Tdoc List

2025-08-29 16:07

Agenda Topic TDoc Title Source Type For Avail Treated Decision Wdrn Replaced-by Replaces
1 Agenda and Meeting Objectives S3‑252500 Agenda SA WG3 Chair agenda   Yes
Yes
 		approved No    
    S3‑252502 Process for SA3#123 WG Chair other   Yes
Yes
 		noted No    
    S3‑252503 Detailed agenda planning SA WG3 Chair other   No
Yes
 		noted No    
2 Meeting Reports                      
2.1 Previous SA3 meeting report/s and SA report S3‑252501 Report from SA3#122 MCC report   Yes
Yes
 		approved No    
    S3‑252925 Report from last SA meeting SA WG3 Chair report Information Yes
Yes
 		revised No S3‑253065  
    S3‑253065 Report from last SA meeting SA WG3 Chair report Information Yes
Yes
 		noted No   S3‑252925
2.2 SA3-LI Report                      
3 Reports and Liaisons from other Groups S3‑252505 LS on UE parameters update header security C1-253719 LS in   Yes
YesTdoc 924 is a CR related to this issue.
 		postponed No    
    S3‑252506 Reply LS on Security related protocol-specific parameters for N6 delay measurement C3-252543 LS in   Yes
Yes
 		postponed No    
    S3‑252528 LS on Security related protocol-specific parameters for N6 delay measurement Nokia, Nokia Shanghai Bell LS out   Yes
YesEricsson: this is out of scope of 3GPP. Huawei agreed with this.
 		revised No S3‑252927  
    S3‑252927 LS on Security related protocol-specific parameters for N6 delay measurement Nokia, Nokia Shanghai Bell LS out - Yes
Yes
 		noted No   S3‑252528
    S3‑252508 Reply LS on paging ID length C4-252466 LS in   Yes
YesORANGE: they are still taking about the PLMNID and they don’t seem to be aware of the LS from SA plenary.
 		replied to No    
    S3‑252518 Reply LS on paging ID length S2-2505793 LS in   Yes
Yes
 		replied to No    
    S3‑252594 Reply LS on paging ID length OPPO LS out Approval Yes
Yes
 		merged No S3‑252933  
    S3‑252510 O-RAN ALLIANCE - 3GPP collaboration on PQC O-RAN-WG11 LS in   Yes
Yes
 		replied to No    
    S3‑252628 Reply LS to O-RAN ALLIANCE on PQC Huawei, HiSilicon LS out Approval Yes
YesEricsson didn’t find it practical to have a joint meeting with O-RAN.
 		revised No S3‑252928  
    S3‑252928 Reply LS to O-RAN ALLIANCE on PQC Huawei, HiSilicon LS out Approval Yes
Yes
 		approved No   S3‑252628
    S3‑252513 Reply LS on security verification related to NR Femto nodes R3-254031 LS in   Yes
Yes
 		replied to No    
    S3‑252602 Alignment of CAG verification ZTE CR Agreement Yes
Yes
 		merged No S3‑252929  
    S3‑252644 Updates to address comments from RAN in LS R3-254031. Nokia CR Agreement Yes
Yes
 		merged No S3‑252929  
    S3‑252678 Changes based on RAN3 input Huawei, HiSilicon CR Approval Yes
Yes
 		revised No S3‑252929  
    S3‑252929 Changes based on RAN3 input Huawei, HiSilicon CR Approval Yes
Yes
 		agreed No   S3‑252678
    S3‑252601 Reply LS on security verification related to NR Femto nodes ZTE Corporation LS out Approval Yes
Yes
 		merged No S3‑252930  
    S3‑252647 Reply LS to Reply LS on security verification related to NR Femto nodes Nokia LS out Agreement Yes
Yes
 		merged No S3‑252930  
    S3‑252677 Draft Reply LS on security verification related to NR Femto nodes Huawei, HiSilicon LS out Approval Yes
Yes
 		revised No S3‑252930  
    S3‑252930 Reply LS on security verification related to NR Femto nodes Huawei, HiSilicon LS out Approval Yes
Yes
 		approved No   S3‑252677
    S3‑252523 LS to 3GPP about the external data channel content access requirements GSMA LS in   Yes
Yes
 		replied to No    
    S3‑252767 Reply LS to The External Data Channel Content Access Huawei, HiSilicon LS out Approval Yes
Yes
 		revised No S3‑252931  
    S3‑252931 Reply LS to The External Data Channel Content Access Huawei, HiSilicon LS out Approval Yes
Yes
 		approved No   S3‑252767
    S3‑252849 Reply GSMA LS about the external data channel content access requirements Apple LS out   Yes
Yes
 		merged No S3‑252931  
    S3‑252527 LS to SA WG3: Completion of SA3-LI Cryptographic Inventory s3i250445 LS in   Yes
YesHuawei: the SA3 guidelines on crypto inventory are in a TR, but this is making changes on a normative specification. Alex (SA3-LI Chair): this CR was already agreed by SA3 by email. I'm ok if SA3 wants to make a CR to their specifications to align. Huawei agreed that a CR would be good.
 		noted No    
    S3‑252539 LS from GSMA NRG to 3GPP SA3 on further refinements of PRINS GSMA LS in   Yes
YesCableLabs had CRs and a mini WID related.
 		replied to No    
    S3‑252591 Reply LS on further refinements of PRINS CableLabs LS out Approval Yes
Yes
 		revised No S3‑253063  
    S3‑253063 Reply LS on further refinements of PRINS CableLabs LS out Approval Yes
Yes
 		approved No   S3‑252591
    S3‑252540 LS reply on authorization and authentication in Avatar communication S4-251564 LS in   Yes
Yes
 		noted No    
    S3‑252511 Reply LS on D2R message size for inventory response R3-253940 LS in   Yes
Yes
 		noted No    
    S3‑252512 Reply LS on signalling feasibility of dataset and parameter sharing R3-253961 LS in   Yes
Yes
 		noted No    
    S3‑252516 Reply LS on stage 1 requirements for the support for PWS over satellite NGRAN in Rel-17 S2-2505538 LS in   Yes
Yes
 		noted No    
    S3‑252517 Reply LS on AI/ML UE sided data collection S2-2505713 LS in   Yes
Yes
 		noted No    
    S3‑252519 LS on Discreet listening S6-252529 LS in   Yes
Yes
 		noted No    
    S3‑252521 Reply LS on OSAppID usage by AppToken use case SP-250782 LS in   Yes
Yes
 		noted No    
    S3‑252543 LS on consent of draft new Recommendation ITU-T Y.3165 (ex Y.CCO-req) “Requirements of orchestration supporting confidential computing for network slices in IMT-2020 networks and beyond” ITU-T LS in   Yes
Yes
 		noted No    
    S3‑252545 5G-Enabled Timber Manufacturing: Advancing Standards for Digital Traceability, Localization, and Circular Economy Integration 5G-TIMBER Project Consortium LS in   Yes
Yes
 		noted No    
    S3‑252514 LS Response to SA3-LI on RCS lawful intercept requirements (s3i250083) GSMA LS in   Yes
Yes
 		noted No    
    S3‑252524 LS to SA WG1: Identifying a Roamed-In User’s Permanent Subscription Identity by the VPLMN s3i250440 LS in   Yes
Yes
 		noted No    
    S3‑252525 LS to SA WG1: Including a reference to TS 33.126 in TR 22.870 s3i250441 LS in   Yes
Yes
 		noted No    
    S3‑252526 LS to SA WG1: Fixed Wireless Access Stage 1 requirements needed for LI support s3i250442 LS in   Yes
Yes
 		noted No    
    S3‑252536 ProducerSnssaiList conditions and content Nokia CR   Yes
Yes
 		withdrawn Yes    
4 Rel-19 and Maintenance (pre-Rel-19)                      
4.1 Work Items                      
4.1.1 Security Aspects of Ambient IoT Services in 5G S3‑252726 Resolution of EN’s concerning AIOT authentication and command protection. Nokia pCR Approval Yes
Yes
 		merged No S3‑252942  
    S3‑252655 update to authentication procedure Huawei, HiSilicon, Lenovo pCR Approval Yes
Yes
 		merged No S3‑252942  
