 |
1 |
B |
GBA DIAMETER based Zn reference point to support TLS |
8.7.0 |
9.0.0 |
TEI9 |
|
2009-09 |
SP-45 |
SP-090524 |
0143 |
– |
F |
FC value allocation for GPL |
9.0.0 |
9.1.0 |
eGBAPush |
|
2009-09 |
SP-45 |
SP-090524 |
0145 |
– |
C |
Introducing Ua security protocol Id for GPL |
9.0.0 |
9.1.0 |
eGBAPush |
|
2009-12 |
SP-46 |
SP-090820 |
0146 |
– |
A |
KDF clarification |
9.1.0 |
9.2.0 |
eGBAPush |
|
2009-12 |
SP-46 |
SP-090822 |
0148 |
– |
F |
Ua security protocol identifier for IMS media plane security |
9.1.0 |
9.2.0 |
MEDIASEC |
|
2010-06 |
SP-48 |
SP-100361 |
0149 |
1 |
F |
Deprecation of SHA-1 |
9.2.0 |
9.3.0 |
TEI9 |
|
2010-10 |
SP-49 |
SP-100482 |
0150 |
1 |
C |
Unification of TLS and certificate references in TS 33.220 with TS 33.310 |
9.3.0 |
10.0.0 |
TEI10 |
|
2011-09 |
SP-53 |
SP-110563 |
0151 |
– |
F |
Reintroduction of lost reference |
10.0.0 |
11.0.0 |
Sec11 |
|
2011-12 |
SP-54 |
SP-110848 |
0153 |
1 |
F |
Correction of Allowed TLS Ciphersuite Identifiers in Annex H.3 |
11.0.0 |
11.1.0 |
Sec11 |
|
2012-03 |
SP-55 |
SP-120033 |
0156 |
3 |
B |
SIP Digest-based GBA scope and terminology updates |
11.1.0 |
11.2.0 |
GBA-ext |
|
0159 |
2 |
B |
GBA extension for re-use of SIP Digest credentials |
||||||
|
SP-120039 |
0157 |
– |
F |
Update of TLS extensions version |
Sec11 |
||||
|
0158 |
– |
F |
Correction of BSF and bootstrapping requirements in 2G GBA |
||||||
|
0160 |
1 |
D |
GBA terminology issues |
||||||
|
SP-120037 |
0164 |
– |
A |
Correction of misimplementation of Change Requests on KDF FC value allocations |
TEI8 |
||||
|
2012-06 |
SP-56 |
SP-120340 |
0165 |
2 |
F |
Introduction of auth-int in GBA_Digest |
11.2.0 |
11.3.0 |
GBA-ext |
|
2012-06 |
SP-56 |
SP-120341 |
0166 |
– |
F |
Correction of TLS Extensions References to point toTS 33.310 |
11.2.0 |
11.3.0 |
SEC11 |
|
2012-06 |
SP-56 |
SP-120341 |
0167 |
– |
F |
Correction of phrase describing Zn procedure |
11.2.0 |
11.3.0 |
SEC11 |
|
2012-06 |
SP-56 |
SP-120340 |
0168 |
– |
F |
NAF specific key derivation in GBA_Digest |
11.2.0 |
11.3.0 |
GBA-ext |
|
2012-06 |
SP-56 |
SP-120340 |
0169 |
– |
F |
TMPI (temporary identity) support in GBA_Digest |
11.2.0 |
11.3.0 |
GBA-ext |
|
2012-09 |
SP-57 |
SP-120605 |
0170 |
1 |
F |
Correction of description of “Bootstrapping Initiation” |
11.3.0 |
11.4.0 |
SEC11 |
|
2013-03 |
SP-59 |
SP-130036 |
0171 |
1 |
F |
Correction of references for GBA |
11.4.0 |
12.0.0 |
SEC12, GBA-ext |
|
2013-06 |
SP-60 |
SP-130249 |
0172 |
1 |
F |
Ua security protocol identifier |
12.0.0 |
12.1.0 |
Web_GBA |
|
SP-130255 |
0173 |
– |
A |
Removal of editor’s note Release 12 – 33.220 |
FS_SSO_APS |
||||
|
SP-130258 |
0175 |
1 |
F |
Mandating encryption in the TLS profile for 2G GBA |
TEI12, SEC7-2GGBA |
