Tdoc List

2018-08-27 15:16

TDoc Title Source Type For Agenda Avail Treated Decision Wdrn Replaced-by Replaces
S3‑182100 Agenda WG Chairman agenda  
2Approval of Agenda and Meeting Objectives
Yes
Yes
approved No    
S3‑182101 Report from last SA3 meeting/s MCC report  
4.1Approval of the report from previous SA3 meeting(s)
Yes
Yes
withdrawn Yes    
S3‑182102 SA3 Work Plan MCC Work Plan  
9.1Review of work plan
Yes
Yes
noted No    
S3‑182103 Report from last SA meeting WG Chairman report  
4.2Report from SA Plenary
Yes
Yes
noted No    
S3‑182104 SA3 meeting calendar MCC other  
10Future Meeting Dates and Venues
Yes
Yes
revised No S3‑182698  
S3‑182105 Work Plan input from Rapporteurs MCC other  
9.2Rapporteur input on status of WID or SID
Yes
Yes
revised No S3‑182699  
S3‑182106 TCG progress report InterDigital, Inc. report Information
6.6TCG
Yes
Yes1. TCG – Highlights • New/modified work working group CyRes – Cyber Resistance WG. This workgroup intends to develop new technologies, promote existing best-practices, and coordinate efforts in other groups inside and outside TCG, to improve the cyber-resiliency of future platforms. The CyRes WG will focus on: 1. Protection for code and configuration information that determine the platform capabilities. 2. Detection mechanisms for malware and deprecated or corrupted configuration data or code. 3. Recovery capabilities that can reliably patch both code and configuration in a selected device, and hence recover the device. • Publication of new or revised deliverables (incremental changes from the status reported at SA3#91) o TCG TMS Use Cases v2 – delayed due to GDPR compliance review, to be published September 2018 o TCG SNMP MIB for TPM-based Attestation – public review July 2018 o TCG PC Client Platform Firmware Profile – public review July 2018 o TCG Storage Interface Interactions (SIIS) – public review May 2018 o TCG SNMP MIB for TPM-based Attestation – public review May 2018 o TCG Device Identifier Composition Engine – published March 2018 2. Meetings TCG Members Meeting in Lisbon, PT – 15-18 October 2018 TCG Members Meeting in TBD location – February 2019 MPWG meets every Thursday at 10-11 ET TMS WG meets every Monday and Friday at 12-13 ET CyRes WG meets every Wednesday at 11-12:30 ET
noted No    
S3‑182107 [MCSec] 33180 R14. Examples of MC service ID shall be URI Airbus DS SLC CR  
7.4.8Mission Critical (MCPTT, MCSec, eMCSec, MONASTERY_SEC)
Yes
Yes
revised No S3‑182543  
S3‑182108 [MCSec] 33180 R15. Examples of MC service ID shall be URI Airbus DS SLC CR  
7.4.8Mission Critical (MCPTT, MCSec, eMCSec, MONASTERY_SEC)
Yes
Yes
revised No S3‑182544  
S3‑182109 New KI proposal for TR 33.861 on CIoT security InterDigital, Inc. pCR Approval
8.6Study on evolution of Cellular IoT security for the 5G System (FS_CIoT_sec_5G) (Rel-16)
Yes
Yes
not treated No    
S3‑182110 [MCSec] 33180 R14. Clarification for MIKEY-SAKKE values Airbus DS SLC CR  
7.4.8Mission Critical (MCPTT, MCSec, eMCSec, MONASTERY_SEC)
Yes
YesAlex (BT) commented that adding changes to editor's notes was not a valid procedure for a frozen spec, it was better to wait.
revised No S3‑182545  
S3‑182111 [MCSec] 33180 R15. Clarification for MIKEY-SAKKE values Airbus DS SLC CR  
7.4.8Mission Critical (MCPTT, MCSec, eMCSec, MONASTERY_SEC)
Yes
Yes
revised No S3‑182546  
S3‑182112 [MCSec] 33180 R15. Clarification for MIKEY-SAKKE values Airbus DS SLC CR  
7.4.8Mission Critical (MCPTT, MCSec, eMCSec, MONASTERY_SEC)
No
Yes
withdrawn Yes    
S3‑182113 New KI proposal for TR 33.861 on CIoT security InterDigital, Inc. pCR Approval
8.6Study on evolution of Cellular IoT security for the 5G System (FS_CIoT_sec_5G) (Rel-16)
Yes
Yes
not treated No    
S3‑182114 New KI proposal for TR 33.861 on CIoT security InterDigital, Inc. pCR Approval
8.6Study on evolution of Cellular IoT security for the 5G System (FS_CIoT_sec_5G) (Rel-16)
Yes
Yes
not treated No    
S3‑182115 New KI proposal for TR 33.861 on CIoT security InterDigital, Inc. pCR Approval
8.6Study on evolution of Cellular IoT security for the 5G System (FS_CIoT_sec_5G) (Rel-16)
Yes
Yes
not treated No    
S3‑182116 New KI proposal for TR 33.861 on CIoT security InterDigital, Inc. pCR Approval
8.6Study on evolution of Cellular IoT security for the 5G System (FS_CIoT_sec_5G) (Rel-16)
Yes
Yes
not treated No    
S3‑182117 New KI proposal for TR 33.861 on CIoT security InterDigital, Inc. pCR Approval
8.6Study on evolution of Cellular IoT security for the 5G System (FS_CIoT_sec_5G) (Rel-16)
Yes
Yes
not treated No    
S3‑182118 Use of SCEF anchored non-IP PDN Connections with BEST Convida Wireless, InterDigital, Inc. discussion Agreement
7.4.15Battery Efficient Security for very low Throughput Machine Type Communication Devices (BEST_MTC_Sec) (Rel-15)
Yes
Yes
noted No    
S3‑182119 Adding BEST Support for non-IP PDN Connections that Terminate at the SCEF Convida Wireless, InterDigital, Inc. CR Approval
7.4.15Battery Efficient Security for very low Throughput Machine Type Communication Devices (BEST_MTC_Sec) (Rel-15)
Yes
Yes
revised No S3‑182626  
S3‑182120 [Draft] LS on Specification of the EAS-C/U interfaces for BEST Convida Wireless, InterDigital, Inc. LS out Agreement
7.4.15Battery Efficient Security for very low Throughput Machine Type Communication Devices (BEST_MTC_Sec) (Rel-15)
Yes
Yes
revised No S3‑182674  
S3‑182121 Question on 5G network slices GSMA SIM LS in  
6.4GSMA
Yes
Yes
replied to No    
S3‑182122 Reply LS on GSMA question on 5G network slices S2-187599 LS in  
6.4GSMA
Yes
Yes
noted No    
S3‑182123 LS Out for 5G slices roaming S3i180376 LS in  
6.4GSMA
Yes
Yes
noted No    
S3‑182124 Statement on urgency of alignment of ETSI SSP with 3GPP release 15 GSMA LS in  
6.4GSMA
Yes
Yes
noted No    
S3‑182125 Reply LS on initial NAS message protection C1-183727 LS in  
7.1.15Incoming and outgoing Lses
Yes
YesThis LS was already replied in the previous meeting.
withdrawn Yes    
S3‑182126 Reply LS on initial NAS message protection S2-187505 LS in  
7.1.15Incoming and outgoing Lses
Yes
Yes
replied to No    
S3‑182127 LS on [Temporary group call – user regroup] and [Temporary group – broadcast group call] C1-184907 LS in  
7.3eMCSec R16 security (MCXSec) (Rel-16)
Yes
Yes
noted No    
S3‑182128 Provision of ngKSI to UE at EAP-Request/AKA'-Challenge C1-184942 LS in  
7.1.15Incoming and outgoing Lses
Yes
Yes
replied to No    
S3‑182129 Reply LS on AUSF/UDM instance selection and SUCI parameters C4-184576 LS in  
7.1.15Incoming and outgoing Lses
Yes
Yes
noted No    
S3‑182130 Response to “Reply LS on AUSF/UDM instance selection and SUCI parameters” C6-180361 LS in  
7.1.15Incoming and outgoing Lses
Yes
Yes
noted No    
S3‑182131 Reply LS to “LS on AUSF/UDM instance selection and SUCI parameters” S2-186257 LS in  
7.1.15Incoming and outgoing Lses
Yes
Yes
noted No    
S3‑182132 LS OUT on TLS and inter PLMN routing C4-184612 LS in  
7.1.15Incoming and outgoing Lses
Yes
Yes
noted No    
S3‑182133 LS OUT on TLS and inter PLMN routing C4-185493 LS in  
7.1.15Incoming and outgoing Lses
Yes
Yes
replied to No    
S3‑182134 LS on Nausf_SoRProtection service C4-185319 LS in  
7.4.14PLMN RAT selection (Steering of Roaming) (Rel-15)
Yes
Yes
noted No    
S3‑182135 Reply LS on avoiding race condition in 5G AKA C4-185320 LS in  
7.1.15Incoming and outgoing Lses
Yes
Yes
noted No    
S3‑182136 LS OUT on OAuth 2.0 C4-185505 LS in  
7.1.15Incoming and outgoing Lses
Yes
Yes
replied to No    
S3‑182137 Reply LS on SoR mechanism C6-180295 LS in  
7.4.14PLMN RAT selection (Steering of Roaming) (Rel-15)
Yes
Yes
noted No    
S3‑182138 Reply-LS on new work item "X.5Gsec-q" ETSI TC CYBER LS in  
6.8TC-CYBER
Yes
YesColin (BT): if they mention 5G we shouldn't duplicate work that is being done in 3GPP as well.
replied to No    
S3‑182139 LSout to various organisations on usage of NFV Specifications ETSI ISG NFV LS in  
6.9ETSI NFV security
Yes
Yes
noted No    
S3‑182140 Reply LS to RAN2 on Bluetooth/WLAN measurement collection in MDT S5-183626 LS in  
6.13GPP Working Groups
Yes
Yes
noted No    
S3‑182141 Reply LS on Bluetooth/WLAN measurement collection in MDT R2-1808793 LS in  
6.13GPP Working Groups
Yes
YesChina Mobile had a contribution related to this: tdoc 450.
replied to No    
S3‑182142 Security related agreements on Early Data Transmission R2-1808869 LS in  
7.4.10Security Aspects of Narrowband IOT (CIoT)
Yes
Yes
noted No    
S3‑182143 Reply LS on Security aspects of supporting LTE connected to 5GC R2-1809162 LS in  
7.1.15Incoming and outgoing Lses
Yes
Yes
replied to No    
S3‑182144 LS on inactive security R2-1809177 LS in  
7.1.15Incoming and outgoing Lses
Yes
Yes
replied to No    
S3‑182145 LS on UE identity for PO calculation R2-1810941 LS in  
7.1.15Incoming and outgoing Lses
Yes
Yes
replied to No    
S3‑182146 LS on security requirements for RRC connection release R2-1810960 LS in  
7.1.15Incoming and outgoing Lses
Yes
Yes
replied to No    
S3‑182147 LS on connection re-establishment security R2-1810965 LS in  
7.1.15Incoming and outgoing Lses
Yes
Yes
replied to No    
S3‑182148 LS on EDT procedures and AS NAS interaction (R2-1712077) R3-183574 LS in  
7.4.10Security Aspects of Narrowband IOT (CIoT)
Yes
Yes
noted No    
S3‑182149 Reply LS on new BEST Service S2-187226 LS in  
7.4.15Battery Efficient Security for very low Throughput Machine Type Communication Devices (BEST_MTC_Sec) (Rel-15)
Yes
Yes
noted No    
S3‑182150 LS on security handling when deploying UDSF S2-187506 LS in  
7.1.15Incoming and outgoing Lses
Yes
Yes
replied to No    
S3‑182151 Reply LS on clarification on Restricted Operator Services S2-181407 LS in  
8.8Study on Security Aspects of PARLOS (FS_PARLOS_Sec) (Rel-16)
Yes
Yes
postponed No    
S3‑182152 LS on devices behind 5G-RG accessing the 5GC S3i180377 LS in  
8.7Study on the security of the Wireless and Wireline Convergence for the 5G system architecture (FS_5WWC_SEC) (Rel-16)
Yes
Yes
postponed No    
S3‑182153 Reply LS on CAPIF4xMB S6-180727 LS in  
7.4.13Security Aspects of Common API Framework for 3GPP Northbound APIs (CAPIF_Sec) (Rel-15)
Yes
Yes
replied to No    
S3‑182154 Reply LS on CAPIF4xMB S6-180944 LS in  
7.4.13Security Aspects of Common API Framework for 3GPP Northbound APIs (CAPIF_Sec) (Rel-15)
Yes
Yes
noted No    
S3‑182155 Reply LS to “5G for Industrial Communication” SP-180608 LS in  
6.10Other Groups
Yes
Yes
noted No    
S3‑182156 LS on Guidance on Way Forward for Steering of Roaming SP-180621 LS in  
7.4.14PLMN RAT selection (Steering of Roaming) (Rel-15)
Yes
Yes
noted No    
S3‑182157 UE capability related to integrity protection of DRBs R2-1804056 LS in  
7.1.15Incoming and outgoing Lses
Yes
YesThis LS was treated already in the previous meeting.
withdrawn Yes    
S3‑182158 New KI proposal for TR 33.807 on security of the Wireless and Wireline Convergence for the 5G system architecture InterDigital, Inc. pCR Approval
8.7Study on the security of the Wireless and Wireline Convergence for the 5G system architecture (FS_5WWC_SEC) (Rel-16)
Yes
Yes
not treated No    
S3‑182159 LS/r on revised Recommendation ITU-T Q.850 (reply to 3GPP TSG SA3 - C3-183507) ITU-T SG11 LS in  
6.10Other Groups
Yes
YesThis LS was intended for CT3.
noted No    
S3‑182160 Reply LS on temporary group regroup procedures S6-181287 LS in  
7.3eMCSec R16 security (MCXSec) (Rel-16)
Yes
Yes
noted No    
S3‑182161 LS on use of ITS dedicated spectrum within V2X UE S6-181288 LS in  
6.13GPP Working Groups
Yes
Yes
noted No    
S3‑182162 Reply LS on CAPIF specification work in SA3 S6-181290 LS in  
7.4.13Security Aspects of Common API Framework for 3GPP Northbound APIs (CAPIF_Sec) (Rel-15)
Yes
Yes
noted No    
S3‑182163 LS on application layer support for V2X services S6-181291 LS in  
6.13GPP Working Groups
Yes
Yes
noted No    
S3‑182164 Protection of the N4 Interface Juniper Networks, Deutsche Telecom AG CR  
7.1.12NDS
Yes
YesEricsson: Do we need to specify separately the security for every core network/RAN interface? We should do it in a more generic way. ORANGE: this is in line with what SA2 is doing. It was agreed to create a new CR to do such generalization.
not pursued No    
S3‑182165 Protection of the N9 Interface Juniper Networks, Deutsche Telecom AG CR  
7.1.12NDS
Yes
Yes
not pursued No    
S3‑182166 Discussion on the Scope and Future Use of the NDS IP and AF Specifications Juniper Networks discussion  
7.4.3Network Domain Security (NDS)
Yes
Yes
noted No    
S3‑182167 Update NDS/IP scope with application layer crypto profiles Juniper Networks CR  
7.4.3Network Domain Security (NDS)
Yes
Yes
revised No S3‑182606  
S3‑182168 Update NDS/IP scope with application layer crypto profiles Juniper Networks CR  
7.4.3Network Domain Security (NDS)
Yes
Yes
not pursued No    
S3‑182169 Clarify NDS/AF intro regarding crypto profiles Juniper Networks CR  
7.4.3Network Domain Security (NDS)
Yes
Yes
revised No S3‑182608  
S3‑182170 Clarify NDS/AF intro regarding crypto profiles Juniper Networks CR  
7.4.3Network Domain Security (NDS)
Yes
Yes
noted No    
S3‑182171 Clause 5.2.5 - Modification on subscriber privacy ZTE Corporation CR Approval
7.1.14Privacy
Yes
YesIDEMIA: we cannot mandate proprietary schemes to be stored in the USIM. Ericsson agreed. Gemalto: the routing information should be listed as well.
revised No S3‑182635  
S3‑182172 Clause 5.8.2 - Modification on requirement on UDM storing key pair identifier ZTE Corporation CR Approval
7.1.14Privacy
Yes
Yes
not pursued No    
S3‑182173 Clause 5.9.3.3 - Modification on integrity requirement on N32 ZTE Corporation CR Approval
7.1.13.1Interconnect (SEPP related)
Yes
YesDT didn’t agree with this change; it is not modified inline.NCSC agreed.
not pursued No    
S3‑182174 Clause 6.1.2 - Modification on figure of initiation of authentication ZTE Corporation CR Approval
7.1.8Primary authentication
Yes
YesEricsson didn’t see the need to have a split in the fgure.
not pursued No    
S3‑182175 Clause 6.3.1 - Modification on security context handling ZTE Corporation CR Approval
7.1.6Security context
Yes
Yes
merged No S3‑182540  
S3‑182176 Discussion on AMF sending NAS SMC over both access types ZTE Corporation discussion Endorsement
7.1.5NAS security
Yes
Yes
noted No    
S3‑182177 Clause 6.4.2.2 - Clarification on AMF sending NAS SMC over both access types ZTE Corporation CR Approval
7.1.5NAS security
Yes
Yes
not pursued No    
S3‑182178 Clause 6.4.5 - Editorial modification on NAS COUNT handling ZTE Corporation CR Approval
7.1.5NAS security
Yes
Yes
agreed No    
S3‑182179 Clause 6.6.1 - Modification on UP security policy ZTE Corporation CR Approval
7.1.4AS security
Yes
Yes
merged No S3‑182644  
S3‑182180 Clause 6.6.2 - Modification on UP security activation mechanism ZTE Corporation CR Approval
7.1.4AS security
Yes
YesHuawei supported this change. Nokia had some reservations since they considered it a rare case.They dropped their objection since everybody else could live with the change.