    S3‑252848 Authentication Procedure for Inventory Only OPPO pCR Approval Yes
Yes
 		merged No S3‑252942  
    S3‑252558 Solution update on Authentication vivo pCR Approval Yes
Yes
 		merged No S3‑252942  
    S3‑252611 Update the clause 5.2 Authentication procedure ZTE Corporation pCR Approval Yes
Yes
 		merged No S3‑252942  
    S3‑252827 Pseudo-CR on Addressing EN in AIoT Authentication Procedure Ericsson pCR Approval Yes
Yes
 		merged No S3‑252942  
    S3‑252806 Addressing Editor’s Notes in the authentication procedure Qualcomm Incorporated pCR Approval Yes
Yes
 		merged No S3‑252942  
    S3‑252807 AIoT specific key bootstrapping procedure Qualcomm Incorporated pCR Approval Yes
Yes
 		merged No S3‑252942  
    S3‑252836 Discussion on general procedure of inventory and command CATT discussion Endorsement Yes
Yes
 		merged No S3‑252942  
    S3‑252837 pCR to TS33.369 Update authentication procedure CATT pCR Approval Yes
Yes
 		merged No S3‑252942  
    S3‑252852 AIoT TS - Addressing EN on RES generation in Authentication procedure Apple pCR   Yes
Yes
 		merged No S3‑252942  
    S3‑252853 AIoT TS - Addressing EN on Authentication anchor in Authentication procedure Apple pCR   Yes
Yes
 		merged No S3‑252942  
    S3‑252863 Addressing ENs in AIoT authentication procedure Beijing Xiaomi Mobile Software pCR Approval Yes
Yes
 		noted No    
    S3‑252942 Addressing ENs in AIoT authentication procedure Beijing Xiaomi Mobile Software pCR Approval Yes
Yes
 		approved No   S3‑252863
    S3‑252865 Clarification on the security for group inventory Beijing Xiaomi Mobile Software pCR Approval Yes
Yes
 		merged No S3‑252942  
    S3‑252847 Authentication Procedure for Command OPPO pCR Approval Yes
Yes
 		merged No S3‑252942  
    S3‑252754 Authentication during command procedure Samsung pCR Approval Yes
Yes
 		merged No S3‑252942  
    S3‑252812 Adding a description of mutual authentication Qualcomm Incorporated pCR Approval Yes
Yes
 		merged No S3‑252942  
    S3‑252656 update to the information protection procedure Huawei, HiSilicon, Lenovo pCR Approval Yes
Yes
 		revised No S3‑252943  
    S3‑252943 update to the information protection procedure Huawei, HiSilicon, Lenovo pCR Approval Yes
Yes
 		approved No   S3‑252656
    S3‑252559 Solution update on command protection vivo pCR Approval Yes
Yes
 		merged No S3‑252943  
    S3‑252612 Update the clause 5.3.3 Input parameters to integrity algorithm ZTE Corporation pCR Approval Yes
Yes
 		merged No S3‑252943  
    S3‑252727 Resolution of EN concerning fixed length ciphertext. Nokia pCR Approval Yes
Yes
 		merged No S3‑252943  
    S3‑252741 Update clause 5.3 in TS 33.369 OPPO pCR Approval Yes
Yes
 		merged No S3‑252943  
    S3‑252755 Resolving EN on KAIOTF key Samsung pCR Approval Yes
Yes
 		merged No S3‑252943  
    S3‑252811 Updates on the command protection Qualcomm Incorporated pCR Approval Yes
Yes
 		merged No S3‑252943  
    S3‑252838 pCR to TS33.369 Update communication procedure CATT pCR Approval Yes
Yes
 		merged No S3‑252943  
    S3‑252866 Addressing ENs of replay attack Beijing Xiaomi Mobile Software pCR Approval Yes
Yes
 		merged No S3‑252943  
    S3‑252560 Solution update on Privacy in individual and group inventory vivo pCR Approval Yes
Yes
 		merged No S3‑252944  
    S3‑252571 Protection of AIoT device identifier privacy during group inventory Sony, Lenovo pCR Approval Yes
Yes
 		merged No S3‑252944  
    S3‑252595 Resolve ENs in Option for Group Inventory Procedure based on filtering OPPO other Approval Yes
Yes
 		merged No S3‑252944  
    S3‑252605 resolving ENs for group inventory ZTE Corporation pCR Approval Yes
Yes
 		merged No S3‑252944  
    S3‑252809 Privacy protection of device ID in group inventory Qualcomm Incorporated pCR Approval Yes
Yes
 		revised No S3‑252944  
    S3‑252944 Privacy protection of device ID in group inventory Qualcomm Incorporated pCR Approval Yes
Yes
 		approved No   S3‑252809
    S3‑252843 pCR to TS33.369 Group inventory procedure CATT pCR Approval Yes
Yes
 		merged No S3‑252944  
    S3‑252572 Protection of AIoT device identifier privacy during Individual inventory Sony pCR Approval Yes
Yes
 		revised No S3‑252946  
    S3‑252946 Protection of AIoT device identifier privacy during Individual inventory Sony pCR Approval Yes
YesShow of hands requested: Hybrid solution? Supports --> Lenovo, Sony, ORANGE, T-Mobile, NTT-Docomo, ZTE, Samsung, KPN, Thales, Nokia, IDC, Lenovo. Doesn’t support --> Huawei, Qualcomm, OPPO, CATT, Ericsson 946 is noted.
 		noted No   S3‑252572
    S3‑252596 Resolve ENs in Option A Individual Inventory Procedure OPPO other Approval Yes
Yes
 		merged No S3‑252945  
    S3‑252597 Resolve ENs in Option B.2 Individual Inventory + Command Procedure OPPO other Approval Yes
Yes
 		merged No S3‑252945  
    S3‑252606 resolving ENs for individual inventory option A ZTE Corporation pCR Approval Yes
Yes
 		merged No S3‑252945  
    S3‑252808 Privacy protection of device ID in individual inventory Qualcomm Incorporated pCR Approval Yes
Yes
 		revised No S3‑252945  
    S3‑252945 Privacy protection of device ID in individual inventory Sony pCR Approval Yes
Yes
 		approved No   S3‑252808
    S3‑252845 pCR to TS33.369 Privacy protection for individual inventory procedure CATT pCR Approval Yes
Yes
 		merged No S3‑252945  
    S3‑252904 Note for guidance for the individual inventory procedure Lenovo pCR Approval Yes
Yes
 		merged No S3‑252945  
    S3‑252603 Discussion on where to calculate a temp ID ZTE Corporation pCR Discussion Yes
Yes
 		noted No    
    S3‑252604 resolving EN on network assigned ID ZTE Corporation pCR Approval Yes
Yes
 		merged No S3‑252945  
    S3‑252731 Resolving Outstanding Issues for Privacy of AIoT vivo discussion Decision Yes
Yes
 		noted No    
    S3‑252756 Structure of the Temporary ID Samsung pCR Approval Yes
Yes
 		noted No    
    S3‑252779 Reply LS on paging ID length CATT LS out Approval Yes
Yes
 		revised No S3‑252933  
    S3‑252933 Reply LS on paging ID length CATT LS out Approval Yes
Yes
 		approved No   S3‑252779
    S3‑252561 Reply LS on S3-252518 vivo LS out Approval Yes
Yes
 		merged No S3‑252933  
    S3‑252828 Issues related to paging all devices, and concurrent paging procedures Ericsson discussion Endorsement Yes
Yes
 		noted No    
    S3‑252829 LS on Issues related to paging all devices, and concurrent paging procedures Ericsson LS out Approval Yes
Yes
 		noted No    
    S3‑252613 Update the scope ZTE Corporation pCR Approval Yes
Yes
 		merged No S3‑252934  
    S3‑252717 Credential storage and processing of credentials ORANGE, Thales pCR Approval Yes
Yes
 		merged No S3‑252934  
    S3‑252728 Correction of TS to reflect the guidance from SA plenary regarding credential storage and processing Nokia pCR Approval Yes
YesDiscussion over whether the TR was ready for approval. ORANGE didn’t find it ready yet. Once this document was approved, it was agreed to send the TR for approval.