||||
|
SP-130258 |
0176 |
1 |
F |
Removal of realm check in 2G GBA |
TEI12, SEC7-2GGBA |
||||
|
SP-130258 |
0177 |
2 |
F |
Correction of 2G GBA |
TEI12, SEC7-2GGBA |
||||
|
2012-12 |
SP-62 |
SP-130667 |
0178 |
– |
F |
Checking that GBA types over Ua and Zn match |
12.1.0 |
12.2.0 |
TEI12, GBA-ext |
|
2014-06 |
SP-64 |
SP-140315 |
0180 |
1 |
C |
Adding FC value for ProSe specification |
12.2.0 |
12.3.0 |
ProSe |
|
2016-01 |
SP-70 |
Upgrade to Rel-13 (MCC) |
12.3.0 |
13.0.0 |
|||||
|
Change history |
|||||||
|
Date |
Meeting |
TDoc |
CR |
Rev |
Cat |
Subject/Comment |
New version |
|
2016-06 |
SA#72 |
SP-160387 |
0184 |
1 |
F |
Changes to the allocation of FC values |
13.1.0 |
|
2016-12 |
SA#74 |
SP-160788 |
0186 |
1 |
C |
3GPP security profile update – 33.220 |
14.0.0 |
|
2017-06 |
SA#76 |
SP-170426 |
0188 |
– |
A |
Introduction of a new value range for the input value FC for the key derivation function (KDF) for use in TS 33.203 |
14.1.0 |
|
2017-06 |
SA#76 |
SP-170433 |
0185 |
4 |
B |
Allocation of FC values for BEST |
15.0.0 |
|
2018-01 |
SA#78 |
SP-170873 |
0189 |
1 |
F |
Assigning an FC value for EDCE5 key derivations |
15.1.0 |
|
2018-06 |
SA#80 |
SP-180452 |
0190 |
1 |
F |
Assigning FC values to TS 33.501 |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180702 |
0194 |
– |
A |
[MCSec] 33220 R15 FC values for MCData (mirror) |
15.3.0 |
|
2018-09 |
SA#81 |
SP-180704 |
0195 |
1 |
F |
FC value in TS 33.220 |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181022 |
0197 |
– |
F |
Assigning additional FC values to TS 33.501 |
15.4.0 |
|
2019-09 |
SA#85 |
SP-190682 |
0198 |
1 |
B |
Assigning a FC value to TS 33.501 for KASME_SRVCC calculation |
16.0.0 |
|
2020-07 |
SA#88E |
SP-200364 |
0199 |
1 |
C |
Allocation of FC values for TS 33.356 |
16.1.0 |
|
2020-09 |
SA#89E |
SP-200701 |
0203 |
1 |
F |
Assigning FC values for IAB and AKMA TS |
16.2.0 |
|
2020-12 |
SA#90E |
SP-201007 |
0205 |
1 |
F |
Removal of AKMA related changes to TS 33.220 in Rel-16 |
16.3.0 |
|
2020-12 |
SA#90E |
SP-201006 |
0206 |
1 |
B |
CR for AKMA changes to TS 33.220 in Rel-17 |
17.0.0 |
|
2020-12 |
SA#90E |
SP-201008 |
0207 |
1 |
B |
SHA-1 deprecation in GBA |
17.0.0 |
|
2021-06 |
SA#92e |
SP-210435 |
0209 |
1 |
A |
FC Value Change because of KTIPSec and KTNAP Derivation in R17 |
17.1.0 |
|
2021-06 |
SA#92e |
SP-210437 |
0211 |
– |
B |
Security updates for algorithms and protocols in 33.220 |
17.1.0 |
|
2021-12 |
SA#94e |
SP-211391 |
0214 |
– |
B |
SBA support for the Zh and Zn interfaces |
17.2.0 |
|
2022-06 |
SA#96 |
SP-220553 |
0215 |
1 |
F |
Adding a new Ua security protocol identifier for TLS 1.3 |
17.3.0 |
|
2022-12 |
SA#98e |
SP-221152 |
0219 |
1 |
F |
Allocate FC Value for 33.503 |
17.4.0 |