revised No S3‑182645  
S3‑182181 Clause 6.7.3.2 - Modification on algorithm selection during N2 handover ZTE Corporation CR Approval
7.1.3Mobility
Yes
Yes
revised No S3‑182584  
S3‑182182 Clause 6.7.3.5 - Correct reference for RNA update procedure ZTE Corporation CR Approval
7.1.3Mobility
Yes
Yes
agreed No    
S3‑182183 Clause 6.8.2.1.3 - Modification on State transition from RRC-INACTIVE to RRC-CONNECTED ZTE Corporation CR Approval
7.1.3Mobility
Yes
Yes
not pursued No    
S3‑182184 Clause 6.9.2 - Modification on security handling during handover ZTE Corporation CR Approval
7.1.3Mobility
Yes
YesEricsson: Note1 in 6.2.9.3.3 is important to be kept here, not removed as proposed by ZTE. Docomo: if it's important it should be normative and not an informative note.
revised No S3‑182585  
S3‑182185 Clause 6.9.2.1.2, 6.9.2.2 - Editorial modification on NAS during handover ZTE Corporation CR Approval
7.1.3Mobility
Yes
YesEricsson commented that removing 6.9.2.2 was not possible since it is a stand alone procedure.They didn’t agree with the other changes either, since they were removing details that were important.
not pursued No    
S3‑182186 Clause 6.9.3 - Editorial modification on mobile registration update – AMF handling ZTE Corporation CR Approval
7.1.3Mobility
Yes
YesEricsson: leave out any aspect on Multi NAS until we have finished discussions.
merged No S3‑182636  
S3‑182187 Discussion on mobile registration update ZTE Corporation discussion Endorsement
7.1.3Mobility
Yes
YesNokia didn’t see a problem. The agreements in Belgrade were enough for them. Ericsson (tdoc 419) and Qualcomm (tdoc 482) agreed on the existence of an issue and they had contributions with possible solutions.
noted No    
S3‑182188 Clause 6.9.3 - Add multi-NAS connections consideration for mobile registration update – AMF handling ZTE Corporation CR Approval
7.1.3Mobility
Yes
Yes
not pursued No    
S3‑182189 Clause 6.9.3, 6.3.2.2 - Modification on mobile registration update – UE handling ZTE Corporation CR Approval
7.1.3Mobility
Yes
Yes
not pursued No    
S3‑182190 Discussion on key change indication on N14 (AMF-AMF) ZTE Corporation discussion Endorsement
7.1.3Mobility
Yes
YesEricsson: AKSI is the wrong terminology. They didn't agree with the proposals as it has fundamental errors.
noted No    
S3‑182191 Clause 6.9.2.3.3 - Correct indication on N14 during N2 HO ZTE Corporation CR Approval
7.1.3Mobility
Yes
Yes
merged No S3‑182585  
S3‑182192 Clause 6.9.3 - Add description for mobile registration update when NAS SMC has been performed – AMF handling ZTE Corporation CR Approval
7.1.5NAS security
Yes
Yes
not pursued No    
S3‑182193 Clause 6.9.5.1 - Add rule for concurrent running of security procedures ZTE Corporation CR Approval
7.1.5NAS security
Yes
YesEricsson: rule three is not needed.It was agreed to be removed. There was an overlap with rule 6 with the contribution 478 from Qualcomm. It was agreed to integrate it here.
revised No S3‑182655  
S3‑182194 Clause 6.9.5.2 - Modify rule for concurrent running of security procedures ZTE Corporation CR Approval
7.1.5NAS security
Yes
YesOverlap with 410 and 479, that simply remove bullet 4.
revised No S3‑182656  
S3‑182195 Discussion on RRC Reestablishment security ZTE Corporation discussion Endorsement
7.1.4AS security
Yes
Yes
noted No    
S3‑182196 Report from last SA3 meeting/s MCC report  
4.1Approval of the report from previous SA3 meeting(s)
Yes
YesNCSC's action item stays open.
approved No    
S3‑182197 Removal of JWE/JWS profile from 33.501 Ericsson other Approval
7.1.13.1Interconnect (SEPP related)
Yes
YesMCC warned about renaming clauses and moving content around. The clauses should be voided and the new content added to a new clause.
merged No S3‑182550  
S3‑182198 JWE and JWS profiles Ericsson CR Agreement
7.4.3Network Domain Security (NDS)
Yes
Yes
merged No S3‑182606  
S3‑182199 CR to clarify username in Annex C Nokia,Nokia Shanghai Bell CR Approval
7.1.2Key derivation
Yes
Yes
revised No S3‑182583  
S3‑182200 Deletion of Requester ID from ‘Nausf_UEAuthentication_authenticate’ Nokia,Nokia Shanghai Bell CR Approval
7.1.8Primary authentication
Yes
Yes
agreed No    
S3‑182201 CR to Clause 6.9.3 Removal of KSEAF storage restriction Nokia, Verizon, TMO-USA,Nokia Shanghai Bell CR Approval
7.1.3Mobility
Yes
Yes
revised No S3‑182548  
S3‑182202 CR for Addition of security requirements for external storage Nokia, Nokia Shanghai bell, Verizon, TMO-USA CR  
7.1.3Mobility
Yes
YesDocomo: relying on an unespecified interface is a bit messy.Replace with a "shall" and reword to make the requirement clearer. This clause was controversial and Nokia preferred to withdraw it. Docomo wanted to at least approve a few sentences and work from there from the next meeting. Docomo proposed to postpone the decision to the next meeting, bringing the same CR for discussion. MCC clarified that if postponed, no revisions of the content would be possible.
revised No S3‑182549  
S3‑182203 Clause 6.9.3 typo corrections Nokia, Nokia shanghai Bell CR Approval
7.1.3Mobility
Yes
Yes
merged No S3‑182636  
S3‑182204 Make DTLS optional on F1, E1, N2, Xn interfaces Nokia, Nokia Shanghai Bell, Huawei, HiSilicon CR Approval
7.1.4AS security
Yes
YesBT: This is making IPSec optional as well in 9.8.3. Ericsson didn't agree with making it optional.Huawei supported Ericsson. ORANGE: we had long discussions to make this mandatory. No point to reverse this. Huawei: there are technical arguments behind this. Docomo: A "may" be supported complicates inter operability for operators. Ericsson: DTLS is for the protection of the applications that are using SCTP. This is what is stated in the RFC.
not pursued No    
S3‑182205 CR to delete ENs in clause 5.3 gNB Requirements Nokia, Nokia Shanghai Bell CR Approval
7.1.4AS security
Yes
Yes
revised No S3‑182651  
S3‑182206 CR to align NAS Connection value and access type Nokia, Nokia Shanghai Bell CR Approval
7.1.5NAS security
Yes
Yes
agreed No    
S3‑182207 Correct confidentiality key in confidentiality clause. Nokia, Nokia Shanghai Bell CR Approval
7.1.5NAS security
Yes
Yes
agreed No    
S3‑182208 Delete EN in Annex D for parameters Nokia, Nokia Shanghai bell CR Approval
7.1.5NAS security
Yes
Yes
agreed No    
S3‑182209 Define and clarify ABBA parameter Nokia, Nokia Shanghai Bell CR Approval
7.1.5NAS security
Yes
Yes
revised No S3‑182653  
S3‑182210 Key issue avoiding AS encryption for application security enabled UE Nokia, Nokia Shanghai Bell pCR Approval
8.6Study on evolution of Cellular IoT security for the 5G System (FS_CIoT_sec_5G) (Rel-16)
Yes
Yes
not treated No    
S3‑182211 Key issue providing temperory security for PARLOS PDU session Nokia, Nokia Shanghai bell pCR Approval
8.8Study on Security Aspects of PARLOS (FS_PARLOS_Sec) (Rel-16)
Yes
Yes
not treated No    
S3‑182212 SID on Enhanced network Slicing Nokia, Nokia Shanghai Bell,NEC, Huawei, HiSilicon,Motorola Mobility, Lenovo SID new Approval
8.10New study item proposals
Yes
YesHuawei: less about network slicing than it is stated. ZTE: network slice security belongs to phase two. The Chair commented that this was coming from an agreement from last meeting. China Mobile: we need to clarify the authentication in the network slice context. We have a discussion paper about this in 449. From this document it was preffered to go for cat 3. ORANGE commented that SA2 had ths in their study. Ericsson: the last bullet is a bit out of scope of this SID, it should belong to another SID. Vodafone agreed. Qualcomm: inter-slice security isolation? Where is this defined?ORANGE and Gemalto wanted to keep this bullet. Huawei: add privacy issues. ORANGE: privacy is in our terms of reference. We always take it into account. Interidigital: all security issues are part of the ToR.
revised No S3‑182665  
S3‑182213 Delete EN in Clause 10.2.1 Authenticated IMS Emergency Sessions Nokia, Nokia Shanghai Bell CR Approval
7.1.5NAS security
Yes
Yes
agreed No    
S3‑182214 Discussion paper on S3-182150 KSEAF storage in UDSF Nokia, Nokia Shanghai Bell discussion Endorsement
7.1.15Incoming and outgoing Lses
Yes
Yes
noted No    
S3‑182215 draft_Reply LS to S3-182150 security handling when deploying UDSF Nokia,Nokia Shanghai Bell LS out  
7.1.15Incoming and outgoing Lses
Yes
Yes
revised No S3‑182547  
S3‑182216 [CAPIF_Sec] 33122 R15 access token profile Motorola Solutions UK Ltd. CR Agreement
7.4.13Security Aspects of Common API Framework for 3GPP Northbound APIs (CAPIF_Sec) (Rel-15)
Yes
Yes
revised No S3‑182620  
S3‑182217 [CAPIF-Sec] 33122 R15 FC values for CAPIF Motorola Solutions UK Ltd. CR Agreement
7.4.13Security Aspects of Common API Framework for 3GPP Northbound APIs (CAPIF_Sec) (Rel-15)
Yes
Yes
withdrawn Yes    
S3‑182218 [CAPIF-Sec] 33122 correct note in clause 6.5.2.1 Motorola Solutions UK Ltd. CR Agreement
7.4.13Security Aspects of Common API Framework for 3GPP Northbound APIs (CAPIF_Sec) (Rel-15)
Yes
Yes
revised No S3‑182622  
S3‑182219 [CAPIF-Sec] 33220 R15 FC values for CAPIF Motorola Solutions UK Ltd. CR Agreement
7.4.13Security Aspects of Common API Framework for 3GPP Northbound APIs (CAPIF_Sec) (Rel-15)
Yes
Yes
withdrawn Yes    
S3‑182220 [MCPTT] 33179 R13 Fix XML schema Motorola Solutions UK Ltd. CR Agreement
7.4.8Mission Critical (MCPTT, MCSec, eMCSec, MONASTERY_SEC)
Yes
Yes
agreed No    
S3‑182221 [MCSec] 33180 R14 Fix XML schema Motorola Solutions UK Ltd. CR Agreement
7.4.8Mission Critical (MCPTT, MCSec, eMCSec, MONASTERY_SEC)
Yes
Yes
agreed No    
S3‑182222 [MCPTT] 33180 R15 Fix XML schema (mirror) Motorola Solutions UK Ltd. CR Agreement
7.4.8Mission Critical (MCPTT, MCSec, eMCSec, MONASTERY_SEC)
Yes
Yes
revised No S3‑182601  
S3‑182223 [MCSec] 33180 R14 FC values for MCData Motorola Solutions UK Ltd. CR Agreement
7.4.8Mission Critical (MCPTT, MCSec, eMCSec, MONASTERY_SEC)
Yes
Yes
agreed No    
S3‑182224 [MCSec] 33180 R15 FC values for MCData (mirror) Motorola Solutions UK Ltd. CR Agreement
7.4.8Mission Critical (MCPTT, MCSec, eMCSec, MONASTERY_SEC)
Yes
Yes
agreed No    
S3‑182225 [MCSec] 33180 R15 registered media type Motorola Solutions UK Ltd. CR Agreement
7.4.8Mission Critical (MCPTT, MCSec, eMCSec, MONASTERY_SEC)
Yes
Yes
agreed No    
S3‑182226 [MCSec] 33220 R14 FC values for MCData Motorola Solutions UK Ltd. CR Agreement
7.4.8Mission Critical (MCPTT, MCSec, eMCSec, MONASTERY_SEC)
Yes
Yes
agreed No    
S3‑182227 [MCSec] 33220 R15 FC values for MCData (mirror) Motorola Solutions UK Ltd. CR Agreement
7.4.8Mission Critical (MCPTT, MCSec, eMCSec, MONASTERY_SEC)
Yes
Yes
agreed No    
S3‑182228 Clause 6.12.2-Adding Routing Indicator in SUCI CATT, Ericsson , Vodafone, Huawei, NEC, China Mobile, Nokia, Nokia Shanghai Bell Labs, IDEMIA CR Agreement
7.1.14Privacy
Yes
Yes
revised No S3‑182513  
S3‑182229 Clarification on UP security policy verification CATT CR Agreement
7.1.4AS security
Yes
Yes
merged No S3‑182644  
S3‑182230 Clarifications on AS key update for non-3GPP access CATT CR Agreement
7.1.11non-3GPP access
Yes
YesQualcomm: we don’t want to do reauthentication in this scenario, no security reasons.
not pursued No    
S3‑182231 Clarifications on handover handling for Dual Connectivity CATT CR Agreement
7.1.4AS security
Yes
YesDefinition part will go into S3-182648.The rest goes to 649.
merged No S3‑182649  
S3‑182232 Clarifications on the key lifetime for non-3GPP access CATT CR Agreement
7.1.11non-3GPP access
Yes
YesNokia,Qualcomm: the new text is confusing.
not pursued No    
S3‑182233 Reference corrections in clause 6.10 CATT CR Agreement
7.1.4AS security
Yes
Yes
agreed No    
S3‑182234 Resolving Editor’s Notes for requirements on the gNB CATT CR Agreement
7.1.4AS security
Yes
Yes
merged No S3‑182651  
S3‑182235 Key issue proposal for FS_CIoT_sec_5G NEC Corporation pCR Agreement
8.6Study on evolution of Cellular IoT security for the 5G System (FS_CIoT_sec_5G) (Rel-16)
Yes
Yes
not treated No    
S3‑182236 Removal of comment texts NEC Corporation CR Agreement
7.4.13Security Aspects of Common API Framework for 3GPP Northbound APIs (CAPIF_Sec) (Rel-15)
Yes
Yes
not pursued No    
S3‑182237 Algorithm Negotiation for Unauthenticated UEs in LSM Huawei, HiSilicon, China Mobile CR Approval
7.1.4AS security
Yes
Yes
revised No S3‑182646  
S3‑182238 Update Key handling at RRC-INACTIVE state transitions Huawei, HiSilicon, Intel, China Mobile CR Approval
7.1.4AS security
Yes
Yes
merged No S3‑182639  
S3‑182239 Supporting DTLS on gNB internal and external SCTP Interfaces Huawei, Hisilicon, Nokia discussion Endorsement
7.1.12NDS
Yes
Yes
revised No S3‑182516  
S3‑182240 AS SMC Handling Update Huawei, Hisilicon CR Approval
7.1.4AS security
Yes
Yes
agreed No    
S3‑182241 DRAFT Reply LS on RRC Re-establishment security Huawei, Hisilicon LS out Approval
7.1.4AS security
Yes
Yes
revised No S3‑182541  
S3‑182242 Discussion on RRC Re-establishment Security Huawei, Hisilicon discussion Endorsement
7.1.4AS security
Yes
Yes
noted No    
S3‑182243 DRAFT Reply LS on security requirements for RRC connection release Huawei, Hisilicon, China Mobile LS out Approval
7.1.4AS security
Yes
YesEricsson didn’t want to remove this feature and leave it up to RAN2 whether they want t use it. Nokia: we have established in the LTE TS that all redirection shall be protected. We don’t need another network policy for this case. Docomo: how do we know if there's an impact on the service from the UE side?
revised No S3‑182542  
S3‑182244 Study of 5G System Security Phase-2 Huawei, Hisilicon, SID new Approval
8.10New study item proposals
Yes
Yes
revised No S3‑182625  
S3‑182245 DRAFT LS on SCTP Restrictions when supporting DTLS over SCTP Huawei, Hisilicon LS out Approval
7.1.12NDS
Yes
Yes
noted No    
S3‑182246 pCR to TR33.861: Authentication of a group of CIoT devices Huawei, Hisilicon pCR Approval
8.6Study on evolution of Cellular IoT security for the 5G System (FS_CIoT_sec_5G) (Rel-16)
Yes
Yes
not treated No    
S3‑182247 pCR to TR33.861: Secure Communication for a group CIoT devices Huawei, Hisilicon pCR Approval
8.6Study on evolution of Cellular IoT security for the 5G System (FS_CIoT_sec_5G) (Rel-16)
Yes
Yes
not treated No    
S3‑182248 Key Issue on gNB Protection from CIoT DoS attack Huawei, Hisilicon, China Mobile pCR Approval
8.6Study on evolution of Cellular IoT security for the 5G System (FS_CIoT_sec_5G) (Rel-16)
Yes
Yes
not treated No    
S3‑182249 Study on 5G security enhancement Apple Computer Trading Co. Ltd SID new Approval
8.10New study item proposals
Yes
YesORANGE: privacy was covered in 5G phase one already. Interdigital: during fake base station attack, identifiers can be leaked. NCSC: these studies seem to affect only the UE, are studying impact on the core? Apple replied that the core was covered. T-Mobile: overlap with the Huawei SID. The Chair commented that there had been a privacy study item in the past whose results were not satisfactory. ORANGE proposed some rewording regarding privacy. The objectives were also simplified. Ericsson: giving a handbook of threats to 5G is giving a bad image. Let's focus on solutions and not study the threats. Ericsson commented that there was agreement on having focused studies and that they could come back in the next meeting with the different studies. Discussing the content during the present meeting would be time consuming. Huawei agreed.