 		revised No S3‑253059  
    S3‑253059 Correction of TS to reflect the guidance from SA plenary regarding credential storage and processing Nokia pCR Approval Yes
Yes
 		approved No   S3‑252728
    S3‑252753 Resolving EN on credential storage Samsung pCR Approval Yes
Yes
 		merged No S3‑252934  
    S3‑252805 Updates on storage and processing of credentials requirements on the device Qualcomm Incorporated pCR Approval Yes
Yes
 		merged No S3‑252934  
    S3‑252846 pCR on alignment with SA plenary guidance in SP-250582 NTT DOCOMO INC. pCR Approval Yes
Yes
 		revised No S3‑252934  
    S3‑252934 pCR on alignment with SA plenary guidance in SP-250582 NTT DOCOMO INC. pCR Approval Yes
Yes
 		approved No   S3‑252846
    S3‑252867 Update to AIOT security aspects based on SA guidance Beijing Xiaomi Mobile Software pCR Approval Yes
Yes
 		merged No S3‑252934  
    S3‑252885 PCR-Update clause 4.1 of TS 33.369 China Mobile pCR Approval Yes
Yes
 		revised No S3‑253051  
    S3‑253051 PCR-Update clause 4.1 of TS 33.369 China Mobile pCR Approval Yes
Yes
 		approved No   S3‑252885
    S3‑252557 Key separation requirements on the AIoT device vivo pCR Approval Yes
Yes
 		merged No S3‑252996  
    S3‑252657 update to requirement on device Huawei, HiSilicon, Lenovo pCR Approval Yes
Yes
 		revised No S3‑252996  
    S3‑252996 update to requirement on device Huawei, HiSilicon, Lenovo pCR Approval Yes
Yes
 		approved No   S3‑252657
    S3‑252729 Resolution of EN’s concerning requirements for a random number generator. Nokia pCR Approval Yes
Yes
 		merged No S3‑252996  
    S3‑252792 pCR to TS33.369 Update Requirements related to authentication between device and network CATT pCR Approval Yes
Yes
 		merged No S3‑252996  
    S3‑252810 Updates on command protection in security requirements Qualcomm Incorporated pCR Approval Yes
Yes
 		merged No S3‑252996  
    S3‑252834 pCR to TS33.369 Update Requirements for command protection CATT pCR Approval Yes
Yes
 		merged No S3‑252996  
    S3‑252835 pCR to TS33.369 Update Requirements for identifier privacy CATT pCR Approval Yes
Yes
 		merged No S3‑252996  
    S3‑252840 pCR on device identifier privacy requirement NTT DOCOMO INC. pCR Approval Yes
Yes
 		merged No S3‑252996  
    S3‑252855 AIoT TS - Security Requirements for AIoT devices Apple pCR   Yes
Yes
 		merged No S3‑252996  
    S3‑252857 Update requirements on AIOT privacy OPPO pCR Approval Yes
Yes
 		merged No S3‑252996  
    S3‑252864 Update to the requirements related to the authentication Beijing Xiaomi Mobile Software pCR Approval Yes
Yes
 		merged No S3‑252996  
    S3‑252878 Security requirements to AIoT Device OPPO pCR Approval Yes
Yes
 		merged No S3‑252996  
    S3‑252886 PCR-Update clause 4.2.1.4  of TS 33.369 China Mobile pCR Approval Yes
Yes
 		merged No S3‑252996  
    S3‑252592 content to clause 4.2.2.1 requirement on authentication OPPO pCR Approval Yes
Yes
 		merged No S3‑252997  
    S3‑252608 Update the clause 4.2.2 Requirements on the AIOTF ZTE Corporation pCR Approval Yes
Yes
 		revised No S3‑252997  
    S3‑252997 Update the clause 4.2.2 Requirements on the AIOTF ZTE Corporation pCR Approval Yes
Yes
 		approved No   S3‑252608
    S3‑252658 update to requirement on AIOTF Huawei, HiSilicon, Lenovo pCR Approval Yes
Yes
 		merged No S3‑252997  
    S3‑252854 AIoT TS - Security Requirements for AIOTF Apple pCR   Yes
Yes
 		merged No S3‑252997  
    S3‑252887 PCR-Update clause 4.2.3 of TS 33.369 China Mobile pCR Approval Yes
Yes
 		revised No S3‑252998  
    S3‑252998 PCR-Update clause 4.2.3 of TS 33.369 China Mobile pCR Approval Yes
Yes
 		approved No   S3‑252887
    S3‑252609 Update the clause 4.2.3 Requirements on the ADM ZTE Corporation pCR Approval Yes
Yes
 		merged No S3‑252998  
    S3‑252659 update to requirement on ADM Huawei, HiSilicon, Lenovo pCR Approval Yes
Yes
 		merged No S3‑252998  
    S3‑252844 Security requirements to AIOT ADM OPPO pCR Approval Yes
Yes
 		merged No S3‑252998  
    S3‑252856 AIoT TS - Security Requirements for ADM Apple pCR   Yes
Yes
 		merged No S3‑252998  
    S3‑252610 Update the clause 4.2.4 Security Requirements on the NG-RAN ZTE Corporation pCR Approval Yes
Yes
 		merged No S3‑252999  
    S3‑252660 update to requirement on NG-RAN Huawei, HiSilicon, Lenovo pCR Approval Yes
Yes
 		merged No S3‑252999  
    S3‑252880 Security requirements to AIoT NG RAN OPPO pCR Approval Yes
Yes
 		revised No S3‑252999  
    S3‑252999 Security requirements to AIoT NG RAN OPPO pCR Approval Yes
Yes
 		approved No   S3‑252880
    S3‑252888 PCR-Update clause 4.2.4 of TS 33.369 China Mobile pCR Approval Yes
Yes
 		merged No S3‑252999  
    S3‑252607 abbr and edtorial update to TS 33.369 ZTE Corporation pCR Approval Yes
Yes
 		not treated No    
    S3‑252661 New clause for security related services Huawei, HiSilicon, Lenovo pCR Approval Yes
Yes
 		not treated No    
    S3‑252909 Outstanding Issues in AIoT OPPO discussion Endorsement Yes
YesCMCC wanted to extend the scope to any kind of 5G private network. ORANGE,NTT-Docomo: private networks in 3GPP are NPN. The Chair proposed to make changes in the WID, TS and scope to reflect these changes. This was agreed. AUTHENTICATION FOR THE INVENTORY PROCEDURE There was a show of hands in the following options for authentication during the inventory procedure: Root key: Lenovo, CMCC, Sony,Apple, OPPO, Vivo,Xiaomi, Ericsson, Huawei, CATT, Nokia, Thales Intermediate key: NTT-Docomo, ZTE, Qualcomm, Phillips, KPN The Chair suggested going for the Root Key option, and adding that there will be a single root key per UE per security domain. On question 4: whether device generated RAND is needed during group inventory procedure. It was pointed out that there should be a distinction between individual inventory and group inventory. Show of hands for group inventory: Needed: CMCC, Phillips, Vivo, OPPO, Apple,Huawei, Nokia, Ericsson,Xiaomi, CATT,ZTE Not needed: Sony, ORANGE, Thales, Lenovo. On question 4: whether device generated RAND is needed for authentication during the inventory procedure. Individual inventory. Show of hands: In favour: Lenovo, Phillips, Vivo, NTT-Docomo, Apple, Xiaomi, ZTE, OPPO, Qualcomm, Huawei, CATT, Ericsson Against: ORANGE, Sony, Thales, CMCC. The Chair suggested to go for using the RAND. Qualcomm sustained their objection. On question 3: whether ADM or AIOTF performs RES comparison, the Chair proposed another show of hands. ADM performs RES comparison: Sony, Xiaomi, Lenovo, CATT, Apple, Qualcomm. AiOTF: CMCC, ORANGE, Vivo, OPPO, ZTE, Thales, Huawei, Ericsson, Nokia, Philips. The Chair suggested going for the AiOTF performign the RES comparisons. Question 2: RAND generated at the ADM or AiOTF. ADM: NTT-Docomo, Lenovo, CMCC, OPPO, Vivo, Apple, Qualcomm, ORANGE, Thales, Ericsson, Huawei, CATT. AiOTF: Sony, Xiaomi, ZTE. The Chair suggested that the ADM generated the RAND. AUTHENTICATION FOR THE COMMAND PROCEDURE ORANGE: these questions aren't security specific, these are designed to choose a solution so let's vote o nthe solutions. Question 2 show of hands: network authentication explicit or implicit? Explicit: OPPO Implicit: Sony, Huawei, Lenovo, Vivo, CMCC, CATT,Xiaomi, Samsung, Qualcomm, Ericsson. The Chair suggested to have the network authentication implicit.This was the way forward. Question 3: replay protection needed? SA3 assumes there is only one command. This was agreed. Multiple command: it becomes too complex. ID PROTECTION Xiaomi: we should ask whether ID protection is supported or not. Agreed questions beforehand: Privacy protection needed to be specified in Rel-19? Not needed --> Xiaomi, Huawei, ORANGE, OPPO Needed to be specified and mandatory? Lenovo, NTT-Docomo, Sony, Ericsson Needed and optional? ORANGE, CMCC, CATT,OPPO,Vivo, Samsung, ZTE, KPN, ORANGE, Thales, Huawei, Nokia. CATT, Qualcomm, Apple The Chair suggested to specify privacy protection in Rel-19 and optional. Question 1--> Root key used for verifying temp ID? Lenovo, OPPO, Huawei, Sony, Nokia, CATT, CMCC, Phillips, Ericsson, Vivo, Qualcomm Intermediate key? NTT-Docomo, ZTE, ORANGE The Chair suggested to go for the root key. This was approved as way forward. Question 2--> Huawei, Qualcomm commented that this wasn’t needed anymore. Question 3--> Addressing scenario of multiple fake paging requests?
 		noted No    
    S3‑252507 Reply LS on AIoT device identifier length C4-252465 LS in   Yes
Yes
 		noted No    
    S3‑252515 Reply to LS on power and energy consumption budget for security features in A-IoT RP-251886 LS in   Yes
YesORANGE: RAN2 making decisions about AS security? This is up to SA3.
 		noted No    
    S3‑252520 Reply LS on secure storage and processing of credentials for AIoT ETSI TC SET LS in   Yes
Yes
 		replied to No    
    S3‑252522 LS on AIoT device credentials storage SP-250852 LS in   Yes
Yes
 		noted No    
    S3‑252593 Resolve ENs on device security storage of credentials OPPO pCR Approval No
Yes
 		withdrawn Yes    
    S3‑252730 LS reply to LS on secure storage and processing of credentials for AIoT Nokia LS out Approval Yes
Yes
 		revised No S3‑252932  
    S3‑252932 LS reply to LS on secure storage and processing of credentials for AIoT Nokia LS out Approval Yes
Yes
 		approved No   S3‑252730
    S3‑252889 Update clause 4.2.2  of TS 33.369 China Mobile pCR Approval No
Yes
 		withdrawn Yes    
    S3‑252935 Revised WID AmbientIoT-SEC OPPO WID revised Agreement Yes
Yes
 		agreed No    
    S3‑252941 Draft TS 33.369 OPPO draft TS Approval No
Yes
 		email approval No    
    S3‑253047 Reply LS on security parameter in paging request message R2-2506465 LS in discussion Yes
Yes
 		noted No    
    S3‑253060 Cover sheet TS 33.369 OPPO TS or TR cover Approval Yes
Yes
 		approved No    
4.1.2 All other WIs (not listed above) S3‑252614 Update the description of the Femto architecture ZTE CR Agreement Yes
Yes
 		agreed No    
    S3‑252646 Figure 4.1.1 updates missing from CR S3-252011 Nokia CR Agreement Yes
Yes
 		agreed No    
    S3‑252688 Editorial change to clause 5.1 in TS 33544 Huawei, HiSilicon CR Approval Yes
Yes
 		agreed No    
    S3‑252736 Remove duplicated descriptions about authorization in multi-hop relay China Telecom CR   Yes
YesIssues on the cover page.
 		revised No S3‑252969  
    S3‑252969 Remove duplicated descriptions about authorization in multi-hop relay China Telecom CR - Yes
Yes
 		agreed No   S3‑252736
    S3‑252839 Revision of two errors in TS 33.501 China Mobile Com. Corporation CR Approval Yes
Yes
 		agreed No    
    S3‑252842 Processing and storage capabilities on board satellites Thales CR Agreement Yes
YesT-Mobile: remove the "may" as it sounds normative.
 		revised No S3‑252936  
    S3‑252936 Processing and storage capabilities on board satellites Thales CR Agreement Yes
Yes
 		agreed No   S3‑252842
    S3‑252747 Correction of PKIHeader Ericsson CR Agreement Yes
Yes
 		agreed No    
    S3‑252749 Correction of PKIHeader Ericsson CR Agreement Yes
Yes
 		agreed No    
    S3‑252573 IANA registration information for ACME Google Korea LLC CR Approval Yes
Yes
 		revised No S3‑252937  
    S3‑252937 IANA registration information for ACME Google Korea LLC CR Approval Yes
Yes
 		agreed No   S3‑252573
    S3‑252662 Clarification on X.12 Huawei, HiSilicon CR Agreement Yes
Yes
 		revised No S3‑252938  
    S3‑252938 Clarification on X.12 Huawei, HiSilicon CR Agreement Yes
Yes
 		agreed No   S3‑252662
    S3‑252833 Supplement to TS 33.501: privacy-preserving sample alignment for VFL participants via NEF China Mobile Com. Corporation CR Approval Yes
YesEricsson disagreed: this maintenance CR is introducing a new solution for a study that was closed. Nokia supported this. Huawei: not a correction. ZTE,Vivo: not needed.
 		not pursued No    
    S3‑252535 Reference update Nokia CR   Yes
Yes
 		agreed No    
    S3‑252631 Removing EN in clause 6.5.3.4 of TS 33.122 Huawei, HiSilicon CR Agreement Yes
YesNokia didn’t agree with removing the Ens.
 		revised No S3‑252939  
    S3‑252939 Removing EN in clause 6.5.3.4 of TS 33.122 Huawei, HiSilicon CR Agreement Yes
Yes
 		agreed No   S3‑252631
    S3‑252782 Security of Open Discover Service APIs Procedure Ericsson CR Agreement Yes
YesHuawei: never discussed in the study, we need a WID for this. We finished the CAPIF WID already. Lenovo agreed that this wasn't studied at all. Xiaomi: move this to CAPIF phase 4.
 		not pursued No    
    S3‑252862 Resolve EN related to purpose of data processing Xiaomi, Nokia CR Agreement Yes
Yes
 		merged No S3‑252939  
    S3‑252876 Updating tables for token claims and access token request Ericsson CR Agreement Yes
YesNokia: I want to see alignment with CT3.
 		revised No S3‑252940  
    S3‑252940 Updating tables for token claims and access token request Ericsson CR Agreement Yes
Yes
 		agreed No   S3‑252876
    S3‑252877 Clarification on interaction with the resource owner Ericsson, AT&T CR Agreement Yes
YesHuawei disagreed with this change. Lenovo: this is not clarifying the issue. Nokia: if the update is needed, let's do it in phase 4.