revised No S3‑182634  
S3‑182250 New WID on Security of the enhancement to the 5GC location services CATT SID new Agreement
8.10New study item proposals
Yes
YesORANGE: some statements are normative. Qualcomm: in SA2 they consider translating what we have in LTE in the 5G system. Security threats are not clear. We don’t think that this is SID is needed. A SID could be needed depending on RAN's work such as broadcast aspects. Ericsson: we should take a look at any work that SA2 is doing.We support this SID with a simplified objective.
revised No S3‑182678  
S3‑182251 Performance aspects for the new 256-bit algorithms CATT pCR Approval
8.3Study on Supporting 256-bit Algorithms for 5G (FS_256-Algorithms) (Rel-16)
Yes
Yes
revised No S3‑182537  
S3‑182252 Proposed Skeleton for TR SPRINT Corporation draft TR Agreement
8.8Study on Security Aspects of PARLOS (FS_PARLOS_Sec) (Rel-16)
Yes
Yes
approved No    
S3‑182253 P-CR proposing Background clause text SPRINT Corporation pCR Agreement
8.8Study on Security Aspects of PARLOS (FS_PARLOS_Sec) (Rel-16)
Yes
Yes
not treated No    
S3‑182254 P-CR proposing Introduction clause text SPRINT Corporation pCR Agreement
8.8Study on Security Aspects of PARLOS (FS_PARLOS_Sec) (Rel-16)
Yes
Yes
not treated No    
S3‑182255 P-CR proposing Scope clause text SPRINT Corporation pCR Agreement
8.8Study on Security Aspects of PARLOS (FS_PARLOS_Sec) (Rel-16)
Yes
Yes
not treated No    
S3‑182256 P-CR proposing Requirements, assumptions and constraint clause text SPRINT Corporation pCR Agreement
8.8Study on Security Aspects of PARLOS (FS_PARLOS_Sec) (Rel-16)
Yes
Yes
not treated No    
S3‑182257 JOSE based protection of messages over N32-f Nokia, NCSC,Nokia Shanghai Bell other Approval
7.1.13.1Interconnect (SEPP related)
Yes
Yes
revised No S3‑182560  
S3‑182258 Remove EN in 13.2 – Application layer security Nokia,Nokia Shanghai Bell other Approval
7.1.13.1Interconnect (SEPP related)
Yes
Yes
merged No S3‑182673  
S3‑182259 Exchange of N32-f context id during Initial Handshake Nokia,Nokia Shanghai Bell other Approval
7.1.13.1Interconnect (SEPP related)
Yes
Yes
merged No S3‑182673  
S3‑182260 Other Security Procedures for Dual Connectivity Huawei, HiSilicon CR Agreement
7.1.4AS security
Yes
Yes
revised No S3‑182649  
S3‑182261 Key issue on keys used in GBA Huawei, HiSilicon pCR Approval
8.5Study on authentication and key management for applications based on 3GPP credential in 5G IoT (FS_AKMA)(Rel-16)
Yes
Yes
not treated No    
S3‑182262 Key issue for fitting GBA into 5G core network functions Huawei, HiSilicon pCR Approval
8.5Study on authentication and key management for applications based on 3GPP credential in 5G IoT (FS_AKMA)(Rel-16)
Yes
Yes
not treated No    
S3‑182263 Key issue on DoS attack on the network for CIoT Huawei, HiSilicon pCR Approval
8.6Study on evolution of Cellular IoT security for the 5G System (FS_CIoT_sec_5G) (Rel-16)
Yes
Yes
not treated No    
S3‑182264 Key issue on security for small data transmission Huawei, HiSilicon pCR Approval
8.6Study on evolution of Cellular IoT security for the 5G System (FS_CIoT_sec_5G) (Rel-16)
Yes
Yes
not treated No    
S3‑182265 The SID on security for 5G URLLC Huawei, HiSilicon SID new Approval
8.10New study item proposals
Yes
YesQualcomm: we have seen this before and rejected it. What's new? Huawei: SA2's progressed and they have security issues that need to be taken into account here. Vodafone: we would trigger this SID with an LS from SA2. Docomo: we should start working on our own and not wait for SA2 to start any kind of work. A discussion paper would have been helpful to explain to us what the issues are instead of "security issues were detected". Qualcomm supported this. ORANGE also wanted a discussion paper on what SA2 is doing and the security issues that are identified in their work. Interdigital: asking SA2 for the security issues? That's our job. Huawei clarified that SA2 would finish their study in September.
revised No S3‑182679  
S3‑182266 Discussion-slice-management-security Huawei, HiSilicon, China Mobile, China Unicom, CATR, CATT discussion Endorsement
7.5New Work Item proposals
Yes
YesORANGE didn’t see the need to have a WID on this topic.
noted No    
S3‑182267 WID slicing management security Huawei, HiSilicon, China Mobile, China Unicom, CATR, CATT WID new Approval
7.5New Work Item proposals
Yes
Yes
noted No    
S3‑182268 Draft LS to GSMA on slicing Huawei, HiSilicon LS out Approval
6.4GSMA
Yes
YesQualcomm: we don’t need to ask them whether we need a slice specific authentication. ORANGE: there's no link between the DN and the slice. The secondary authentication is not linked to the NSSAI. Ericsson: keep it simple by confirming SA2's reply.
revised No S3‑182530  
S3‑182269 Amendment to Re-authentication procedure in Secondary Authentication Huawei, HiSilicon CR Agreement
7.1.9Secondary authentication
Yes
YesORANGE: not consistent with what SA2 has in their specification. Huawei commented that was the reason why they were proposing an LS to SA2 where they should add this change.The procedure was broken according to them. ORANGE commented that SA3 was not the right place to discuss this but in SA2. Ericsson: let's ask SA2 with an LS if there is a problem.
not pursued No    
S3‑182270 Draft-LS-out-to-SA2-on secondary re-authentication Huawei, HiSilicon LS out Approval
7.1.9Secondary authentication
Yes
Yes
revised No S3‑182661  
S3‑182271 Presentation on N32 connections and N32-f context Nokia, Juniper,Nokia Shanghai Bell other Presentation
7.1.13.1Interconnect (SEPP related)
Yes
Yes
noted No    
S3‑182272 CR to add N32 definitions Nokia,Nokia Shanghai Bell CR Agreement
7.1.13.1Interconnect (SEPP related)
Yes
Yes
revised No S3‑182550  
S3‑182273 CR to add a missing step to discover an NF producer instance during Access Token Request Nokia,Nokia Shanghai Bell CR Agreement
7.1.13.2Other
Yes
Yes
revised No S3‑182641  
S3‑182274 CR to add Access Token Request procedure for a specific NF service producer Nokia,Nokia Shanghai Bell CR Agreement
7.1.13.2Other
Yes
Yes
revised No S3‑182642  
S3‑182275 Security requirements for API invoker onboarding and offboarding Huawei, Hisilicon CR Approval
7.4.13Security Aspects of Common API Framework for 3GPP Northbound APIs (CAPIF_Sec) (Rel-15)
Yes
Yes
revised No S3‑182618  
S3‑182276 Modifications on Security procedures for API invoker onboarding Huawei, Hisilicon CR Approval
7.4.13Security Aspects of Common API Framework for 3GPP Northbound APIs (CAPIF_Sec) (Rel-15)
Yes
Yes
revised No S3‑182610  
S3‑182277 Clarification on Security protections in CAPIF-1 and CAPIF-2 reference point Huawei, Hisilicon CR Approval
7.4.13Security Aspects of Common API Framework for 3GPP Northbound APIs (CAPIF_Sec) (Rel-15)
Yes
YesNEC ommented that it's up to the operator to appy security protection, in the first change. This was taken offline.
revised No S3‑182619  
S3‑182278 Clarification on access token verification Huawei, Hisilicon CR Approval
7.4.13Security Aspects of Common API Framework for 3GPP Northbound APIs (CAPIF_Sec) (Rel-15)
Yes
Yes
revised No S3‑182621  
S3‑182279 Editorial corrections to TS 33.501 Huawei, Hisilicon CR Approval
7.1.8Primary authentication
Yes
YesORANGE: do we need Note 9 in the definition? Vodafone disagreed with the note as well. NOTE 2 was brought back as the change was argued by NEC.
revised No S3‑182657  
S3‑182280 FC value in TS 33.220 Huawei, Hisilicon CR Approval
7.4.13Security Aspects of Common API Framework for 3GPP Northbound APIs (CAPIF_Sec) (Rel-15)
Yes
Yes
revised No S3‑182623  
S3‑182281 Adding FC value to TS 33.122 Huawei, Hisilicon CR Approval
7.4.13Security Aspects of Common API Framework for 3GPP Northbound APIs (CAPIF_Sec) (Rel-15)
Yes
Yes
revised No S3‑182624  
S3‑182282 Access token profile Huawei, Hisilicon CR Approval
7.4.13Security Aspects of Common API Framework for 3GPP Northbound APIs (CAPIF_Sec) (Rel-15)
Yes
YesMotorola commented that the whole access token was to be defined in the annex, so this was needed.It was agreed to reword it.
merged No S3‑182620  
S3‑182283 Key Issue on mutual authentication between UE and BSF Huawei, Hisilicon pCR Approval
8.5Study on authentication and key management for applications based on 3GPP credential in 5G IoT (FS_AKMA)(Rel-16)
Yes
Yes
not treated No    
S3‑182284 Corrections on primary authentication Huawei, Hisilicon CR Approval
7.1.8Primary authentication
Yes
YesThe addition in bullet 5 wasn't fully understood.
revised No S3‑182658  
S3‑182285 Delay the transmission of kseaf after home network verifies the RES_star Huawei, Hisilicon CR Approval
7.1.8Primary authentication
Yes
Yes
agreed No    
S3‑182286 editorial modification on TR33.856 Huawei, Hisilicon pCR Approval
8.4Security aspects of single radio voice continuity from 5G to UTRAN (FS_5G_UTRAN_SEC) (Rel-16)
Yes
Yes
revised No S3‑182693  
S3‑182287 Dicussion on security handling when deploying UDSF Huawei, Hisilicon discussion Endorsement
7.1.6Security context
Yes
YesIntel:we should not be implementation specific. Docomo: Is it necessary to have KSEAF stored anywhere in Rel-15? It's not clear to me why they need to store it. Ericsson proposed to remove the requirement on the storage. It was confusing for SA2.
noted No    
S3‑182288 evaluation of solution 1.1 for KI#1 Huawei, Hisilicon pCR Approval
8.4Security aspects of single radio voice continuity from 5G to UTRAN (FS_5G_UTRAN_SEC) (Rel-16)
Yes
YesORANGE: remove "basis of normative work".
revised No S3‑182687  
S3‑182289 a proposal for the key issue on protecting the SRVCC capability of TR33.856 Huawei, Hisilicon pCR Approval
8.4Security aspects of single radio voice continuity from 5G to UTRAN (FS_5G_UTRAN_SEC) (Rel-16)
Yes
YesEricsson didn’t agree with this scenario. Huawei commented that this scenario was coming from SA2. Nokia agreed with Ericsson. They didn’t agree with this key issue. Qualcomm agreed with this key issue.
revised No S3‑182684  
S3‑182290 a proposal for protecting the SRVCC capability of TR33.856 Huawei, Hisilicon pCR Approval
8.4Security aspects of single radio voice continuity from 5G to UTRAN (FS_5G_UTRAN_SEC) (Rel-16)
Yes
Yes
revised No S3‑182686  
S3‑182291 conclusion for key issue on protecting the SRVCC capability in initial NAS message Huawei, Hisilicon pCR Approval
8.4Security aspects of single radio voice continuity from 5G to UTRAN (FS_5G_UTRAN_SEC) (Rel-16)
Yes
YesHuawei: SA2 has concluded on this issue. ORANGE: has SA2 decided to go for normative work? Huawei replied that they have an existing WID.
revised No S3‑182691  
S3‑182292 Discussion on initial NAS message Protection Solution Huawei, Hisilicon discussion Discussion
7.1.5NAS security
Yes
Yes
noted No    
S3‑182293 Delete initial NAS message protection solution Huawei, Hisilicon CR Approval
7.1.5NAS security
Yes
YesQualcomm didn't agree wih the removal.
not pursued No    
S3‑182294 LS on INACTIVE Security Algorithms Negotiation Huawei, Hisilicon LS out Approval
7.1.4AS security
Yes
Yes
noted No    
S3‑182295 Security Algorithms Negotiation for INACTIVE related procedures Huawei, Hisilicon CR Approval
7.1.4AS security
Yes
YesEricsson: this was brought earlier and it wasn’t agreed.
not pursued No    
S3‑182296 Involve Fresh Parameters to Input of InactiveMAC-I to Avoid Replay Attack Huawei, Hisilicon CR Approval
7.1.4AS security
Yes
Yes
noted No    
S3‑182297 Discussion on input for InactiveMAC-I to avoid replay attack Huawei, Hisilicon discussion Discussion
7.1.4AS security
Yes
Yes
noted No    
S3‑182298 Alignment of terminology in RRCConnctionReestablsihment Procedure in R14 Huawei, Hisilicon CR Approval
7.4.1SAE/LTE Security
Yes
Yes
revised No S3‑182602  
S3‑182299 Alignment of terminology in RRCConnctionReestablsihment Procedure in R15 Huawei, Hisilicon CR Approval
7.4.1SAE/LTE Security
Yes
Yes
revised No S3‑182603  
S3‑182300 Key Issue on IoT Terminal Security Monitoring Huawei, Hisilicon pCR Approval
8.6Study on evolution of Cellular IoT security for the 5G System (FS_CIoT_sec_5G) (Rel-16)
Yes
Yes
not treated No    
S3‑182301 Align AS SMC procedure with SA2 and RAN3 Huawei, Hisilicon CR Approval
7.1.4AS security
Yes
YesQualcomm, Ericsson: content is OK but the location is not correct. It was agreed to change this in order to just show a reference to the relevant TS. Nokia didn’t agree with the last paragraph of the change.
revised No S3‑182650  
S3‑182302 Hanldling UP security policy in MRDC Huawei, Hisilicon CR Approval
7.1.4AS security
Yes
Yes
not pursued No    
S3‑182303 skeleton of TS 33511 Huawei, Hisilicon draft TS Approval
7.2.1NR Node B (gNB) (TS 33.511)
Yes
Yes
approved No    
S3‑182304 scope of TS 33511 Huawei, Hisilicon pCR Approval
7.2.1NR Node B (gNB) (TS 33.511)
Yes
Yes
approved No    
S3‑182305 security requirements and corresponding test cases for gNB Huawei, Hisilicon pCR Approval
7.2.1NR Node B (gNB) (TS 33.511)
Yes
YesNEC: some requirements are internal to the product and not possible to test. E.g. 4.2.2.1.Z. Huawei commented that this was following the same pattern as the SCAS for eNodeB. Nokia didn’t agree with this pCR.
noted No    
S3‑182306 skeleton of TS 33515 Huawei, Hisilicon draft TS Approval
7.2.5Session Management Function (SMF) (TS 33.515)
Yes
Yes
revised No S3‑182599  
S3‑182307 scope of TS 33515 Huawei, Hisilicon pCR Approval
7.2.5Session Management Function (SMF) (TS 33.515)
Yes
Yes
approved No    
S3‑182308 EDCE5 security requirements and corresponding test cases for MeNB Huawei, Hisilicon CR Approval
7.4.9Security Assurance Specifications (SCAS-SA3, SCAS_PGW, SCAS_eNB)
Yes
YesNEC: 4.2.2.1.E is too detailed. Nokia had also some issues that had to be taken offline.
not pursued No    
S3‑182309 skeleton of TR 33807 Huawei, Hisilicon draft TR Approval
8.7Study on the security of the Wireless and Wireline Convergence for the 5G system architecture (FS_5WWC_SEC) (Rel-16)
Yes
Yes
approved No    
S3‑182310 scope of TR33807 Huawei, Hisilicon pCR Approval
8.7Study on the security of the Wireless and Wireline Convergence for the 5G system architecture (FS_5WWC_SEC) (Rel-16)
Yes
Yes
not treated No    
S3‑182311 new requirement of 5G RG Huawei, Hisilicon pCR Approval
8.7Study on the security of the Wireless and Wireline Convergence for the 5G system architecture (FS_5WWC_SEC) (Rel-16)
Yes
Yes
not treated No    
S3‑182312 new requirement of NAS security Huawei, Hisilicon pCR Approval
8.7Study on the security of the Wireless and Wireline Convergence for the 5G system architecture (FS_5WWC_SEC) (Rel-16)
Yes
Yes
not treated No    
S3‑182313 new requirement of multi NAS connection Huawei, Hisilicon pCR Approval
8.7Study on the security of the Wireless and Wireline Convergence for the 5G system architecture (FS_5WWC_SEC) (Rel-16)
Yes
Yes
not treated No    
S3‑182314 new requirement of UP security Huawei, Hisilicon pCR Approval
8.7Study on the security of the Wireless and Wireline Convergence for the 5G system architecture (FS_5WWC_SEC) (Rel-16)
Yes
Yes
not treated No    
S3‑182315 new requirement of truted access Huawei, Hisilicon pCR Approval
8.7Study on the security of the Wireless and Wireline Convergence for the 5G system architecture (FS_5WWC_SEC) (Rel-16)
Yes
Yes
not treated No    
S3‑182316 Clarifications in TS 33117 Huawei, Hisilicon CR Approval
7.4.9Security Assurance Specifications (SCAS-SA3, SCAS_PGW, SCAS_eNB)
Yes
YesEricsson didn’t agree with the second change, since it was ambiguous. Leaving the door open NEC didn’t agree with the editor's note. Huawei agreed to remove it but they noted that the issue was still open. MCC commented that this CR would need to correct the issue in lower releases.
revised No S3‑182612  
S3‑182317 CR on mandatory ciphering of access tokens by NRF in inter-PLMN scenarios Nokia,Nokia Shanghai Bell CR Agreement
7.1.13.2Other
Yes
YesEricsson commented that this was not needed (Cyphering with a token). NCSC: more work is needed in the reference to the document [45] that is about sing-in.
not pursued No    
S3‑182318 CR to remove Editor’s Note on additional claims in the access token Nokia,Nokia Shanghai Bell CR Agreement
7.1.13.2Other
Yes
YesHuawei didn't agree with removing the scope. Nokia agreed with putting it back.
revised No S3‑182566  
S3‑182319 CR to remove Editor’s Note on additional parameters that may be required in step 1 of Figure 13.4.1.1-2 Nokia,Nokia Shanghai Bell CR Agreement
7.1.13.2Other
Yes
Yes
revised No S3‑182567  
S3‑182320 CR to remove Editor’s Note on verification of claims in the access token Nokia,Nokia Shanghai Bell CR Agreement
7.1.13.2Other
Yes
Yes
merged No S3‑182568  
S3‑182321 pCR to DraftCR - Protection Policies KPN N.V. other Approval
7.1.13.1Interconnect (SEPP related)
Yes
YesDocomo: "Which IPX providers are authorized to perform modifications" not required if we don’t have a next hop. Delete this line.If we have a next hop identifier this is not required. It was commented that KPN was not present in the meeting to agree on the changes. DT proposed to take this over.
revised No S3‑182555  
S3‑182322 For Information: Discussion document on dealing with maliciously behaving devices KPN N.V. discussion Information
8.6Study on evolution of Cellular IoT security for the 5G System (FS_CIoT_sec_5G) (Rel-16)
Yes
Yes
not treated No    
S3‑182323 For Information: Potential new key issue KPN N.V. other Information
8.6Study on evolution of Cellular IoT security for the 5G System (FS_CIoT_sec_5G) (Rel-16)
Yes
Yes
not treated No    
S3‑182324 For Information: A potential new solution for dealing with maliciously behaving devices KPN N.V. other Information
8.6Study on evolution of Cellular IoT security for the 5G System (FS_CIoT_sec_5G) (Rel-16)
Yes
Yes
not treated No    
S3‑182325 Session Key Derivation for N32-f Application Layer Security NCSC other Approval
7.1.13.1Interconnect (SEPP related)
Yes
Yes
merged No S3‑182553  
S3‑182326 Agenda and notes of SA3 conference call on remaining Rel-15 SBA work Deutsche Telekom AG discussion Information
7.1.13.2Other
Yes
Yes
noted No    
S3‑182327 Agenda and notes of CT4/SA3 conference call on N32 Deutsche Telekom AG discussion Information
7.1.13.2Other
Yes
Yes
noted No    
S3‑182328 Agenda and notes of SA3 conference call on N32 Deutsche Telekom AG discussion Information
7.1.13.2Other
Yes
Yes
noted No    
S3‑182329 CR-slice-management-security Huawei, HiSilicon, China Mobile, China Unicom, CATR, CATT CR  
7.1.16Others
Yes
YesColin (BT) asked whether it was about management of network slices as signalling. MCC queried whether network slicing management security was part of the objectives of the 5G phase one security WID. ORANGE commented that it was part of the objectives of this WID to work on 5G security issues that were being done in other working groups (SA5 in this case). MCC commented that it may be argued that a revised WID for 5G Phase one would be needed to add this or a new WID to add this new security feature. The CR was finally agreed.
agreed No    
S3‑182330 SBA Security in the Context of 5G SCAS Work Deutsche Telekom AG, Nokia discussion Endorsement
7.4.9Security Assurance Specifications (SCAS-SA3, SCAS_PGW, SCAS_eNB)
Yes
Yes
endorsed No    
S3‑182331 Document Skeleton for TS 33.512, based on TS 33.116 Deutsche Telekom AG draft TS Approval
7.4.9Security Assurance Specifications (SCAS-SA3, SCAS_PGW, SCAS_eNB)
Yes
Yes
revised No S3‑182594  
S3‑182332 Update to WID 5G SCAS Nokia, Nokia Shanghai Bell, Huawei, HiSilicon, China Unicom, CATT, Deutsche Telekom, ZTE, Samsung, KPN, NEC, British Telecom, China Mobile WID revised Approval
7.2.1NR Node B (gNB) (TS 33.511)
Yes
Yes
revised No S3‑182525  
S3‑182333 Discussion on Security Assurance for 3GPP Virtualized Network Products Nokia, Nokia Shanghai Bell, China Mobile discussion Endorsement
8.10New study item proposals
Yes
Yes
noted No    
S3‑182334 New WID on security aspects of single radio voice continuity from 5G to 3G China Unicom, Huawei, HiSilicon, ZTE, CATT, OPPO WID new  
7.5New Work Item proposals
Yes
YesAlex(BT): in 5G we rely on VoLTE. Scenarios 2 and 3 are unclear since I don’t know what we are standardising. ORANGE commented that the current percentage of completion of the study (50%) may not justify this work item. Ericsson asked about the status of the study in SA2. It was commented that SA2 hadn’t completed the study yet.
revised No S3‑182671  
S3‑182335 On the alignment of N32 terminology Deutsche Telekom AG, Juniper Networks Inc. discussion Endorsement
7.1.13.1Interconnect (SEPP related)
Yes
Yes
noted No    
S3‑182336 Evaluation for solution #1.1 China Unicom pCR  
8.4Security aspects of single radio voice continuity from 5G to UTRAN (FS_5G_UTRAN_SEC) (Rel-16)
Yes
YesEricsson: the parameter is not new.
revised No S3‑182688  
S3‑182337 Closing the open Action Item for implementing one NESAS Pilot Finding in SCAS specification Nokia, Nokia Shanghai Bell discussion Endorsement
7.4.9Security Assurance Specifications (SCAS-SA3, SCAS_PGW, SCAS_eNB)
Yes
Yes
noted No    
S3‑182338 Evaluation for solution #1.2 China Unicom pCR  
8.4Security aspects of single radio voice continuity from 5G to UTRAN (FS_5G_UTRAN_SEC) (Rel-16)
Yes
YesEricsson: keep the evaluation but the last sentence seems not to be aligned with SA2.
revised No S3‑182689  
S3‑182339 A scenario on secure communication for shared bikes Alibaba (China) Group., Ltd. pCR Approval
8.5Study on authentication and key management for applications based on 3GPP credential in 5G IoT (FS_AKMA)(Rel-16)
Yes
Yes
revised No S3‑182518  
S3‑182340 References to encrypted IEs in the rewritten HTTP message Ericsson other Approval
7.1.13.1Interconnect (SEPP related)
Yes
Yes
noted No    
S3‑182341 N32-f context Ericsson other Approval
7.1.13.1Interconnect (SEPP related)
Yes
Yes
revised No S3‑182552  
S3‑182342 Message flows including SEPP Ericsson CR Agreement
7.1.13.1Interconnect (SEPP related)
Yes
Yes
not pursued No    
S3‑182343 Authentication for token-based authorization Ericsson CR Agreement
7.1.13.2Other
Yes
Yes
agreed No    
S3‑182344 Clarifications and editorials to clause 13.1 (Transport security for service based interfaces) Ericsson CR Agreement
7.1.13.2Other
Yes
Yes
withdrawn Yes    
S3‑182345 Clarifications and editorials to clause 13.3 (authentication and static authorization between network functions) Ericsson CR Agreement
7.1.13.2Other
Yes
Yes
merged No S3‑182569  
S3‑182346 Update to LS on Implementation of NESAS Pilot Findings in SCAS specifications Nokia, Nokia Shanghai Bell LS out Approval
7.4.9Security Assurance Specifications (SCAS-SA3, SCAS_PGW, SCAS_eNB)
Yes
YesHuawei didn't agree with the second paragraph.
revised No S3‑182701  
S3‑182347 Evaluation for solution #1.3 China Unicom pCR  
8.4Security aspects of single radio voice continuity from 5G to UTRAN (FS_5G_UTRAN_SEC) (Rel-16)
Yes
Yes
revised No S3‑182690  
S3‑182348 EDCE5 – Fixing contradicting and insecure scg/sk counter handling in 33.401 from 36.331 Ericsson CR Agreement
7.4.11EPC enhancements to support 5G New Radio via Dual Connectivity (EDCE5)
Yes
YesNokia didn't agree with this. Stick to one counter; RAN2 is wrong, so we need to tell them with an LS (S3-182616).
not pursued No    
S3‑182349 LTE EDT - Updates in suspend/resume Ericsson CR Agreement
7.4.1SAE/LTE Security
Yes
YesHuawei: RAN2 has gone already gone for 16 bits so let's move on. Ericsson: this is a new feature; I don’t understand why this is not integrity protected. This document was taken offline.It was decided to send an LS to RAN2 as well (S3-182605).
revised No S3‑182604  
S3‑182350 DC - definition corrections Ericsson CR Agreement
7.1.4AS security
Yes
Yes
revised No S3‑182648  
S3‑182351 Handling of maximum supported data rate per UE for integrity protection of DRBs Ericsson CR Agreement
7.1.4AS security
Yes
YesHuawei: policing the rate is causing an unnecessary burden on the gNB.(on the sentence "if the UE indicates 64 kbps as its maximum data rate, then the network turns on the integrity protection for user plane data only for total data rates equal to or lower than 64 kbps. "). Nokia: nothing new here, SA2 has captured it already. It was decided to drop this given that it was captured already in SA2.
not pursued No    
S3‑182352 DC - integrity protection of traffic between UE and SN Ericsson CR Agreement
7.1.4AS security
Yes
YesHuawei and Qualcomm didn’t agree with this change. Ericsson: Removing this assumes that the ng-eNB is not supporting integrity protection. Vodafone supported this change. Docomo: all dual connectivity types have no integrity protection supported? It was answered yes. It was also clarified that in pure 5G gNB-gNB there is integrity protection. DT also supported the notion of this change, but they commented that thing should be normative and not go into a note. Qualcomm: dual connectivity where one RAN is LTE and the other is NR, we don’t support integrity protection. This was the agreement during the last meeting. Ericsson eventually dropped this proposal and commented that they would come back with a modified proposal based on this.
not pursued No    
S3‑182353 DC - adding missing details Ericsson CR Agreement
7.1.4AS security
Yes
Yes
merged No S3‑182649  
S3‑182354 Reply LS on inactive security Ericsson LS out Approval
7.1.4AS security
Yes
Yes
revised No S3‑182640  
S3‑182355 Reply LS on connection re-establishment security Ericsson LS out Approval
7.1.4AS security
Yes
YesSamsung: if we go for the LTE solution the message is not encrypted. Huawei: RAN2 is fine with the first message not being encrypted. Nokia: introducing this new complexity does not bring a noticeable benefit. The Chair noted that there was a big support for keeping the LTE mechanism. Huawei advocated for the existing solution in TS 33.501 and communicate it to RAN2.
merged No S3‑182541  
S3‑182356 DC - Handling of UP security policy in SN Ericsson CR Agreement
7.1.4AS security
Yes
Yes
not pursued No    
S3‑182357 DC - Selection of SN Ericsson CR Agreement
7.1.4AS security
Yes
Yes
not pursued No    
S3‑182358 Reply LS on BL/WLAN measurement collection in MDT Ericsson LS out Approval
7.1.4AS security
Yes
YesInterdigital: spoofing of the SSID should be addressed as well.
revised No S3‑182529  
S3‑182359 Reply LS on UE identity for PO calculation Ericsson LS out Approval
7.1.4AS security
Yes
Yes
revised No S3‑182539  
S3‑182360 Reply LS on security requirements for RRC connection release Ericsson LS out Approval
7.1.4AS security
Yes
Yes
merged No S3‑182542  
S3‑182361 Reply LS on Security aspects of supporting LTE connected to 5GC Ericsson LS out Approval
7.1.4AS security
Yes
Yes
revised No S3‑182538  
S3‑182362 DC – correcting reference Ericsson CR Agreement
7.1.4AS security
Yes
Yes
agreed No    
S3‑182363 Mobility – Clarification in intra-gNB-CU handover Ericsson CR Agreement
7.1.3Mobility
Yes
YesHuawei: Meaning of intra gNB handover is not to be explained by SA3. It had to be check offline whether the Intra gNB CU Handover existed in other groups specifications. Ericsson: we don’t need to distinguish between intra gNB and CU handover. We need to generalise it for just Intra gNB.
revised No S3‑182666  
S3‑182364 Mobility – Correcting AS re-keying and NAS re-keying in N2-handover Ericsson CR Agreement
7.1.3Mobility
Yes
YesZTE: this will make CT4 to change terminology. Ericsson: we are not introducing a new flag, this was existing already.
merged No S3‑182585  
S3‑182365 Mobility – Correcting to UE handling clause Ericsson CR Agreement
7.1.3Mobility
Yes
YesDiscussed together with 483.
merged No S3‑182590  
S3‑182366 Mobility – Resolving EN and corrections in AS re-keying Ericsson CR Agreement
7.1.3Mobility
Yes
Yes
revised No S3‑182591  
S3‑182367 Mobility – Corrections for usage of local policy at AMF Ericsson CR Agreement
7.1.3Mobility
Yes
Yes
revised No S3‑182636  
S3‑182368 Mobility – Rectification of NAS MAC calculation for NAS Container Ericsson CR Agreement
7.1.3Mobility
Yes
Yes
revised No S3‑182586  
S3‑182369 Mobility – Rectification of how DL NAS COUNT is transferred in NAS Container Ericsson CR Agreement
7.1.3Mobility
Yes
YesQualcomm: CT1 has chosen 8 LSB already. Ericsson: this just brings clarification. This had to be checked offline. Since an LS to CT1 was agreed to be sent, Ericsson decided to drop this revision.
not pursued No    
S3‑182370 Mobility – Correction of NAS COUNTs in N2-handover Ericsson CR Agreement
7.1.3Mobility
Yes
Yes
agreed No    
S3‑182371 Mobility – Removing an EN in Xn-handover Ericsson CR Agreement
7.1.3Mobility
Yes
Yes
agreed No    
S3‑182372 Mobility – Rectification of UE security capabilities in NAS Container Ericsson CR Agreement
7.1.3Mobility
Yes
Yes
agreed No    
S3‑182373 Mobility – Rectification of how UL NAS COUNT is transferred in NAS SMC Ericsson CR Agreement
7.1.3Mobility
Yes
Yes
merged No S3‑182638  
S3‑182374 Privacy – adding missing detials in SUCI content and format Ericsson CR Agreement
7.1.14Privacy
Yes
YesQualcomm agreed with using 4 bits instead of 8 as proposed by Huawei in tdoc 514. Qualcomm: using the routing identifier bits is optional. It was agreed to have a field for the routing id. ORANGE: define a default value that means "not used". Huawei: not SA3's work, but CT4's.
revised No S3‑182535  
S3‑182375 Privacy - addressing ENs Ericsson CR Agreement
7.1.14Privacy
Yes
Yes
revised No S3‑182571  
S3‑182376 Update of definition of 5G AS security context for 3GPP access Ericsson CR Agreement
7.1.4AS security
Yes
Yes
revised No S3‑182652  
S3‑182377 Use the old KRRCint for calculation of the security token in MSG3 Ericsson CR Agreement
7.1.4AS security
Yes
Yes
revised No S3‑182639  
S3‑182378 Security enhancements in LTE Ericsson discussion Endorsement
8.10New study item proposals
Yes
Yes
noted No    
S3‑182379 Security enhancements in 5G Ericsson discussion Endorsement
8.10New study item proposals
Yes
YesQualcomm: we cannot limit to these two points.
noted No    
S3‑182380 N32 session key derivation and key hierarchy Ericsson other Approval
7.1.13.1Interconnect (SEPP related)
Yes
Yes
revised No S3‑182553  
S3‑182381 Removal of MAC based OAuth2.0 token verification Ericsson CR Agreement
7.1.13.2Other
Yes
YesChina Mobile and Huawei didn’t agree with the change. Vodafone: we may have different security levels considering that we have concepts like Edge Computing.
not pursued No    
S3‑182382 OAuth Client Registration up to implementation Ericsson CR Agreement
7.1.13.2Other
Yes
YesORANGE didn’t like to remove the reference to the SA2 document. No reason to make it implementation specific.DT supported this.
not pursued No    
S3‑182383 Removal of token validation by NRF Ericsson CR Agreement
7.1.13.2Other
Yes
Yes
revised No S3‑182568  
S3‑182384 NRF Access Token Service Ericsson CR Agreement
7.1.13.2Other
Yes
Yes
merged No S3‑182641  
S3‑182385 Clarifications on OAuth access token scope Ericsson CR Agreement
7.1.13.2Other
Yes
Yes
merged No S3‑182641  
S3‑182386 TLS export Ericsson other Approval
7.1.13.1Interconnect (SEPP related)
Yes
Yes
revised No S3‑182554  
S3‑182387 N32 terminology and restructuring Ericsson other Approval
7.1.13.1Interconnect (SEPP related)
Yes
Yes
revised No S3‑182551  
S3‑182388 HTTP basic authentication to NRF Ericsson CR Agreement
7.1.13.2Other
Yes
YesDT: if we use dummy values why do we authenticate at all? We need to consult CT4 about it. Huawei didn't agree with this either.
not pursued No    
S3‑182389 NF Instance ID in HTTP basic authentication username in Rel-15 Ericsson discussion Discussion
7.1.13.2Other
Yes
Yes
noted No    
S3‑182390 Message Routing in N32 Ericsson discussion Discussion
7.1.13.1Interconnect (SEPP related)
Yes
YesHuawei didn’t agree with these proposals. It was agreed to send an LS to CT4.