 		not pursued No    
    S3‑252814 Mandating AEAD ciphersuites for TLS 1.2 Qualcomm Incorporated CR Agreement Yes
YesPhillips had issues with this and the following CRs on the subject. Ericsson also had issues and proposed to postpone to have more time to analyse it.
 		not pursued No    
    S3‑252815 Addressing ambiguities in clause 6.2.3 Qualcomm Incorporated CR Agreement Yes
Yes
 		not pursued No    
    S3‑252816 Addressing ambiguities in clause 6.2.3 Qualcomm Incorporated CR Agreement Yes
Yes
 		not pursued No    
    S3‑252817 Addressing ambiguities in clause 6.2.3 Qualcomm Incorporated CR Agreement Yes
Yes
 		not pursued No    
    S3‑252553 Clarification on N6 delay measurement security Ericsson CR Agreement Yes
YesConcerns from Niokia. Out of scope of what was done in the study.
 		not pursued No    
    S3‑252891 Security of IMS avatar communication - receiving UE ID verification Philips International B.V. draftCR Approval Yes
Yes
 		noted No    
    S3‑252892 Security of IMS avatar communication - providing the authorization token to the receiving UE Philips International B.V. draftCR Approval Yes
Yes
 		revised No S3‑253056  
    S3‑253056 Security of IMS avatar communication - providing the authorization token to the receiving UE Philips International B.V. draftCR Approval Yes
Yes
 		approved No   S3‑252892
    S3‑252894 Living document for NG_RTC_SEC_Ph2: draftCR to TS 33.328, Security of IMS avatar communication Ericsson, Huawei, HiSilicon, Nokia, Nokia Shanghai Bell, Philips International B.V. draftCR Approval Yes
Yes
 		revised No S3‑253057  
    S3‑253057 Living document for NG_RTC_SEC_Ph2: draftCR to TS 33.328, Security of IMS avatar communication Ericsson, Huawei, HiSilicon, Nokia, Nokia Shanghai Bell, Philips International B.V. draftCR Approval No
Yes
 		email approval No   S3‑252894
    S3‑252653 Security handling where CU is acting as MN and SN is unchanged Huawei, HiSilicon CR Approval Yes
Yes
 		agreed No    
    S3‑252654 editorial change and alignment to LTM procedure Huawei, HiSilicon CR Approval Yes
Yes
 		revised No S3‑252947  
    S3‑252947 editorial change and alignment to LTM procedure Huawei, HiSilicon CR Approval Yes
Yes
 		agreed No   S3‑252654
    S3‑252738 NSCI handling during LTM procedure LG Electronics CR Approval Yes
Yes
 		agreed No    
    S3‑252739 Clarification on handling mismatch of security capabilities LG Electronics CR Approval Yes
Yes
 		merged No S3‑252947  
    S3‑252751 Correction to security mechanism and procedures for L1/L2 Triggered Mobility Samsung CR Agreement Yes
Yes
 		revised No S3‑252948  
    S3‑252948 Correction to security mechanism and procedures for L1/L2 Triggered Mobility Samsung CR Agreement Yes
Yes
 		agreed No   S3‑252751
    S3‑252752 Revised WID on security aspects of NR mobility enhancement Samsung WID revised Approval Yes
Yes
 		noted No    
    S3‑252787 Modification on the description of Nnrf_AccessToken_RetrieveKey Service Operation Huawei, HiSilicon CR Agreement Yes
YesNokia proposed to reword the definition instead. Ericsson didn’t agree with the CR.
 		revised No S3‑252949  
    S3‑252949 Modification on the description of Nnrf_AccessToken_RetrieveKey Service Operation Huawei, HiSilicon CR Agreement No
Yes
 		not pursued No   S3‑252787
    S3‑252917 Firmware/BIOS acces to Privileged Users Department of Telecom CR Approval Yes
YesEricsson didn’t agree with this change.
 		not pursued No    
    S3‑252974 Firmware/BIOS acces to Privileged Users Department of Telecom draftCR Approval Yes
Yes
 		approved No    
    S3‑252803 Correcting the RRC replay test case to remove the UP packets text Qualcomm Incorporated CR Agreement Yes
YesTdoc 588 (MITRE) made a similar change for Rel-20.
 		revised No S3‑252950  
    S3‑252950 Correcting the RRC replay test case to remove the UP packets text Qualcomm Incorporated CR Agreement Yes
Yes
 		agreed No   S3‑252803
    S3‑252804 Correcting the UP replay test case to remove the response messages Qualcomm Incorporated CR Agreement Yes
Yes
 		revised No S3‑252951  
    S3‑252951 Correcting the UP replay test case to remove the response messages Qualcomm Incorporated CR Agreement Yes
Yes
 		agreed No   S3‑252804
    S3‑252541 Revision of TS 33.326 Rel 17 T-Mobile USA Inc., Ericson CR Approval Yes
Yes
 		not pursued No    
    S3‑252542 Revision of TS 33.326 Rel 18 T-Mobile USA Inc. CR Approval Yes
YesHuawei preferred to see this in Rel-18 only.
 		agreed No    
    S3‑252582 Correct mutual authentication requirement MITRE-FFRDC CR Approval Yes
YesHuawei didn’t find this necessary.
 		revised No S3‑252952  
    S3‑252952 Correct mutual authentication requirement MITRE-FFRDC CR Approval Yes
Yes
 		agreed No   S3‑252582
    S3‑252796 Ensuring the AMF selects an algorithm supported by the UE Qualcomm Incorporated CR Agreement Yes
YesEricsson: impact on stage 3? Huawei: we are not in favour of touching this old text unless there is confusion in stage 3. Otherwise, they suggested a rewording.
 		revised No S3‑252953  
    S3‑252953 Ensuring the AMF selects an algorithm supported by the UE Qualcomm Incorporated CR Agreement Yes
Yes
 		agreed No   S3‑252796
    S3‑252797 Clarifications for the AS algorithm selection text Qualcomm Incorporated CR Agreement Yes
Yes
 		revised No S3‑252954  
    S3‑252954 Clarifications for the AS algorithm selection text Qualcomm Incorporated CR Agreement Yes
Yes
 		agreed No   S3‑252797
    S3‑252798 Correcting the message names in the inactive to connected state change Qualcomm Incorporated CR Agreement Yes
Yes
 		agreed No    
    S3‑252799 Correct the keynames in clause 6.9.4.1 Qualcomm Incorporated CR Agreement Yes
Yes
 		agreed No    
    S3‑252800 Correcting the storage of EPS NAS algorithms Qualcomm Incorporated CR Agreement Yes
Yes
 		not pursued No    
    S3‑252801 Clarifying algorithm selection in clause 8.4.2 Qualcomm Incorporated CR Agreement Yes
Yes
 		not pursued No    
    S3‑252802 Clarifying the handling of the selected EPS NAS algorithms Qualcomm Incorporated CR Agreement Yes
Yes
 		not pursued No    
    S3‑252823 JWS profile requirements alignment by use case Ericsson CR Agreement Yes
Yes
 		revised No S3‑252955  
    S3‑252955 JWS profile requirements alignment by use case Ericsson CR Agreement Yes
Yes
 		agreed No   S3‑252823
    S3‑252824 New JWS profile for access tokens Ericsson CR Agreement Yes
YesHuawei: x5t is not mentioned anywhere in 3GPP. We don’t agree with it. NCSC: we can introduce it and mention it.
 		merged No S3‑252955  
    S3‑252825 JWE profile requirements alignment by use case Ericsson CR Agreement Yes
Yes
 		revised No S3‑253033  
    S3‑253033 JWE profile requirements alignment by use case Ericsson CR Agreement Yes
Yes
 		agreed No   S3‑252825
    S3‑252826 Remove duplicate JWE requirements for N32 interface Ericsson CR Agreement Yes
Yes
 		revised No S3‑253034  
    S3‑253034 Remove duplicate JWE requirements for N32 interface Ericsson CR Agreement Yes
Yes
 		agreed No   S3‑252826
    S3‑252924 Alignment CR for UPU Header Security Lenovo CR Approval Yes
YesEricsson: we usually don’t refer to stage 3. If it's taken care of over there we don’t refer to them.