noted No    
S3‑182391 Propose the content of conclusions China Unicom pCR  
8.4Security aspects of single radio voice continuity from 5G to UTRAN (FS_5G_UTRAN_SEC) (Rel-16)
Yes
YesAlex (BT): if this is the conclusion the TR misses the condition from SA plenary that moving down to UMTS would not cause any impact on 5G. Huawei: this is the conclusion of the key issues only. It was agreed to add an editor's note on this: "Confirmation that solutions do not weaken 5G security (including privacy) for operators not using 5G to UMTS SRVCC needs to be confirmed, as required by SA plenary study agreement."
revised No S3‑182692  
S3‑182392 Clarification of ngKSI and ABBA parameter in 5G-AKA Intel Corporation (UK) Ltd CR Approval
7.1.8Primary authentication
Yes
Yes
revised No S3‑182533  
S3‑182393 Clarification for ngksi and ABBA parameter for EAP-AKA’ Intel Corporation (UK) Ltd CR  
7.1.8Primary authentication
Yes
Yes
revised No S3‑182534  
S3‑182394 Discussion on ngKSI Intel Corporation (UK) Ltd discussion  
7.1.8Primary authentication
Yes
Yes
noted No    
S3‑182395 AKMA Architecture for Non-3GPP Credential Download Alibaba (China) Group., Ltd. pCR Approval
8.5Study on authentication and key management for applications based on 3GPP credential in 5G IoT (FS_AKMA)(Rel-16)
Yes
Yes
revised No S3‑182520  
S3‑182396 Reply LS on Initial NAS Message Protection Intel Corporation (UK) Ltd LS out  
7.1.5NAS security
Yes
Yes
noted No    
S3‑182397 Steering of Information using Secure Packet Intel Corporation (UK) Ltd CR  
7.4.14PLMN RAT selection (Steering of Roaming) (Rel-15)
Yes
Yes
withdrawn Yes    
S3‑182398 Missing procedure for AS algorithm negotiation for unauthenticated emergency sessions Ericsson CR Agreement
7.1.4AS security
Yes
Yes
merged No S3‑182646  
S3‑182399 Corrections and clarifications to interworking clauses Ericsson CR Agreement
7.1.10Interworking
Yes
Yes
revised No S3‑182581  
S3‑182400 Removal of editor’s note on harmonization between inter and intra system handovers Ericsson CR Agreement
7.1.10Interworking
Yes
Yes
revised No S3‑182576  
S3‑182401 Clarifications related to the NAS Container calculation during inter system handover Ericsson CR Agreement
7.1.10Interworking
Yes
Yes
revised No S3‑182575  
S3‑182402 Addition of missing reference to RFC on DTLS over SCTP Ericsson CR Agreement
7.1.12NDS
Yes
YesHuawei: add a note on the limitation during implementation. ORANGE: this is implementing the agreement from last meeting. Ericsson: we only minuted last meeting that we needed to fix the reference.
agreed No    
S3‑182403 Correction of Note on physical protection for NDS/IP use Ericsson CR Agreement
7.1.12NDS
Yes
YesDT: say "if" and not "In case". BT: the specs are control plane only, why remove these words? It was agreed to remove the note.
revised No S3‑182662  
S3‑182404 New key issue for security key refreshing Ericsson pCR Approval
8.6Study on evolution of Cellular IoT security for the 5G System (FS_CIoT_sec_5G) (Rel-16)
Yes
Yes
not treated No    
S3‑182405 New key issue for security key storage Ericsson pCR Approval
8.6Study on evolution of Cellular IoT security for the 5G System (FS_CIoT_sec_5G) (Rel-16)
Yes
Yes
not treated No    
S3‑182406 New key issue for security key and authentication tag size Ericsson pCR Approval
8.6Study on evolution of Cellular IoT security for the 5G System (FS_CIoT_sec_5G) (Rel-16)
Yes
Yes
not treated No    
S3‑182407 New key issue for integrity protection of small data Ericsson pCR Approval
8.6Study on evolution of Cellular IoT security for the 5G System (FS_CIoT_sec_5G) (Rel-16)
Yes
Yes
not treated No    
S3‑182408 New key issue for encryption of small data Ericsson pCR Approval
8.6Study on evolution of Cellular IoT security for the 5G System (FS_CIoT_sec_5G) (Rel-16)
Yes
Yes
not treated No    
S3‑182409 Multiple NAS connections: mobility with horizontal KAMF derivation Ericsson CR Agreement
7.1.5NAS security
Yes
YesNEC: we don’t reestablish IPSec as described in step 3. Ericsson: we have to keep this if it is not described somewhere else. Qualcomm: handover over 4G, and other cases should also be described here. It was agreed to send an LS to CT1 to know their opinion on the results of the agreements in SA3.
not pursued No    
S3‑182410 Correction to clause 6.9.5.2 Ericsson CR Agreement
7.1.5NAS security
Yes
Yes
merged No S3‑182656  
S3‑182411 Multiple NAS connections: taking a new security context into use on non-3GPP access Ericsson CR Agreement
7.1.5NAS security
Yes
YesNokia: the existing IPSec would have to be deleted and then created again. Revised to add this clarification.
revised No S3‑182654  
S3‑182412 Support for Unauthenticated UEs access to RLOS using EPC Intel Corporation (UK) Ltd pCR  
8.8Study on Security Aspects of PARLOS (FS_PARLOS_Sec) (Rel-16)
Yes
Yes
not treated No    
S3‑182413 On the need for error signalling in inter-PLMN communication Deutsche Telekom AG discussion Endorsement
7.1.13.1Interconnect (SEPP related)
Yes
Yes
revised No S3‑182561  
S3‑182414 Editorial correction to figure 6.2.1-1 Key hierarchy generation in 5GS NEC Corporation CR Approval
7.1.1Key hierarchy
Yes
Yes
merged No S3‑182573  
S3‑182415 Correction to Clause 5.11.2 Requirements for algorithm selection NEC Corporation CR Approval
7.1.4AS security
Yes
Yes
agreed No    
S3‑182416 EPC solution for RLOS access Intel Corporation (UK) Ltd pCR  
8.8Study on Security Aspects of PARLOS (FS_PARLOS_Sec) (Rel-16)
Yes
Yes
noted No    
S3‑182417 Removal of Note 2a on Kausf use case restriction NEC Corporation CR Approval
7.1.8Primary authentication
Yes
Yes
revised No S3‑182659  
S3‑182418 Clarification on Storage of SUPI at SEAF NEC Corporation CR Approval
7.1.8Primary authentication
Yes
YesVodafone: store "securely". This was agreed. ORANGE, DT, BT: don’t delete the SUPI, just store it.
not pursued No    
S3‑182419 Editorial correction to TS 33.501 NEC Corporation CR Approval
7.1.16Others
Yes
Yes
agreed No    
S3‑182420 Skeleton for TS 33.514 SCAS UDM NEC Corporation pCR Approval
7.2.4Unified Data Management (UDM) (TS 33.514)
Yes
YesChina Mobile: why do we have a general security requirements clause and a specific requirements clause? Samsung: the general requirements are for all the network entities.
revised No S3‑182598  
S3‑182421 Scope proposal for TS 33.514 SCAS UDM NEC Corporation pCR Approval
7.2.4Unified Data Management (UDM) (TS 33.514)
Yes
Yes
approved No    
S3‑182422 Mitigation against fraudulent registration attack between SEPPs Huawei, Hisilicon CR Approval
7.1.13.1Interconnect (SEPP related)
Yes
YesNCSC: this is not needed. There was no support for this document so it was not pursued.
not pursued No    
S3‑182423 Discussing about the necessity of SCAS for 3GPP virtualized network products China Mobile discussion Discussion
8.10New study item proposals
Yes
Yes
noted No    
S3‑182424 Discussing about ToE of SCAS for 3GPP virtualized network products China Mobile discussion Decision
8.10New study item proposals
Yes
Yes
noted No    
S3‑182425 Discussing about the SECAM and SCAS for 3GPP virtualized network products China Mobile discussion Decision
8.10New study item proposals
Yes
Yes
noted No    
S3‑182426 Implications of Network Function Virtualisation BT plc discussion Discussion
8.10New study item proposals
Yes
Yes
noted No    
S3‑182427 New SID on SECAM and SCAS for 3GPP virtualized network products China Mobile, Nokia, Nokia Shanghai Bell, China Unicom, CAICT, CATT, ZTE SID new  
8.10New study item proposals
Yes
YesAlex (BT): it misses whether we have to make changes in the architecture in order to virtualize it. Ericsson: this assumes impact on our architecture and we want to avoid that. Enhancement on the existing architecture is not what SCAS is about. NCSC: let's extend it beyond SCAS. The Chair commented that this could duplicate work done in other groups like ETSI ISG NFV. Better to separate SCAS activities from architecture enhancements. Colin (BT): deployment issues are in scope of GSMA. Ericsson: we will not be doing security assurance for platforms (e.g. proposed by ETSI NFV). Nokia: this is a study, there is no normative output here. Ericsson conceded given that this was a study.
revised No S3‑182681  
S3‑182428 A scenario on UAV Nav in AKMA China Mobile pCR  
8.5Study on authentication and key management for applications based on 3GPP credential in 5G IoT (FS_AKMA)(Rel-16)
Yes
YesORANGE: we don’t need new scenarios here unless they bring any substantial change in the architecture. Interdigital supported this. Companies had many issues with the scenario described here. 429 and 577 were opened to show new scenarios and try to figure out whether these scenarios brough key issues and architecture changes. Huawei: scenarios belong to SA1. We normally have key issues instead of scenarios in our TRs. ORANGE clarified that the scenarios could be brought as justification for the key issue in a discussion paper. ORANGE reminded that this was an internal TR, not intended for sharing externally. This had to be taken offline.
noted No    
S3‑182429 A scenario on V2X communication in 5G China Mobile pCR  
8.5Study on authentication and key management for applications based on 3GPP credential in 5G IoT (FS_AKMA)(Rel-16)
Yes
Yes
not treated No    
S3‑182430 Discussion and pCR for secure tranferring between network and 3rd party in AKMA China Mobile, DT, KPN, LG electronics, Alibaba (China) Group., Ltd. pCR  
8.5Study on authentication and key management for applications based on 3GPP credential in 5G IoT (FS_AKMA)(Rel-16)
Yes
Yes
not treated No    
S3‑182431 Discussion and pCR for identity key issue of AKMA China Mobile, DT, KPN, Alibaba (China) Group., Ltd. pCR  
8.5Study on authentication and key management for applications based on 3GPP credential in 5G IoT (FS_AKMA)(Rel-16)
Yes
Yes
revised No S3‑182526  
S3‑182432 Discussion and pCR for decoupling secure procedure with specific protocol in AKMA China Mobile, KPN, LG electronics, Alibaba (China) Group., Ltd. pCR  
8.5Study on authentication and key management for applications based on 3GPP credential in 5G IoT (FS_AKMA)(Rel-16)
Yes
Yes
not treated No    
S3‑182433 Revision of the modification policy in draft CR S3-181937 China Mobile other Approval
7.1.13.1Interconnect (SEPP related)
Yes
Yes
revised No S3‑182558  
S3‑182434 Discussion on provision of ngKSI to UE in EAP-Request/AKA'-Challenge message Huawei, Hisilicon discussion Endorsement
7.1.8Primary authentication
Yes
Yes
noted No    
S3‑182435 Discussion of error handling for SBA China Mobile discussion Discussion
7.1.13.1Interconnect (SEPP related)
Yes
Yes
noted No    
S3‑182436 Generic description of security elements Nokia, Nokia Shanghai Bell CR  
7.1.16Others
Yes
Yes
revised No S3‑182613 S3‑181892
S3‑182437 Clarification to key hierarchy Nokia, Nokia Shanghai Bell CR  
7.1.1Key hierarchy
Yes
YesIt was unclear the term "shall be prepared to support 256-bit keys". Ericsson commented that all interfaces support already 256 bits. This sentence was reworded in the revision.
revised No S3‑182573  
S3‑182438 Editorial changes to clause 9 Nokia, Nokia Shanghai Bell CR  
7.1.16Others
Yes
YesEricsson: these services are described in our specification. MCC: not possible to "un-void" clauses. It should have been rev 2. Ericsson: clause 9.5.1 is referring to the very same spec. Not necessary.
revised No S3‑182664 S3‑181895
S3‑182439 Collection of editorial changes Nokia, Nokia Shanghai Bell CR  
7.1.16Others
Yes
Yes
revised No S3‑182528  
S3‑182440 Update on SEAF requirements Nokia, Nokia Shanghai Bell CR  
7.1.8Primary authentication
Yes
Yes
revised No S3‑182589 S3‑181894
S3‑182441 Addition of definitions and corrections to references Nokia, Nokia Shanghai Bell CR  
7.1.16Others
Yes
Yes
revised No S3‑182582  
S3‑182442 Corrections to references related to handling of security contexts in mobility procedures Nokia, Nokia Shanghai Bell CR  
7.1.10Interworking
Yes
Yes
revised No S3‑182540  
S3‑182443 Clarification to support of authentication methods Nokia, Nokia Shanghai Bell CR  
7.1.8Primary authentication
Yes
Yes
revised No S3‑182680  
S3‑182444 Intro to FS_VERTICAL_LAN_SEC Nokia, Nokia Shanghai Bell discussion  
8.10New study item proposals
Yes
Yes
noted No    
S3‑182445 SID_FS_VERTICAL_LAN_SEC Nokia, Nokia Shanghai Bell SID new  
8.10New study item proposals
Yes
Yes
revised No S3‑182682  
S3‑182446 Provision of ngKSI to UE at EAP-Request/ AKA'-Challenge Huawei, Hisilicon CR Approval
7.1.8Primary authentication
Yes
Yes
merged No S3‑182534  
S3‑182447 Error handling for SBA authentication and authorization in service layer China Mobile CR  
7.1.13.1Interconnect (SEPP related)
Yes
YesDT: what's the benefit of silently discarding here? Also, there is normative text in the notes. China Mobile: we need a procedure to deal with this error handling. DT proposed to include these changes in the error messages that they had brought in the discussion paper. In any case the error messages were to be worked on in CT4 so an LS would be sent to them. This was agreed. BT: "silently discard" wording is used when there is an overload.
revised No S3‑182563  
S3‑182448 [DRAFT] Reply LS to LS on provision of ngKSI to UE at EAP-Request/AKA'-Challenge Huawei, Hisilicon LS out Approval
7.1.8Primary authentication
Yes
Yes
revised No S3‑182532  
S3‑182449 Discussion on clarification of concept of slice authentication China Mobile discussion Endorsement
8.9Other study areas
Yes
YesORANGE: cat 1 and cat 2 can be discarded. I can agree with cat 3, this slice authentication comes after a succesful primary authentication. I agree with the conclusion. Colin (BT) agreed with cat 3 as well. China Mobile asked to be minuted that the SA3 preference was on cat 3. ORANGE added that this would be with some modification on the objectives of the Study Item in 2212.
noted No    
S3‑182450 Clarification on motivation and privacy concerns for BT and WLAN measurement collection in MDT China Mobile discussion  
7.4.16Other work items
Yes
YesBT: there's an integrity issue, you can set the SSID to anything you like (spoofing).The initial connection cannot be trusted. Vodafone: we are concerned about the provisioning aspects of the SSID as well. Nokia: How does the bluetooth improve the privacy? There is no use for Bluetooth in this case. China Mobile replied that the operator must have the user consent at first. The user knows that the operator will collect something. Alec (Interdigital) commented that the user consent was not enough to ensure privacy. The identity should not be given. Giving away the location would not help either if they capture the user's Bluetooth beacon. Ericsson: it's not up to us to discuss the usefulness of this.Integrity and confidentiality protection would secure this case enough. Docomo: the operator wants to collect their own Bluetooth beacon, not the user's.They only measure WLAN APs with a certain name as well. A major issue is the use of fake base stations. How to do self-configuration in a secure way would be useful to work on a future work item. Vodafone: roamers have an issue.
noted No    
S3‑182451 Discussion on charging fraud attack Huawei, Hisilicon discussion Endorsement
7.1.16Others
Yes
YesVodafone commented that a SID would be useful to study the different fraud possibilites but Tim wasn't convinced that a solution or an implemented fix would be enough. Docomo and ORANGE agreed. A SID could be useful. Qualcomm commented that the visited network had to be trusted. They weren't sure of what could be done here. Qualcomm asked Huawei to bring more details in order to consider a Study Item. It was agreed that Huawei would bring more details in the next meeting.
noted No    
S3‑182452 Clarification on authentication and authorization in SBA Huawei, Hisilicon CR Approval
7.1.13.2Other
Yes
Yes
revised No S3‑182569  
S3‑182453 Adding OAuth related authorization services for SBA security Huawei, Hisilicon CR Approval
7.1.13.2Other
Yes
Yes
revised No S3‑182670  
S3‑182454 TS 33.834 - editorial updates Vodafone Espańa SA pCR Approval
8.2Study on Long Term Key Update Procedures (FS_LTKUP) (Rel-16)
No
Yes
withdrawn Yes    
S3‑182455 Draft LS to ETSI SCP regarding the integration of LTKUP solution 4B into the OTA specifications. Vodafone Espańa SA LS out Agreement
8.2Study on Long Term Key Update Procedures (FS_LTKUP) (Rel-16)
No
Yes
withdrawn Yes    
S3‑182456 CR to TS 33.163 (BEST) - correction of Tag values Vodafone Espańa SA CR Agreement
7.4.15Battery Efficient Security for very low Throughput Machine Type Communication Devices (BEST_MTC_Sec) (Rel-15)
Yes
Yes
revised No S3‑182627  
S3‑182457 CR to TS33.163 (BEST) - clarification of error conditions Vodafone Espańa SA CR Agreement
7.4.15Battery Efficient Security for very low Throughput Machine Type Communication Devices (BEST_MTC_Sec) (Rel-15)
No
Yes
withdrawn Yes    
S3‑182458 CR to 33.163 - Clarification as to when the Serving Network TLV is required Vodafone Espańa SA CR Agreement
7.4.15Battery Efficient Security for very low Throughput Machine Type Communication Devices (BEST_MTC_Sec) (Rel-15)
Yes
Yes
agreed No    
S3‑182459 References to encrypted IEs in the rewritten HTTP message Ericsson other Approval
7.1.13.1Interconnect (SEPP related)
No
Yes
withdrawn Yes    
S3‑182460 N32-f context Ericsson other Approval
7.1.13.1Interconnect (SEPP related)
No
Yes
withdrawn Yes    
S3‑182461 Message flows including SEPP Ericsson CR Agreement
7.1.13.1Interconnect (SEPP related)
No
Yes
withdrawn Yes    
S3‑182462 Authentication for token-based authorization Ericsson CR Agreement
7.1.13.2Other
No
Yes
withdrawn Yes    
S3‑182463 Clarifications and editorials to clause 13.1 (Transport security for service based interfaces) Ericsson CR Agreement
7.1.13.2Other
No
Yes
withdrawn Yes    
S3‑182464 Clarifications and editorials to clause 13.3 (authentication and static authorization between network functions) Ericsson CR Agreement
7.1.13.2Other
No
Yes
withdrawn Yes    
S3‑182465 Clarifications and editorials to clause 13.1 (Transport security for service based interfaces) Ericsson CR Agreement
7.1.13.2Other
Yes
Yes
revised No S3‑182570  
S3‑182466 LTKUP: solution#5 evaluation Gemalto N.V. pCR Approval
8.2Study on Long Term Key Update Procedures (FS_LTKUP) (Rel-16)
Yes
YesVodafone: this may misinterpret key issue 5. Vodafone commented that there were issues left and that they wanted to continue the study.
revised No S3‑182696  
S3‑182467 Key Issue on Authentication Huawei, Hisilicon pCR Approval
8.6Study on evolution of Cellular IoT security for the 5G System (FS_CIoT_sec_5G) (Rel-16)
Yes
Yes
noted No    
S3‑182468 Support of 256-bit algorithms: references Gemalto N.V. pCR Approval
8.3Study on Supporting 256-bit Algorithms for 5G (FS_256-Algorithms) (Rel-16)
Yes
YesNCSC: 64 bits is only legacy, it should be 96bits and longer. Vodafone wanted the first change removed.
revised No S3‑182675  
S3‑182469 Support of 256-bit algorithms: changes Gemalto N.V. pCR Approval
8.3Study on Supporting 256-bit Algorithms for 5G (FS_256-Algorithms) (Rel-16)
Yes
YesNCSC objected to the first change. There were many other concerns on this document so it was finally noted.
noted No    
S3‑182470 Updates on Security Mechanism for Steering of Roaming Samsung, Qualcomm Incorporated, T-Mobile USA CR  
7.4.14PLMN RAT selection (Steering of Roaming) (Rel-15)
Yes
Yes
agreed No    
S3‑182471 Mending MCC EditHelp Comments Deutsche Telekom AG pCR Agreement
8.1Study on Security Aspects of the 5G Service Based Architecture (FS_SBA-Sec) (Rel-15)
Yes
Yes
approved No    
S3‑182472 Assignment of FC values to AEFPSK derivation Samsung CR  
7.4.13Security Aspects of Common API Framework for 3GPP Northbound APIs (CAPIF_Sec) (Rel-15)
Yes
Yes
merged No S3‑182624  
S3‑182473 Clarifications on the calculation of NAS-MAC for RRCConnection re-establishmentwith Control Plane CIoT optimisations (Rel-14) Qualcomm Incorporated CR Agreement
7.4.10Security Aspects of Narrowband IOT (CIoT)
Yes
Yes
revised No S3‑182614  
S3‑182474 Clarifications on the calculation of NAS-MAC for RRCConnection re-establishmentwith Control Plane CIoT optimisations (Rel-15) Qualcomm Incorporated CR Agreement
7.4.10Security Aspects of Narrowband IOT (CIoT)
Yes
Yes
revised No S3‑182615  
S3‑182475 Initial NAS security discussion Qualcomm Incorporated, DT, Vodafone, KPN discussion Endorsement
7.1.5NAS security
Yes
YesDT: this is not only protecting the message in its current form but also it is safe for the future. Nokia: too late to change the cal flow, impact on current implementations.I don’t see the threat of the UE being traceable, nothing to protect here. Vodafone supported Qualcomm's assesment on reverse engineering. Interidigital: GUTI carries AMF identifier and it is enough to identify a number of UEs that work with an AMF. Intel: ProSe is not supported in Rel-15, there is no clear threat analysis done and we propose to postpone this for Rel-16. Ericsson agreed with Intel: it is too late and we are concerned with the impact on stage 2. Postpone to Rel-16. Vodafone: we had agreed on a change on this. We would need a CR to revert this and it's not postponing: it's taking an action. Qualcomm agreed with Vodafone. SA3 has rejected this CR twice already. AT&T: if we don't do it now, we may not do it at all. Docomo agreed. Nokia: is this an essential feature? Ericsson: it's fine to introduce this in later Releases. Docomo: Why is CT1 worried about the delay? Partial cyphering was present in LTE already. The Chair requested a show of hands on 292 and 475. Tdoc 292: Nokia, LG,Intel,Huawei,Ericsson, ZTE. Tdoc 475: Vodafone, Qualcomm, IDEMIA,Docomo, DT,ORANGE,Interdigital,BT,NIST,China Mobile,AT&T,Vodafone, Airbus,Gemalto.
noted No    
S3‑182476 Reply LS on initial NAS message protection Qualcomm Incorporated LS out Approval
7.1.5NAS security
Yes
YesEricsson: it is important to analyze impacts on stage 2. DT: security by default should be the solution we should aim for. The Chair suggested that in SA3 a trade-off would be needed in this case if SA3 couldn’t get to the full security solution and let another group decide. Huawei commented that there seemed to be two sides on this issue: vendors (who saw a huge impact with little gain) and the operators/ handset manufacturers. Ericsson: we never justified why we needed to protect all the parameters. Qualcomm: you can link all this to the IMSI. Docomo agreed with Qualcomm. Alf also wondered where the impact was happening exactly. Ericsson replied that SA2 needed to revise the flow and it was too late to do this stage 2 change now. Docomo: the impact or cost is in standard development then. The Chair commented that not sending LS would mean that what is in the TS would remain.He suggested to send an LS stating the disagreement in SA3 on the justification. Huawei agreed to send such LS and suggested to let SA plenary decide. It was agreed to create an LS to express the lack of consensus (S3-182632). Alex (BT) warned about the danger of the operators not being GDPR compliant. He also added that we are required by the regulators to support LI but as operators we cannot justify creating more "holes" than the ones that LI requires.LI "holes" are protected, but here we would have "holes" open to the public.
noted No    
S3‑182477 Moving the HASHAMF behaviour from subclause 6.7.2 to subclause 6.4.6 Qualcomm Incorporated CR Agreement
7.1.5NAS security
Yes
Yes
not pursued No    
S3‑182478 Concurrency issues with N2 and 5G to EPS handovers Qualcomm Incorporated CR Agreement
7.1.5NAS security
Yes
Yes
merged No S3‑182655  
S3‑182479 Correction to the concurrency rules for parallel NAS connections Qualcomm Incorporated CR Agreement
7.1.5NAS security
Yes
Yes
merged No S3‑182656  
S3‑182480 Adding to note about ABBA to Annex A.7 that was missed in implementation of CR 0155r2 Qualcomm Incorporated CR Agreement
7.1.5NAS security
Yes
Yes
not pursued No    
S3‑182481 Discussion on the response to the CT1 LS on provision of ngKSI to UE at EAP-Request/AKA'-Challenge Qualcomm Incorporated discussion Endorsement
7.1.8Primary authentication
Yes
Yes
noted No    
S3‑182482 Discussion on security context handling issues when the UE is multiple registered in the same PLMN Qualcomm Incorporated discussion Endorsement
7.1.5NAS security
Yes
YesThe LS to cT1 in tdoc 637 is based on this document.
noted No    
S3‑182483 Simplification of the UE handling of keys at handover Qualcomm Incorporated CR Agreement
7.1.4AS security
Yes
Yes
revised No S3‑182590  
S3‑182484 discussion on RRC Inactive security Qualcomm Incorporated discussion Endorsement
7.1.4AS security
Yes
Yes
noted No    
S3‑182485 CR on RRC Inactive Qualcomm Incorporated CR Agreement
7.1.4AS security
Yes
YesHuawei: we cannot revert decisions and come back to something that RAN2 has decided. Adapt option A and forget about option B.
not pursued No    
S3‑182486 CR on reigstration procedure for mobility from 4G to 5G Qualcomm Incorporated CR Agreement
7.1.10Interworking
Yes
Yes
revised No S3‑182574  
S3‑182487 K_AMF change indication in NAS SMC Qualcomm Incorporated CR Agreement
7.1.5NAS security
Yes
YesNokia and Huawei agreed with Qualcomm.
revised No S3‑182638  
S3‑182488 UP policy check Qualcomm Incorporated CR Agreement
7.1.4AS security
Yes
Yes
revised No S3‑182644  
S3‑182489 CR on N2 based HO Qualcomm Incorporated CR Agreement
7.1.3Mobility
Yes
Yes
revised No S3‑182588  
S3‑182490 LS reply on security for E-UTRA connected to 5GC Qualcomm Incorporated LS out Approval
7.1.4AS security
Yes
Yes
merged No S3‑182538  
S3‑182491 CR on corrections on the 5GS to EPS handover procedure Qualcomm Incorporated CR Agreement
7.1.10Interworking
Yes
YesNTT-Docomo: is there any reason to specify 4 or 8 bytes? It's irrelevant from the security point of view. Ericsson: CT1 usually asks us about the size.
revised No S3‑182579  
S3‑182492 LS on NAS parameter for 5GS to EPS HO Qualcomm Incorporated LS out Approval
7.1.10Interworking
Yes
Yes
revised No S3‑182580  
S3‑182493 Handling of initial value of CounterSoR Qualcomm Incorporated CR Agreement
7.4.14PLMN RAT selection (Steering of Roaming) (Rel-15)
Yes
Yes
agreed No    
S3‑182494 Agenda and notes of 27th June conference call on remaining Rel-15 SBA work Qualcomm Incorporated report Information
7.1.13.2Other
Yes
Yes
noted No    
S3‑182495 Assigning FC value to TS 33.122 Samsung CR  
7.4.13Security Aspects of Common API Framework for 3GPP Northbound APIs (CAPIF_Sec) (Rel-15)
Yes
Yes
merged No S3‑182623  
S3‑182496 Key Issue on PARLOS Security Motorola Mobility, Lenovo pCR Approval
8.8Study on Security Aspects of PARLOS (FS_PARLOS_Sec) (Rel-16)
Yes
Yes
not treated No    
S3‑182497 Key Issue on Registration and NAS transport for trusted non-3GPP access Motorola Mobility, Lenovo pCR Approval
8.7Study on the security of the Wireless and Wireline Convergence for the 5G system architecture (FS_5WWC_SEC) (Rel-16)
Yes
Yes
not treated No    
S3‑182498 Key Issue on Access to 5GC from UEs that do not support NAS Motorola Mobility, Lenovo pCR Approval
8.7Study on the security of the Wireless and Wireline Convergence for the 5G system architecture (FS_5WWC_SEC) (Rel-16)
Yes
Yes
not treated No    
S3‑182499 [Draft] Reply LS on connection re-establishment security Samsung LS out  
7.1.4AS security
Yes
YesZTE: RAN2's proposal will cause an signalling overload. LTE's mechanisms could be reused here.
noted No    
S3‑182500 Update on InactiveMAC-I calculation Samsung CR  
7.1.4AS security
Yes
YesEricsson: this has been here since LTE, so if we want to remove we need to prove that there is a problem. We need a proper justification. Huawei wanted this change enhanced. Nokia: we can address the scenarios in the next meeting. Huawei proposed to bring a discussion paper about this. Ericsson asked to be minuted: calculation of soft resume MAC-I and resume constant input needs to be revisited. It was agreed to send an LS in 667 to CT1 as well.
agreed No    
S3‑182501 Mechanism to mitigate replay attack in RRC-Inactive state Samsung CR  
7.1.4AS security
Yes
YesIt was pointed out that the Issue was identified. Ericsson thought that this issue should be addressed but they didn’t agree with the solutions from Samsung and Huawei. They commented that they would bring a contribution for the next meeting. Huawei would also come back with their solution.
noted No    
S3‑182502 Discussion on Key Issues of FS_SBA_Sec Deutsche Telekom AG discussion Endorsement
8.1Study on Security Aspects of the 5G Service Based Architecture (FS_SBA-Sec) (Rel-15)
Yes
Yes
noted No    
S3‑182503 Introducing a new set of key issues to TR 33.855 Deutsche Telekom AG pCR Approval
8.1Study on Security Aspects of the 5G Service Based Architecture (FS_SBA-Sec) (Rel-15)
Yes
YesEricsson: this is not in scope of the study. Deutsche Telekom commented that the former living document had not enough content. ORANGE: is the intention to stop the Study now or we continue to add content in the next release? DT commented that they didn’t see realistic to finish the study in this meeting. MCC commented that if SA3 was going beyond the initial scope and objectives of the Study, they had to revise the Study. Ericsson: routing issues should be added. Vodafone didn’t want to see this closed; there were open issues and the study was still useful for Rel-16. The Rel-15 version of SBA was not robust enough to be implemented. ORANGE supported Vodafone. Ericsson queried whether the study was going to be with a Rel-15 scope or including enhancements for Rel-16. Nokia: there are a couple of open issues not closed in Rel-15. We don’t want to close it now. Vodafone: don’t send it for approval for the next Plenary. BT: what is more interesting is what goes to 33.501. No need to carry on with this TR, close it. Huawei: close the TR. ORANGE: approving this document will leave the study incomplete. Ericsson: the original commitment was to copy the living document into a TR, and save time, This is taking more time than planned. We should close now and open a new Study Item. Vodafone objected to closing the Study.DT preferred to keep it open too. ORANGE would also object to closing the study.
approved No    
S3‑182504 Skeleton for TS 33.513 Samsung draft TS  
7.2.3User Plane Function (UPF) (TS 33.513)
Yes
Yes
revised No S3‑182595  
S3‑182505 Scope for TS 33.513 SCAS UPF Samsung pCR  
7.2.3User Plane Function (UPF) (TS 33.513)
Yes
Yes
approved No    
S3‑182506 Clarification to the protection of attributes by the SEPP Deutsche Telekom AG CR Approval
7.1.13.1Interconnect (SEPP related)
Yes
Yes
revised No S3‑182565  
S3‑182507 Clarifications to protection policies Deutsche Telekom AG CR Approval
7.1.13.1Interconnect (SEPP related)
Yes
Yes
revised No S3‑182559  
S3‑182508 New key issue on Privacy of subscriber and application user LG Electronics pCR Approval
8.5Study on authentication and key management for applications based on 3GPP credential in 5G IoT (FS_AKMA)(Rel-16)
Yes
Yes
not treated No    
S3‑182509 New key issue on provisioning of CIoT devices LG Electronics pCR Approval
8.6Study on evolution of Cellular IoT security for the 5G System (FS_CIoT_sec_5G) (Rel-16)
Yes
Yes
not treated No    
S3‑182510 New key issue on flexible security of CIoT devices LG Electronics pCR Approval
8.6Study on evolution of Cellular IoT security for the 5G System (FS_CIoT_sec_5G) (Rel-16)
Yes
Yes
withdrawn Yes    
S3‑182511 CR for 33.501 - Editorial correction of 6.9.3 LG Electronics CR Agreement
7.1.16Others
Yes
Yes
merged No S3‑182528  
S3‑182512 CR for 33.501 - Editorial correction of 6.7.2 LG Electronics CR Agreement
7.1.16Others
Yes
Yes
agreed No    
S3‑182513 Clause 6.12.2-Adding Routing Indicator in SUCI CATT, Ericsson , Vodafone, Huawei, NEC, China Mobile, Nokia, Nokia Shanghai Bell Labs, IDEMIA CR Agreement
7.1.14Privacy
Yes
Yes
merged No S3‑182535 S3‑182228
S3‑182514 Disucssion and clarification on SUCI parameters Huawei, Hisilicon discussion Agreement
7.1.14Privacy
Yes
Yes
noted No    
S3‑182515 LS on SUCI parameters clarification Huawei, Hisilicon LS out Approval
7.1.14Privacy
Yes
Yes
revised No S3‑182536  
S3‑182516 Supporting DTLS on gNB internal and external SCTP Interfaces Huawei, Hisilicon, Nokia discussion Endorsement
7.1.4AS security
Yes
Yes
not pursued No   S3‑182239
S3‑182517 Security requirements on the CAPIF-3e/4e/5e reference points China Telecommunications CR Approval
7.4.13Security Aspects of Common API Framework for 3GPP Northbound APIs (CAPIF_Sec) (Rel-15)
No
Yes
withdrawn Yes    
S3‑182518 A scenario on secure communication for shared bikes Alibaba (China) Group., Ltd., China Mobile pCR Approval
8.5Study on authentication and key management for applications based on 3GPP credential in 5G IoT (FS_AKMA)(Rel-16)
Yes
Yes
noted No   S3‑182339
S3‑182519 Response to 3GPP SA2 liaison S2-183036 on ‘general status of work’ BBF LS in  
7.1.15Incoming and outgoing Lses
Yes
Yes
noted No    
S3‑182520 AKMA Architecture for Non-3GPP Credential Download Alibaba (China) Group., Ltd., China Mobile pCR Approval
8.5Study on authentication and key management for applications based on 3GPP credential in 5G IoT (FS_AKMA)(Rel-16)
Yes
Yes
noted No   S3‑182395
S3‑182521 Commenting contribution on JOSE based protection of HTTP messages over N32-f (S3-182257) Deutsche Telekom AG other Approval
7.1.13.1Interconnect (SEPP related)
Yes
Yes
noted No    
S3‑182522 Error handling for N32 Application Layer Security Nokia other Approval
7.1.13.1Interconnect (SEPP related)
Yes
YesVodafone proposed to have the error handling optional. Ericsson: error handling being optional is stepping on CT4's (stage 3) territory.