 		revised No S3‑252926  
    S3‑252926 Alignment CR for UPU Header Security Lenovo CR Approval Yes
Yes
 		not pursued No   S3‑252924
    S3‑252529 XRM IANA Label registration removal Nokia CR   Yes
YesEricsson didn’t agree with these changes.
 		not pursued No    
    S3‑252530 Forwarding Action Rule procedure correction Nokia CR   Yes
YesEricsson commented that it should be AS instead of AF. They suggested some rewording.
 		revised No S3‑253058  
    S3‑253058 Forwarding Action Rule procedure correction Nokia CR - Yes
Yes
 		agreed No   S3‑252530
    S3‑252544 [33.180] Terminology alignment on Logging, Recording, Replay and Discreet Monitoring Airbus CR Approval No
Yes
 		withdrawn Yes    
    S3‑252734 Remove duplicated descriptions about authorization in multi-hop relay China Telecommunications Corp. CR   Yes
Yes
 		withdrawn Yes    
    S3‑253055 Security of IMS avatar communication Ericsson CR Agreement No
Yes
 		email approval No    
4.2 Study Items                      
4.2.1 Study on security Aspect of Ambient IoT Services in 5G S3‑252716 Revision of two errors in TR 33.713 China Mobile Com. Corporation pCR Approval Yes
Yes
 		approved No    
    S3‑252905 AIoT TR Disclaimer OPPO, Thales, Orange pCR Approval Yes
Yes
 		approved No    
    S3‑252906 AIoT TR Clean Up OPPO pCR Approval Yes
YesMCC: reword "expected", as the document is finished. Remove references to SA2 and refer to their TR instead. ORANGE: no further evaluation is done instead of not addressed. These changes will be incorporated in the next version of the TR.
 		approved No    
    S3‑252907 Cover for TR 33.713 OPPO TS or TR cover Approval Yes
Yes
 		revised No S3‑253000  
    S3‑253000 Cover for TR 33.713 OPPO TS or TR cover Approval Yes
Yes
 		approved No   S3‑252907
    S3‑253001 Draft TR 33.713 OPPO draft TR Approval Yes
Yes
 		approved No    
4.2.2 All other SIs (not listed above) S3‑252599 Editoral change of clause 6.5.1 and add a title for clause 6.6.2 OPPO, Samsung CR Approval Yes
Yes
 		agreed No    
    S3‑252735 Supplementing TR 33.938 with the SRTP Security Protocol China Mobile Com. Corporation CR Approval Yes
YesMCC commented that the SID was over and no new content was allowed. It was agreed that this could go as a correction instead of introduction of a new feature. Some corrections were also suggested to the cover page. Nokia: remove last line. Huawei commented that the content should follow the template used in the TR. Tables should also be added. It was commented that TS 33.328 should be marked as a 5G specification in the Portal.
 		not pursued No    
    S3‑252765 Revision of two errors in TR 33.700-22 China Mobile Com. Corporation CR Approval Yes
Yes
 		revised No S3‑253035  
    S3‑253035 Revision of two errors in TR 33.700-22 China Mobile Com. Corporation CR Approval Yes
Yes
 		agreed No   S3‑252765
    S3‑252783 Reorder table rows alphabetically in TR 33.938 Huawei, HiSilicon CR Agreement Yes
Yes
 		merged No S3‑253036  
    S3‑252784 Editorial changes to TR 33.938 Huawei, HiSilicon CR Agreement Yes
Yes
 		revised No S3‑253036  
    S3‑253036 Adding references, formatting tables and providing corrections to 4.2.12 for TR 33.938 Huawei, HiSilicon CR Agreement Yes
Yes
 		agreed No   S3‑252784
    S3‑252785 Adding MOBILE protocol to the inventory list Huawei, HiSilicon CR Agreement Yes
Yes
 		not pursued No    
    S3‑252786 Revision of two errors in TR 33.790 China Mobile Com. Corporation CR Approval Yes
Yes
 		agreed No    
    S3‑252818 Adding missing references in 33.938 Qualcomm Incorporated CR Agreement Yes
Yes
 		merged No S3‑253036  
    S3‑252819 Minor Typos and Consistency-related Edits Qualcomm Incorporated CR Agreement Yes
Yes
 		merged No S3‑253036  
    S3‑252851 Revise the description on “SMS over NAS” Apple, Nokia CR   Yes
Yes
 		merged No S3‑253036  
    S3‑253049 Revise the description on “SMS over NAS” Apple, Nokia other - No
Yes
 		withdrawn Yes    
5 Rel-20 topics                      
5.1 Work Items (Approved)                      
5.1.1 Security related Events Handling S3‑252547 Security related Events Handling VODAFONE draft TS Approval Yes
Yes
 		approved No    
    S3‑252548 Security related Events Handling Overview Vodafone, Verizon, T-Mobile US, CMCC, NTT DOCOMO, Telecom Italia, AT&T, BT, Charter Communications, Deutsche Telekom pCR Approval Yes
YesEricsson: management uses SBMA, not SBA.The caption of the figure reads that this is an example, it could be interpreted as a normative figure; it should be put in an Annex or adding a clarification.
 		revised No S3‑252992  
    S3‑252992 Security related Events Handling Overview Vodafone, Verizon, T-Mobile US, CMCC, NTT DOCOMO, Telecom Italia, AT&T, BT, Charter Communications, Deutsche Telekom pCR Approval Yes
Yes
 		approved No   S3‑252548
    S3‑252549 pCR to TS 33.502 - Collection requirements for Security related Events China Mobile, AT&T, Vodafone, T-Mobile US, NTT DOCOMO, BT, Verizon, Telecom Italia, Charter Communications, Deutsche Telekom pCR Approval Yes
YesHuawei: implementation specific and ambiguous.Merge in 993.
 		merged No S3‑252993  
    S3‑252550 pCR to TS 33.502 - Configuration requirements for Security related Events Vodafone, Verizon, T-Mobile US, CMCC, NTT DOCOMO, Telecom Italia, AT&T, BT, Charter Communications, Deutsche Telekom pCR Approval Yes
YesHuawei: we prefer to wait for configuration aspects to be clarified by SA5.
 		revised No S3‑252994  
    S3‑252994 pCR to TS 33.502 - Configuration requirements for Security related Events Vodafone, Verizon, T-Mobile US, CMCC, NTT DOCOMO, Telecom Italia, AT&T, BT, Charter Communications, Deutsche Telekom pCR Approval Yes
Yes
 		approved No   S3‑252550
    S3‑252551 pCR to TS 33.502 - General requirements for Security related Events China Mobile, AT&T, Vodafone, T-Mobile US, NTT DOCOMO, BT, Verizon, Telecom Italia, Charter Communications, Deutsche Telekom pCR Approval Yes
Yes
 		revised No S3‑252993  
    S3‑252993 pCR to TS 33.502 - General requirements for Security related Events China Mobile, AT&T, Vodafone, T-Mobile US, NTT DOCOMO, BT, Verizon, Telecom Italia, Charter Communications, Deutsche Telekom pCR Approval Yes
Yes
 		approved No   S3‑252551
    S3‑252552 pCR to TS 33.502 - Delivery requirements for Security related Events Vodafone, Verizon, T-Mobile US, CMCC, NTT DOCOMO, Telecom Italia, AT&T, BT, Charter Communications, Deutsche Telekom pCR Approval Yes
Yes
 		revised No S3‑252995  
    S3‑252995 pCR to TS 33.502 - Delivery requirements for Security related Events Vodafone, Verizon, T-Mobile US, CMCC, NTT DOCOMO, Telecom Italia, AT&T, BT, Charter Communications, Deutsche Telekom pCR Approval Yes
Yes
 		approved No   S3‑252552
    S3‑252725 pCR for security related events requirements in TS 33.502 China Telecom Corporation Ltd. pCR Approval Yes
YesEricsson: configuration capability term is unclear.