revised No S3‑182564  
S3‑182523 Comments on S3-182209 Qualcomm Incorporated discussion  
7.1.5NAS security
Yes
Yes
noted No    
S3‑182524 WI Summary for 5G_Ph1-sec NTT DOCOMO INC. WI summary Endorsement
7.1.16Others
Yes
Yes
revised No S3‑182633  
S3‑182525 Update to WID 5G SCAS Nokia, Nokia Shanghai Bell, Huawei, HiSilicon, China Unicom, CATT, Deutsche Telekom, ZTE, Samsung, KPN, NEC, British Telecom, China Mobile, Ericsson WID revised Approval
7.2.1NR Node B (gNB) (TS 33.511)
Yes
YesEricsson was concerned about the amount of resources spent on this work and whether this was used in GSMA and so on. The progress was slow on SCAS.
revised No S3‑182593 S3‑182332
S3‑182526 Discussion and pCR for identity key issue of AKMA China Mobile, DT, KPN, Alibaba (China) Group., Ltd. pCR  
8.5Study on authentication and key management for applications based on 3GPP credential in 5G IoT (FS_AKMA)(Rel-16)
Yes
Yes
noted No   S3‑182431
S3‑182527 Comment on: JOSE based protection of HTTP messages over N32-f (S3-182257) Ericsson-LG Co., LTD discussion Approval
7.1.13.1Interconnect (SEPP related)
Yes
Yes
noted No    
S3‑182528 Collection of editorial changes Nokia, Nokia Shanghai Bell,LG CR -
7.1.16Others
Yes
Yes
agreed No   S3‑182439
S3‑182529 Reply LS on BL/WLAN measurement collection in MDT Ericsson LS out Approval
7.1.4AS security
Yes
Yes
approved No   S3‑182358
S3‑182530 LS to GSMA on slicing Huawei, HiSilicon LS out Approval
6.4GSMA
Yes
Yes
approved No   S3‑182268
S3‑182531 Reply to:LS on new work item "X.5Gsec-q" Vodafone LS out approval
6.8TC-CYBER
Yes
Yes
approved No    
S3‑182532 Reply LS to LS on provision of ngKSI to UE at EAP-Request/AKA'-Challenge Huawei, Hisilicon LS out Approval
7.1.8Primary authentication
Yes
Yes
approved No   S3‑182448
S3‑182533 Clarification of ngKSI and ABBA parameter in 5G-AKA Intel Corporation (UK) Ltd CR Approval
7.1.8Primary authentication
Yes
Yes
agreed No   S3‑182392
S3‑182534 Clarification for ngksi and ABBA parameter for EAP-AKA’ Intel Corporation (UK) Ltd,Huawei,Nokia, Nokia Shanghai Bell CR -
7.1.8Primary authentication
Yes
Yes
agreed No   S3‑182393
S3‑182535 Privacy – adding missing detials in SUCI content and format CATT, Ericsson , Vodafone, Huawei, NEC, China Mobile, Nokia, Nokia Shanghai Bell Labs, IDEMIA CR Agreement
7.1.14Privacy
Yes
Yes
agreed No   S3‑182374
S3‑182536 LS on SUCI parameters clarification Huawei, Hisilicon LS out Approval
7.1.14Privacy
Yes
Yes
approved No   S3‑182515
S3‑182537 Performance aspects for the new 256-bit algorithms CATT pCR Approval
8.3Study on Supporting 256-bit Algorithms for 5G (FS_256-Algorithms) (Rel-16)
Yes
YesThere were many concerns on this document so it had to be noted. Vodafone proposed a conference call for the following week to have documents like this as an input.
noted No   S3‑182251
S3‑182538 Reply LS on Security aspects of supporting LTE connected to 5GC Ericsson LS out Approval
7.1.4AS security
Yes
Yes
approved No   S3‑182361
S3‑182539 Reply LS on UE identity for PO calculation Ericsson LS out Approval
7.1.4AS security
Yes
Yes
approved No   S3‑182359
S3‑182540 Corrections to references related to handling of security contexts in mobility procedures Nokia, Nokia Shanghai Bell,ZTE CR -
7.1.6Security context
Yes
Yes
agreed No   S3‑182442
S3‑182541 Reply LS on RRC Re-establishment security Huawei, Hisilicon LS out Approval
7.1.4AS security
Yes
Yes
approved No   S3‑182241
S3‑182542 Reply LS on security requirements for RRC connection release Huawei, Hisilicon, China Mobile LS out Approval
7.1.4AS security
Yes
Yes
approved No   S3‑182243
S3‑182543 [MCSec] 33180 R14. Examples of MC service ID shall be URI Airbus DS SLC CR -
7.4.8Mission Critical (MCPTT, MCSec, eMCSec, MONASTERY_SEC)
Yes
Yes
agreed No   S3‑182107
S3‑182544 [MCSec] 33180 R15. Examples of MC service ID shall be URI Airbus DS SLC CR -
7.4.8Mission Critical (MCPTT, MCSec, eMCSec, MONASTERY_SEC)
Yes
Yes
agreed No   S3‑182108
S3‑182545 [MCPTT 33180 R14. Clarification for MIKEY-SAKKE values Airbus DS SLC CR -
7.4.8Mission Critical (MCPTT, MCSec, eMCSec, MONASTERY_SEC)
Yes
Yes
agreed No   S3‑182110
S3‑182546 [MCSec] 33180 R15. Clarification for MIKEY-SAKKE values Airbus DS SLC CR -
7.4.8Mission Critical (MCPTT, MCSec, eMCSec, MONASTERY_SEC)
Yes
Yes
agreed No   S3‑182111
S3‑182547 Reply LS to S3-182150 security handling when deploying UDSF Nokia,Nokia Shanghai Bell LS out -
7.1.15Incoming and outgoing Lses
Yes
YesThere was no consensus on this LS, and given that SA2 would not meet before the next SA3 meetng, this was noted.
noted No   S3‑182215
S3‑182548 CR to Clause 6.9.3 Removal of KSEAF storage restriction Nokia, Verizon, TMO-USA,Nokia Shanghai Bell CR Agreement
7.1.3Mobility
Yes
Yes
agreed No   S3‑182201
S3‑182549 CR for Addition of security requirements for external storage Nokia, Nokia Shanghai bell, Verizon, TMO-USA CR -
7.1.3Mobility
Yes
Yes
postponed No   S3‑182202
S3‑182550 N32 solution details Nokia,Nokia Shanghai Bell CR Agreement
7.1.13.1Interconnect (SEPP related)
Yes
Yes
agreed No   S3‑182272
S3‑182551 N32 terminology and restructuring Ericsson other Approval
7.1.13.1Interconnect (SEPP related)
Yes
Yes
merged No S3‑182673 S3‑182387
S3‑182552 N32-f context Ericsson other Approval
7.1.13.1Interconnect (SEPP related)
Yes
Yes
merged No S3‑182673 S3‑182341
S3‑182553 N32 session key derivation and key hierarchy Ericsson other Approval
7.1.13.1Interconnect (SEPP related)
Yes
Yes
merged No S3‑182550 S3‑182380
S3‑182554 TLS export Ericsson other Approval
7.1.13.1Interconnect (SEPP related)
Yes
Yes
merged No S3‑182673 S3‑182386
S3‑182555 pCR to DraftCR - Protection Policies Deutsche Telekom other Approval
7.1.13.1Interconnect (SEPP related)
Yes
Yes
merged No S3‑182552 S3‑182321
S3‑182556 [MCPTT] 33179 R13. Examples of MC service ID shall be URI Airbus DS SLC CR -
7.4.8Mission Critical (MCPTT, MCSec, eMCSec, MONASTERY_SEC)
Yes
Yes
agreed No    
S3‑182557 [MCPTT] 331179 R13. Clarification for MIKEY-SAKKE values Airbus DS SLC CR -
7.4.8Mission Critical (MCPTT, MCSec, eMCSec, MONASTERY_SEC)
Yes
Yes
agreed No    
S3‑182558 Revision of the modification policy in draft CR S3-181937 China Mobile other Approval
7.1.13.1Interconnect (SEPP related)
Yes
Yes
merged No S3‑182673 S3‑182433
S3‑182559 Clarifications to protection policies Deutsche Telekom AG CR Approval
7.1.13.1Interconnect (SEPP related)
Yes
Yes
merged No S3‑182673 S3‑182507
S3‑182560 JOSE based protection of messages over N32-f Nokia, NCSC,Nokia Shanghai Bell other Approval
7.1.13.1Interconnect (SEPP related)
Yes
Yes
merged No S3‑182673 S3‑182257
S3‑182561 On the need for error signalling in inter-PLMN communication Deutsche Telekom AG discussion Endorsement
7.1.13.1Interconnect (SEPP related)
Yes
Yes
endorsed No   S3‑182413
S3‑182562 LS on N32 error signalling Deutsche Telekom LS out Approval
7.1.13.1Interconnect (SEPP related)
Yes
Yes
approved No    
S3‑182563 Error handling for SBA authentication and authorization in service layer China Mobile CR -
7.1.13.1Interconnect (SEPP related)
Yes
Yes
agreed No   S3‑182447
S3‑182564 Error handling for N32 Application Layer Security Nokia other Approval
7.1.13.1Interconnect (SEPP related)
Yes
Yes
merged No S3‑182550 S3‑182522
S3‑182565 Clarification to the protection of attributes by the SEPP Deutsche Telekom AG CR Approval
7.1.13.1Interconnect (SEPP related)
Yes
Yes
agreed No   S3‑182506
S3‑182566 CR to remove Editor’s Note on additional claims in the access token Nokia,Nokia Shanghai Bell CR Agreement
7.1.13.2Other
Yes
Yes
agreed No   S3‑182318
S3‑182567 CR to remove Editor’s Note on additional parameters that may be required in step 1 of Figure 13.4.1.1-2 Nokia,Nokia Shanghai Bell CR Agreement
7.1.13.2Other
Yes
Yes
agreed No   S3‑182319
S3‑182568 Removal of token validation by NRF Ericsson,Nokia CR Agreement
7.1.13.2Other
Yes
Yes
agreed No   S3‑182383
S3‑182569 Clarification on authentication and authorization in SBA Huawei, Hisilicon,Ericsson, Nokia CR Approval
7.1.13.2Other
Yes
Yes
agreed No   S3‑182452
S3‑182570 Clarifications and editorials to clause 13.1 (Transport security for service based interfaces) Ericsson CR Agreement
7.1.13.2Other
Yes
Yes
agreed No   S3‑182465
S3‑182571 Privacy - addressing ENs Ericsson CR Agreement
7.1.14Privacy
Yes
Yes
agreed No   S3‑182375
S3‑182572 LS Reply on Control Plane Solution for Steering of Roaming in 5GS GSMA LS in discussion
7.4.14PLMN RAT selection (Steering of Roaming) (Rel-15)
Yes
YesPostponed until receiving some guidance from plenary.
postponed No    
S3‑182573 Clarification to key hierarchy Nokia, Nokia Shanghai Bell CR -
7.1.1Key hierarchy
Yes
Yes
agreed No   S3‑182437
S3‑182574 CR on reigstration procedure for mobility from 4G to 5G Qualcomm Incorporated CR Agreement
7.1.10Interworking
Yes
Yes
agreed No   S3‑182486
S3‑182575 Clarifications related to the NAS Container calculation during inter system handover Ericsson CR Agreement
7.1.10Interworking
Yes
Yes
agreed No   S3‑182401
S3‑182576 Removal of editor’s note on harmonization between inter and intra system handovers Ericsson CR Agreement
7.1.10Interworking
Yes
Yes
agreed No   S3‑182400
S3‑182577 A scenario on secure communication for shared bikes Alibaba (China) Group., Ltd., China Mobile pCR Approval
8.5Study on authentication and key management for applications based on 3GPP credential in 5G IoT (FS_AKMA)(Rel-16)
Yes
Yes
withdrawn Yes    
S3‑182578 AKMA Architecture for Non-3GPP Credential Download Alibaba (China) Group., Ltd., China Mobile pCR Approval
8.5Study on authentication and key management for applications based on 3GPP credential in 5G IoT (FS_AKMA)(Rel-16)
Yes
Yes
withdrawn Yes    
S3‑182579 CR on corrections on the 5GS to EPS handover procedure Qualcomm Incorporated CR Agreement
7.1.10Interworking
Yes
Yes
agreed No   S3‑182491
S3‑182580 LS on NAS parameter for 5GS to EPS HO Qualcomm Incorporated LS out Approval
7.1.10Interworking
Yes
Yes
approved No   S3‑182492
S3‑182581 Corrections and clarifications to interworking clauses Ericsson CR Agreement
7.1.10Interworking
Yes
Yes
agreed No   S3‑182399
S3‑182582 Addition of definitions and corrections to references Nokia, Nokia Shanghai Bell CR -
7.1.16Others
Yes
YesNokia pointed out that the corrected definition on “authentication data” in this CR points to a related topic that needs to be addressed. CT4 29.505 and SA3 33.501 have a different meaning of “authentication data” related to UDM/UDR. Also Nudr service details related to security are missing. It was asked how to solve this and which group is responsible? Nokia encouraged to discuss the details offline and offered to take the lead. Nokia aso stated that the background was available in an email sent to the SA3 reflector.
agreed No   S3‑182441
S3‑182583 CR to clarify username in Annex C Nokia,Nokia Shanghai Bell CR Approval
7.1.2Key derivation
Yes
Yes
agreed No   S3‑182199
S3‑182584 Clause 6.7.3.2 - Modification on algorithm selection during N2 handover ZTE Corporation CR Approval
7.1.3Mobility
Yes
Yes
agreed No   S3‑182181
S3‑182585 Clause 6.9.2 - Modification on security handling during handover ZTE Corporation,Ericsson CR Approval
7.1.3Mobility
Yes
Yes
agreed No   S3‑182184
S3‑182586 Mobility – Rectification of NAS MAC calculation for NAS Container Ericsson CR Agreement
7.1.3Mobility
Yes
Yes
agreed No   S3‑182368
S3‑182587 Mobility – Rectification of how DL NAS COUNT is transferred in NAS Container Ericsson CR Agreement
7.1.3Mobility
No
Yes
withdrawn Yes    
S3‑182588 CR on N2 based HO Qualcomm Incorporated CR Agreement
7.1.3Mobility
Yes
Yes
agreed No   S3‑182489
S3‑182589 Update on SEAF requirements Nokia, Nokia Shanghai Bell CR -
7.1.8Primary authentication
Yes
Yes
agreed No   S3‑182440
S3‑182590 Simplification of the UE handling of keys at handover Qualcomm Incorporated CR Agreement
7.1.4AS security
Yes
Yes
agreed No   S3‑182483
S3‑182591 Mobility – Resolving EN and corrections in AS re-keying Ericsson CR Agreement
7.1.3Mobility
Yes
Yes
agreed No   S3‑182366
S3‑182592 Draft TS 33.511 Huawei draft TS Approval
7.2.1NR Node B (gNB) (TS 33.511)
Yes
Yes
approved No    
S3‑182593 Update to WID 5G SCAS Nokia, Nokia Shanghai Bell, Huawei, HiSilicon, China Unicom, CATT, Deutsche Telekom, ZTE, Samsung, KPN, NEC, British Telecom, China Mobile, Ericsson WID revised Approval
7.2.1NR Node B (gNB) (TS 33.511)
Yes
Yes
agreed No   S3‑182525
S3‑182594 Document Skeleton for TS 33.512, based on TS 33.116 Deutsche Telekom AG draft TS Approval
7.4.9Security Assurance Specifications (SCAS-SA3, SCAS_PGW, SCAS_eNB)
Yes
Yes
approved No   S3‑182331
S3‑182595 Skeleton for TS 33.513 Samsung draft TS -
7.2.3User Plane Function (UPF) (TS 33.513)
Yes
Yes
approved No   S3‑182504
S3‑182596 Draft TS 33.513 Samsung draft TS Approval
7.2.3User Plane Function (UPF) (TS 33.513)
Yes
Yes
approved No    
S3‑182597 Draft TS 33.514 NEC draft TS Approval
7.2.4Unified Data Management (UDM) (TS 33.514)
Yes
Yes
approved No    
S3‑182598 Skeleton for TS 33.514 SCAS UDM NEC Corporation pCR Approval
7.2.4Unified Data Management (UDM) (TS 33.514)
Yes
YesClause 4 is gone.