 		merged No S3‑252994  
    S3‑252895 Pseudo-CR on security related event requirements Ericsson pCR Approval Yes
YesHuawei: better not to start numbering requirements, we don’t do this. Vodafone:security related events, don't mention event logs. Vodafone: let's split the content. First requirement in 993, second in 994 and third requirement in the revision of 552.
 		merged No S3‑252994  
    S3‑252896 Pseudo-CR on protection of security related events Ericsson pCR Approval Yes
Yes
 		merged No S3‑252995  
    S3‑252923 pCR for TS 33.502 - Security related Events Requirement for Retention IIT Bombay pCR Approval Yes
YesHuawei: it's too implementation specific. SA5 will be looking into this. I propose to wait and learn more about the configuration without speculating how SA5 is going to do this.
 		merged No S3‑252994  
    S3‑252913 pCR to TS 33.502 - Security related Events for Reconnaissance IIT Bombay pCR Approval Yes
YesHuawei: too much content and mixing up concepts. This is going a bit beyond the scope of the WID (TLS handshake is not in scope).
 		noted No    
    S3‑252914 pCR to TS 33.502 - Security related Events for Patch Updates IIT Bombay pCR Approval Yes
YesEricsson wasn’t sure that this was in scope of the WID.Huawei agreed.
 		noted No    
    S3‑252915 pCR to TS 33.502 - Security related Events for Authorization and Authentication IIT Bombay pCR Approval Yes
Yes
 		noted No    
    S3‑252750 Security related events for API security risks Nokia pCR Approval Yes
YesHuawei: out of scope of the WID.Ericsson supported this comment.
 		noted No    
    S3‑252627 pCR for security related events requirements in TS 33.502 China Telecom Corporation Ltd. pCR   Yes
Yes
 		withdrawn Yes    
    S3‑252991 Draft TS 33.502 Vodafone draft TS Approval No
Yes
 		email approval No    
5.1.2 New WID on Mission Critical security S3‑252676 Clarification about security for MC over IOPS Huawei, HiSilicon CR Agreement Yes
Yes
 		revised No S3‑253002  
    S3‑253002 Clarification about security for MC over IOPS Huawei, HiSilicon CR Agreement No
YesPostponed to the next meeting.
 		not pursued No   S3‑252676
    S3‑252788 Providing additional clarifications on MCData for Overview, Key management and One to-one- Communications subclauses based on TS 23.280 Huawei, HiSilicon CR Approval Yes
Yes
 		revised No S3‑252985  
    S3‑252985 Providing additional clarifications on MCData for Overview, Key management and One to-one- Communications subclauses based on TS 23.280 Huawei, HiSilicon CR Approval Yes
Yes
 		agreed No   S3‑252788
    S3‑252789 Adding a new subclause on Private One-to-One and Point-to-Point MCData communications to the MCData clause Huawei, HiSilicon CR Approval Yes
Yes
 		revised No S3‑252986  
    S3‑252986 Adding a new subclause on Private One-to-One and Point-to-Point MCData communications to the MCData clause Huawei, HiSilicon CR Approval Yes
Yes
 		agreed No   S3‑252789
5.1.3 New WID on Security Assurance Specification for 5G-Advanced S3‑252579 Add test case on access token subject verification MITRE-FFRDC, US National Security Agency CR Approval Yes
Yes
 		not pursued No    
    S3‑253015 Add test case on access token subject verification MITRE-FFRDC, US National Security Agency other Approval Yes
YesThe content will be merged into the living document.
 		approved No    
    S3‑252580 Add a threat on access token subject verification MITRE-FFRDC, US National Security Agency CR Approval Yes
YesContent is agreed and will go to the draft C in S3-253017.
 		not pursued No    
    S3‑252581 Discussion on update of SCAS access token verification MITRE-FFRDC discussion Discussion Yes
Yes
 		noted No    
    S3‑252583 Update TC on account protection MITRE-FFRDC, Deutsche Telekom, BSI (DE) CR Approval Yes
Yes
 		not pursued No    
    S3‑252584 Correct test case on GTP filtering MITRE-FFRDC, Deutsche Telekom, BSI (DE) CR Approval Yes
YesContent is agreed and merged in to the draft CR.
 		not pursued No    
    S3‑252585 Update TC on unnecessary services to include SS7 and SIGTRAN MITRE-FFRDC, Deutsche Telekom, BSI (DE) CR Approval Yes
YesContent is agreed and merged in to the draft CR.
 		not pursued No    
    S3‑252586 Update TC on Security event logging to include sensitive file access MITRE-FFRDC, Deutsche Telekom, BSI (DE) CR Approval Yes
Yes
 		not pursued No    
    S3‑252587 Update TC on restricted reachability of services MITRE-FFRDC CR Approval Yes
Yes
 		revised No S3‑253018  
    S3‑253018 Update TC on restricted reachability of services MITRE-FFRDC CR Approval Yes
YesContent is agreed and merged in to the draft CR.
 		not pursued No   S3‑252587
    S3‑252588 Correction of TC on gNB replay protection MITRE-FFRDC CR Approval Yes
Yes
 		merged No S3‑252950  
    S3‑252696 Clarification on SMP China Telecommunications Corp.,CAICT CR Approval Yes
Yes
 		withdrawn Yes    
    S3‑252697 Clarification on expected results for synchronization failure handling China Telecom, CAICT CR Approval Yes
YesConverted into a living document in 3019.
 		not pursued No    
    S3‑253019 Living document TS 33.512 SCAS Huawei draftCR Approval No
Yes
 		email approval No    
    S3‑252698 Adding NOTE to web server tests related to configuration files BSI (DE) CR Approval Yes
Yes
 		revised No S3‑253020  
    S3‑253020 Adding NOTE to web server tests related to configuration files BSI (DE) CR Approval Yes
YesContent is agreed and merged into the draft CR.
 		not pursued No   S3‑252698
    S3‑252699 Clarification of TC_IE_VALUE_FORMAT BSI (DE), Montsecure CR Approval Yes
Yes
 		revised No S3‑253021  
    S3‑253021 Clarification of TC_IE_VALUE_FORMAT BSI (DE), Montsecure CR Approval Yes
YesContent is agreed and merged into the draft CR.
 		not pursued No   S3‑252699
    S3‑252700 Clarification of HTTP response codes for TC_NO_UNUSED_HTTP_METHODS BSI (DE), Montsecure CR Approval Yes
Yes
 		not pursued No    
    S3‑252701 Correction of test names and references in 33.216 BSI (DE) CR Approval Yes
Yes
 		revised No S3‑253022  
    S3‑253022 Correction of test names and references in 33.216 BSI (DE) CR Approval Yes
YesCotent will be merged into the draft CR.
 		not pursued No   S3‑252701
    S3‑252702 Adaption of test steps according to requirements in 33.216 BSI (DE) CR Approval Yes
YesContent merged into the living document
 		not pursued No    
    S3‑252703 Correction of references in 33.511 BSI (DE) CR Approval Yes
YesContent merged into the living document.
 		not pursued No    
    S3‑252704 Clarification of TC_SYNC_FAIL_SEAF_AMF BSI (DE), Montsecure CR Approval Yes
YesContent merged into the living document.