approved No   S3‑182420
S3‑182599 skeleton of TS 33515 Huawei, Hisilicon draft TS Approval
7.2.5Session Management Function (SMF) (TS 33.515)
Yes
Yes
approved No   S3‑182306
S3‑182600 Draft TS 33.515 Huawei draft TS Approval
7.2.5Session Management Function (SMF) (TS 33.515)
Yes
Yes
approved No    
S3‑182601 [MCPTT] 33180 R15 Fix XML schema Motorola Solutions UK Ltd. CR Agreement
7.4.8Mission Critical (MCPTT, MCSec, eMCSec, MONASTERY_SEC)
Yes
Yes
agreed No   S3‑182222
S3‑182602 Alignment of terminology in RRCConnctionReestablsihment Procedure in R14 Huawei, Hisilicon CR Approval
7.4.1SAE/LTE Security
Yes
Yes
agreed No   S3‑182298
S3‑182603 Alignment of terminology in RRCConnctionReestablsihment Procedure in R15 Huawei, Hisilicon CR Approval
7.4.1SAE/LTE Security
Yes
Yes
agreed No   S3‑182299
S3‑182604 LTE EDT - Updates in suspend/resume Ericsson CR Agreement
7.4.1SAE/LTE Security
Yes
Yes
agreed No   S3‑182349
S3‑182605 LS on security aspects of EDT Ericsson LS out Approval
7.4.1SAE/LTE Security
Yes
Yes
approved No    
S3‑182606 Update NDS/IP scope with application layer crypto profiles Juniper Networks CR -
7.4.3Network Domain Security (NDS)
Yes
Yes
agreed No   S3‑182167
S3‑182607 Update NDS/IP scope with application layer crypto profiles Juniper Networks CR -
7.4.3Network Domain Security (NDS)
No
Yes
withdrawn Yes    
S3‑182608 Clarify NDS/AF intro regarding crypto profiles Juniper Networks CR -
7.4.3Network Domain Security (NDS)
Yes
Yes
agreed No   S3‑182169
S3‑182609 Clarify NDS/AF intro regarding crypto profiles Juniper Networks CR -
7.4.3Network Domain Security (NDS)
No
Yes
withdrawn Yes    
S3‑182610 Modifications on Security procedures for API invoker onboarding Huawei, Hisilicon CR Approval
7.4.13Security Aspects of Common API Framework for 3GPP Northbound APIs (CAPIF_Sec) (Rel-15)
Yes
Yes
agreed No   S3‑182276
S3‑182611 EDCE5 security requirements and corresponding test cases for MeNB Huawei, Hisilicon CR Approval
7.4.9Security Assurance Specifications (SCAS-SA3, SCAS_PGW, SCAS_eNB)
No
Yes
withdrawn Yes    
S3‑182612 Clarifications in TS 33117 Huawei, Hisilicon CR Approval
7.4.9Security Assurance Specifications (SCAS-SA3, SCAS_PGW, SCAS_eNB)
Yes
Yes
agreed No   S3‑182316
S3‑182613 Generic description of security elements Nokia, Nokia Shanghai Bell CR -
7.1.16Others
Yes
Yes
agreed No   S3‑182436
S3‑182614 Clarifications on the calculation of NAS-MAC for RRCConnection re-establishmentwith Control Plane CIoT optimisations (Rel-14) Qualcomm Incorporated CR Agreement
7.4.10Security Aspects of Narrowband IOT (CIoT)
Yes
Yes
agreed No   S3‑182473
S3‑182615 Clarifications on the calculation of NAS-MAC for RRCConnection re-establishmentwith Control Plane CIoT optimisations (Rel-15) Qualcomm Incorporated CR Agreement
7.4.10Security Aspects of Narrowband IOT (CIoT)
Yes
Yes
agreed No   S3‑182474
S3‑182616 LS on using same counters in EDCE5 Ericsson LS out Approval
7.4.11EPC enhancements to support 5G New Radio via Dual Connectivity (EDCE5)
Yes
Yes
approved No    
S3‑182617 Reply to: LS on CAPIF4xMB Samsung LS out approval
7.4.13Security Aspects of Common API Framework for 3GPP Northbound APIs (CAPIF_Sec) (Rel-15)
Yes
YesAnswering the question on authentication and authorization.
approved No    
S3‑182618 Security requirements for API invoker onboarding and offboarding Huawei, Hisilicon CR Approval
7.4.13Security Aspects of Common API Framework for 3GPP Northbound APIs (CAPIF_Sec) (Rel-15)
Yes
Yes
agreed No   S3‑182275
S3‑182619 Clarification on Security protections in CAPIF-1 and CAPIF-2 reference point Huawei, Hisilicon CR Approval
7.4.13Security Aspects of Common API Framework for 3GPP Northbound APIs (CAPIF_Sec) (Rel-15)
Yes
Yes
agreed No   S3‑182277
S3‑182620 [CAPIF_Sec] 33122 R15 access token profile Motorola Solutions UK Ltd. CR Agreement
7.4.13Security Aspects of Common API Framework for 3GPP Northbound APIs (CAPIF_Sec) (Rel-15)
Yes
Yes
agreed No   S3‑182216
S3‑182621 Clarification on access token verification Huawei, Hisilicon CR Approval
7.4.13Security Aspects of Common API Framework for 3GPP Northbound APIs (CAPIF_Sec) (Rel-15)
Yes
Yes
agreed No   S3‑182278
S3‑182622 [CAPIF-Sec] 33122 correct note in clause 6.5.2.1 Motorola Solutions UK Ltd. CR Agreement
7.4.13Security Aspects of Common API Framework for 3GPP Northbound APIs (CAPIF_Sec) (Rel-15)
Yes
Yes
agreed No   S3‑182218
S3‑182623 FC value in TS 33.220 Huawei, Hisilicon CR Approval
7.4.13Security Aspects of Common API Framework for 3GPP Northbound APIs (CAPIF_Sec) (Rel-15)
Yes
Yes
agreed No   S3‑182280
S3‑182624 Adding FC value to TS 33.122 Huawei, Hisilicon CR Approval
7.4.13Security Aspects of Common API Framework for 3GPP Northbound APIs (CAPIF_Sec) (Rel-15)
Yes
Yes
agreed No   S3‑182281
S3‑182625 Study of KDF negotiation for 5G System Security Huawei, Hisilicon, SID new Approval
8.10New study item proposals
Yes
YesORANGE: overlapping with our study in LTE-CUP. AT&T supported this SID. Qualcomm: RAN related stuff should go to a different SID. A single SID with a long list of objectives woud be too much and this is the way other 3GPP WGs are working this way. ORANGE supported this.
agreed No   S3‑182244
S3‑182626 Adding BEST Support for non-IP PDN Connections that Terminate at the SCEF Convida Wireless, InterDigital, Inc. CR Approval
7.4.15Battery Efficient Security for very low Throughput Machine Type Communication Devices (BEST_MTC_Sec) (Rel-15)
Yes
Yes
agreed No   S3‑182119
S3‑182627 CR to TS 33.163 (BEST) - correction of Tag values Vodafone Espańa SA CR Agreement
7.4.15Battery Efficient Security for very low Throughput Machine Type Communication Devices (BEST_MTC_Sec) (Rel-15)
Yes
Yes
agreed No   S3‑182456
S3‑182628 Discussion and pCR for identity key issue of AKMA China Mobile, DT, KPN, Alibaba (China) Group., Ltd. pCR -
8.5Study on authentication and key management for applications based on 3GPP credential in 5G IoT (FS_AKMA)(Rel-16)
Yes
Yes
withdrawn Yes    
S3‑182629 Reply to: LS OUT on OAuth 2.0 Ericsson LS out approval
7.1.15Incoming and outgoing Lses
Yes
Yes
approved No    
S3‑182630 Reply to: LS OUT on TLS and inter PLMN routing NTT-Docomo LS out approval
7.1.15Incoming and outgoing Lses
Yes
Yes
approved No    
S3‑182631 EPC solution for RLOS access Intel Corporation (UK) Ltd pCR -
8.8Study on Security Aspects of PARLOS (FS_PARLOS_Sec) (Rel-16)
No
Yes
withdrawn Yes    
S3‑182632 Reply to: LS on initial NAS message protection NTT-Docomo LS out approval
7.1.15Incoming and outgoing Lses
Yes
Yes
approved No    
S3‑182633 WI Summary for 5G_Ph1-sec NTT DOCOMO INC. WI summary Endorsement
7.1.16Others
Yes
Yes
endorsed No   S3‑182524
S3‑182634 Study on 5G security enhancement against false base stations Apple Computer Trading Co. Ltd SID new Approval
8.10New study item proposals
Yes
Yes
revised No S3‑182704 S3‑182249
S3‑182635 Clause 5.2.5 - Modification on subscriber privacy ZTE Corporation CR Approval
7.1.14Privacy
Yes
Yes
agreed No   S3‑182171
S3‑182636 Mobility – Corrections for usage of local policy at AMF Ericsson,ZTE,Nokia CR Agreement
7.1.3Mobility
Yes
Yes
agreed No   S3‑182367
S3‑182637 LS on security issues on Multi NAS scenarios Qualcomm LS out Approval
7.1.5NAS security
Yes
Yes
approved No    
S3‑182638 K_AMF change indication in NAS SMC Qualcomm Incorporated,Ericsson CR Agreement
7.1.5NAS security
Yes
Yes
agreed No   S3‑182487
S3‑182639 Use the old KRRCint for calculation of the security token in MSG3 Ericsson CR Agreement
7.1.4AS security
Yes
Yes
agreed No   S3‑182377
S3‑182640 Reply LS on inactive security Ericsson LS out Approval
7.1.4AS security
Yes
Yes
approved No   S3‑182354
S3‑182641 CR to add a missing step to discover an NF producer instance during Access Token Request Nokia,Nokia Shanghai Bell,Ericsson,Huawei CR Agreement
7.1.13.2Other
Yes
Yes
agreed No   S3‑182273
S3‑182642 CR to add Access Token Request procedure for a specific NF service producer Nokia,Nokia Shanghai Bell CR Agreement
7.1.13.2Other
Yes
Yes
agreed No   S3‑182274
S3‑182643 CR on mandatory ciphering of access tokens by NRF in inter-PLMN scenarios Nokia,Nokia Shanghai Bell CR Agreement
7.1.13.2Other
No
Yes
withdrawn Yes    
S3‑182644 UP policy check Qualcomm Incorporated,ZTE,CATT CR Agreement
7.1.4AS security
Yes
Yes
agreed No   S3‑182488
S3‑182645 Clause 6.6.2 - Modification on UP security activation mechanism ZTE Corporation CR Approval
7.1.4AS security
Yes
Yes
agreed No   S3‑182180
S3‑182646 Algorithm Negotiation for Unauthenticated UEs in LSM Huawei, HiSilicon, China Mobile.Ericsson CR Approval
7.1.4AS security
Yes
Yes
agreed No   S3‑182237
S3‑182647 Clarifications in TS 33117 Huawei, Hisilicon CR Approval
7.4.9Security Assurance Specifications (SCAS-SA3, SCAS_PGW, SCAS_eNB)
Yes
Yes
agreed No    
S3‑182648 DC - definition corrections Ericsson,CATT CR Agreement
7.1.4AS security
Yes
YesIncludes the definition part of tdoc 2231.
agreed No   S3‑182350
S3‑182649 Other Security Procedures for Dual Connectivity Huawei, HiSilicon,Ericsson,CATT CR Agreement
7.1.4AS security
Yes
Yes
agreed No   S3‑182260
S3‑182650 Align AS SMC procedure with SA2 and RAN3 Huawei, Hisilicon CR Approval
7.1.4AS security
Yes
Yes
agreed No   S3‑182301
S3‑182651 CR to delete ENs in clause 5.3 gNB Requirements Nokia, Nokia Shanghai Bell CR Approval
7.1.4AS security
Yes
Yes
agreed No   S3‑182205
S3‑182652 Update of definition of 5G AS security context for 3GPP access Ericsson CR Agreement
7.1.4AS security
Yes
Yes
agreed No   S3‑182376
S3‑182653 Define and clarify ABBA parameter Nokia, Nokia Shanghai Bell CR Approval
7.1.5NAS security
Yes
Yes
agreed No   S3‑182209
S3‑182654 Multiple NAS connections: taking a new security context into use on non-3GPP access Ericsson CR Agreement
7.1.5NAS security
Yes
Yes
agreed No   S3‑182411
S3‑182655 Clause 6.9.5.1 - Add rule for concurrent running of security procedures ZTE Corporation,Qualcomm CR Approval
7.1.5NAS security
Yes
Yes
agreed No   S3‑182193
S3‑182656 Clause 6.9.5.2 - Modify rule for concurrent running of security procedures ZTE Corporation,Ericsson,Qualcomm CR Approval
7.1.5NAS security
Yes
Yes
agreed No   S3‑182194
S3‑182657 Editorial corrections to TS 33.501 Huawei, Hisilicon CR Approval
7.1.8Primary authentication
Yes
Yes
agreed No   S3‑182279
S3‑182658 Corrections on primary authentication Huawei, Hisilicon CR Approval
7.1.8Primary authentication
Yes
Yes
agreed No   S3‑182284
S3‑182659 Removal of Note 2a on Kausf use case restriction NEC Corporation CR Approval
7.1.8Primary authentication
Yes
Yes
agreed No   S3‑182417
S3‑182660 Clarification on Storage of SUPI at SEAF NEC Corporation CR Approval
7.1.8Primary authentication
No
Yes
withdrawn Yes    
S3‑182661 LS-out-to-SA2-on secondary re-authentication Huawei, HiSilicon LS out Approval
7.1.9Secondary authentication
Yes
Yes
approved No   S3‑182270
S3‑182662 Correction of Note on physical protection for NDS/IP use Ericsson CR Agreement
7.1.12NDS
Yes
Yes
agreed No   S3‑182403
S3‑182663 Protection of non SBA interfaces internal to 5G core. Deutsche Telecom AG CR -
7.1.12NDS
Yes
Yes
agreed No    
S3‑182664 Editorial changes to clause 9 Nokia, Nokia Shanghai Bell CR -
7.1.16Others
Yes
Yes
agreed No   S3‑182438
S3‑182665 SID on Enhanced network Slicing Nokia, Nokia Shanghai Bell,NEC, Huawei, HiSilicon,Motorola Mobility, Lenovo SID new Approval
8.10New study item proposals
Yes
Yes
agreed No   S3‑182212
S3‑182666 Mobility – Clarification in intra-gNB-CU handover Ericsson CR Agreement
7.1.3Mobility
Yes
Yes
agreed No   S3‑182363
S3‑182667 LS on calculation of inactive MAC-I token Samsung LS out Approval
7.1.4AS security
Yes
Yes
approved No    
S3‑182668 LS on inidication for keys syncronization ZTE LS out Approval
7.1.3Mobility
Yes
Yes
approved No    
S3‑182669 revised WID 5G Phase one security NTT-Docomo WID revised Agreement
7.1.16Others
Yes
Yes
agreed No    
S3‑182670 Adding OAuth related authorization services for SBA security Huawei, Hisilicon CR Approval
7.1.13.2Other
Yes
Yes
agreed No   S3‑182453
S3‑182671 New WID on security aspects of single radio voice continuity from 5G to 3G China Unicom, Huawei, HiSilicon, ZTE, CATT, OPPO WID new -
7.5New Work Item proposals
Yes
YesORANGE asked if the study was considered as finsihed and the TR sent for approval. BT proposed to send it for information, given that the spec was still missing the SA requirement. Huawei commented that the SA2 WID was to be finished in December. The Chair commented that SA3 usually finished a cycle later than SA2 and that there was no rush. This was a Rel-16 Work Item. Docomo: impact on 5G security needs to be clarified before we go for a WID. The Chair noted the WID and asked China Unicom to bring the WID back for the next meeting. The TR 33.856 was to be sent for information to SA.
noted No   S3‑182334
S3‑182672 Draft CR on Application layer security on the N32 interface Nokia draftCR Approval
7.1.13.1Interconnect (SEPP related)
Yes
Yes
revised No S3‑182673  
S3‑182673 Draft CR on Application layer security on the N32 interface Nokia draftCR Approval
7.1.13.1Interconnect (SEPP related)
Yes
YesIt merges all content for the draft CR.
approved No   S3‑182672
S3‑182674 LS on Specification of the EAS-C/U interfaces for BEST InterDigital, Inc. LS out Agreement
7.4.15Battery Efficient Security for very low Throughput Machine Type Communication Devices (BEST_MTC_Sec) (Rel-15)
Yes
Yes
approved No   S3‑182120
S3‑182675 Support of 256-bit algorithms: references Gemalto N.V. pCR Approval
8.3Study on Supporting 256-bit Algorithms for 5G (FS_256-Algorithms) (Rel-16)
Yes
Yes
approved No   S3‑182468
S3‑182676 Draft TR 33.841 Vodafone draft TR Approval
8.3Study on Supporting 256-bit Algorithms for 5G (FS_256-Algorithms) (Rel-16)
Yes
Yes
approved No    
S3‑182677 Study on the supporting of perfect forward secrecy for 5G Authentication and Key Agreement Protocols Huawei SID new Agreement
8.10New study item proposals
No
Yes
withdrawn Yes    
S3‑182678 New SID on Security of the enhancement to the 5GC location services CATT SID new Agreement
8.10New study item proposals
Yes
Yes
agreed No   S3‑182250
S3‑182679 The SID on security for 5G URLLC Huawei, HiSilicon SID new Approval
8.10New study item proposals
Yes
Yes
agreed No   S3‑182265
S3‑182680 Clarification to support of authentication methods Nokia, Nokia Shanghai Bell CR -
7.1.8Primary authentication
Yes
YesORANGE didn’t support the added note. It's confusing and it's not adding anything. Nokia commented that they got questions from operators on how they had to choose. IDEMIA didn’t see the need for this note. Ericsson commented that this was just a note, no wrong technical issue here. Qualcomm: if we are having this confusion here, this needs to be clarified to the outside world.
not pursued No   S3‑182443
S3‑182681 New SID on SECAM and SCAS for 3GPP virtualized network products China Mobile, Nokia, Nokia Shanghai Bell, China Unicom, CAICT, CATT, ZTE SID new -
8.10New study item proposals
Yes
Yes
agreed No   S3‑182427
S3‑182682 Study on Security for 5GS Enhanced support of Vertical and LAN Services Nokia, Nokia Shanghai Bell SID new -
8.10New study item proposals
Yes
Yes
agreed No   S3‑182445
S3‑182683 TR 33.855 Deutsche Telekom draft TR Approval
8.1Study on Security Aspects of the 5G Service Based Architecture (FS_SBA-Sec) (Rel-15)
Yes
Yes
approved No    
S3‑182684 a proposal for the key issue on protecting the SRVCC capability of TR33.856 Huawei, Hisilicon pCR Approval
8.4Security aspects of single radio voice continuity from 5G to UTRAN (FS_5G_UTRAN_SEC) (Rel-16)
Yes
Yes
approved No   S3‑182289
S3‑182685 Draft TR 33.856 China Unicom draft TR Approval
8.