 		not pursued No    
    S3‑252705 Add test cases to ensure protection of initial NAS message in registration procedure BSI (DE), Montsecure CR Approval Yes
Yes
 		revised No S3‑252893  
    S3‑252706 Add test case that verifies if the AUSF processes RES* failures correctly BSI (DE), Montsecure CR Approval Yes
Yes
 		not pursued No    
    S3‑252707 Add threat description about the implications of the AUSF not validating RES* correctly BSI (DE), Montsecure CR Approval Yes
Yes
 		not pursued No    
    S3‑252708 New NRF test case for validating timestamp of CCA BSI (DE), Montsecure CR Approval Yes
Yes
 		not pursued No    
    S3‑253026 New NRF test case for validating timestamp of CCA BSI (DE), Montsecure other Approval Yes
Yes
 		approved No    
    S3‑252709 Add additional TLS tests to TC_CP_AUTH_AF_NEF BSI (DE) CR Approval Yes
Yes
 		not pursued No    
    S3‑252718 Clarification on SMP China Telecom, CAICT CR Approval Yes
Yes
 		revised No S3‑253028  
    S3‑253028 Clarification on SMP China Telecom, CAICT CR Approval Yes
YesMerged into the living document,
 		not pursued No   S3‑252718
    S3‑252771 Corrections to 33.513 based on GSMA NESASG agreements Huawei, HiSilicon, CAICT draftCR Approval Yes
Yes
 		revised No S3‑253029  
    S3‑253029 Corrections to 33.513 based on GSMA NESASG agreements Huawei, HiSilicon, CAICT draftCR Approval Yes
Yes
 		approved No   S3‑252771
    S3‑252772 Corrections to 33.514 based on GSMA NESASG agreements Huawei, HiSilicon, CAICT draftCR Approval Yes
Yes
 		revised No S3‑253030  
    S3‑253030 Corrections to 33.514 based on GSMA NESASG agreements Huawei, HiSilicon, CAICT draftCR Approval Yes
Yes
 		approved No   S3‑252772
    S3‑252773 Distinguishing headings and rephrasing to 33.514 based on GSMA NESASG agreements Huawei, HiSilicon, CAICT draftCR Approval Yes
Yes
 		revised No S3‑253031  
    S3‑253031 Distinguishing headings and rephrasing to 33.514 based on GSMA NESASG agreements Huawei, HiSilicon, CAICT draftCR Approval Yes
Yes
 		approved No   S3‑252773
    S3‑252774 Corections to 33.512 based on GSMA NESASG agreements Huawei, HiSilicon, CAICT draftCR Approval Yes
Yes
 		revised No S3‑253032  
    S3‑253032 Corections to 33.512 based on GSMA NESASG agreements Huawei, HiSilicon, CAICT draftCR Approval Yes
Yes
 		approved No   S3‑252774
    S3‑252775 Introducing the threat to AMF which was approved but not implemented in 33.926 Huawei, HiSilicon, CAICT draftCR Approval Yes
Yes
 		revised No S3‑253017  
    S3‑253017 Living document for TR 33.926 Huawei, HiSilicon, CAICT draftCR Approval No
Yes
 		email approval No   S3‑252775
    S3‑252893 Add test cases to ensure protection of initial NAS message in registration procedure BSI (DE), Montsecure CR Approval Yes
Yes
 		revised No S3‑253025 S3‑252705
    S3‑253025 Add test cases to ensure protection of initial NAS message in registration procedure BSI (DE), Montsecure CR Approval Yes
YesContent merged into the living document.
 		not pursued No   S3‑252893
    S3‑253016 Draft CR on SCAS Rel-20 TS 33.117 Huawei draftCR Approval No
Yes
 		email approval No    
    S3‑253023 Living document for TS 33.216 Huawei draftCR Approval No
Yes
 		email approval No    
    S3‑253024 Living document for TS 33.511 Huawei draftCR Approval No
Yes
 		email approval No    
    S3‑253027 Living document 33.518 Huawei draftCR Approval No
Yes
 		email approval No    
5.2 Study Items (Approved)                      
5.2.1 Study on transitioning to Post Quantum Cryptography (PQC) in 3GPP S3‑252632 Skeleton for TR 33.703 Huawei, HiSilicon, Qualcomm Incorporated draft TR Approval Yes
Yes
 		approved No    
    S3‑252633 Scope of TR 33.703 Huawei, HiSilicon pCR Approval Yes
Yes
 		revised No S3‑252976  
    S3‑252976 Scope of TR 33.703 Huawei, HiSilicon pCR Approval Yes
Yes
 		approved No   S3‑252633
    S3‑252740 Scope update LG Electronics pCR Approval Yes
Yes
 		merged No S3‑252976  
    S3‑252634 Assumption text for TR 33.703 Huawei, HiSilicon pCR Approval Yes
Yes
 		merged No S3‑252977  
    S3‑252724 Architecture Assumptions Nokia pCR Approval Yes
Yes
 		merged No S3‑252977  
    S3‑252830 Pseudo-CR on assumptions of the PQC study Ericsson pCR Approval Yes
Yes
 		revised No S3‑252977  
    S3‑252977 Pseudo-CR on assumptions of the PQC study Ericsson pCR Approval Yes
Yes
 		approved No   S3‑252830
    S3‑252638 Description of PQC security level Huawei, HiSilicon pCR Approval Yes
Yes
 		revised No S3‑252978  
    S3‑252978 Description of PQC security level Huawei, HiSilicon pCR Approval Yes
Yes
 		approved No   S3‑252638
    S3‑252758 Pseudo-CR on Principles and attributes of PQC Samsung pCR Approval Yes
Yes
 		merged No S3‑252978  
    S3‑252763 Impact of PQC algorithm transitioning on terminals China Mobile Com. Corporation pCR Approval Yes
YesQualcomm, Nokia didn’t see where this could fit into the TR.
 		noted No    
    S3‑252667 PQC Migration of different functionalities in authenticated key exchange protocols (e.g. IKEv2, TLS) Huawei, HiSilicon pCR Approval Yes
YesNokia: Key exchange, certificate management are impactged by the harvest now decypt later attack. This needs rewording.
 		revised No S3‑252979  
    S3‑252979 PQC Migration of different functionalities in authenticated key exchange protocols (e.g. IKEv2, TLS) Huawei, HiSilicon pCR Approval Yes
Yes
 		noted No   S3‑252667
    S3‑252791 Pseudo-CR on Usage mode of quantum-safe cryptographic algorithms in 6G systems China Mobile pCR Approval Yes
Yes
 		merged No S3‑252978  
    S3‑252793 Pseudo-CR on Crypto Agility China Mobile pCR Approval Yes
YesORANGE: this should be G-agnostic. Remove the normative statement with the shall. Qualcomm: 3GPP will not do anything related to crypto-agility. CMCC replied that it is planned to have this in 6G. It was decided to remove this reference.
 		revised No S3‑252980  
    S3‑252980 Pseudo-CR on Crypto Agility China Mobile pCR Approval Yes
Yes
 		noted No   S3‑252793
    S3‑252666 General description for clause 6.1 Huawei, HiSilicon pCR Approval Yes
YesQualcomm: we disagree with any prioritization. Nokia: I have an issue with referring to mature specifications.
 		noted No    
    S3‑252820 Discussion on PQC Transition for TLS Qualcomm Incorporated discussion Discussion Yes
Yes
 		noted No    
    S3‑252831 Pseudo-CR on updating TLS for PQC Ericsson pCR Approval Yes
Yes
 		noted No    
    S3‑252981 Pseudo-CR on updating TLS for PQC Ericsson pCR Approval No
Yes
 		withdrawn Yes    
    S3‑252821 Discussion on PQC Transition for JWE and JWS Qualcomm Incorporated discussion Discussion Yes
Yes
 		noted No    
    S3‑252832 Pseudo-CR on updating JOSE and COSE for PQC Ericsson pCR Approval Yes
Yes
 		noted No    
    S3‑252665 PQC migration for PKI certificates Huawei, HiSilicon pCR Approval Yes
Yes
 		revised No S3‑252982  
    S3‑252982 PQC migration for PKI certificates Huawei, HiSilicon pCR Approval Yes
Yes
 		noted No   S3‑252665
    S3‑252720 New Key issue for PQC Key Exchange and Digital Signatures Nokia pCR Approval Yes
YesQualcomm: where do we put this in the TR? Nokia: this is a key issue. Qualcomm: there are no key issues.
 		noted No    
    S3‑252635 General description for protocols not updated for PQC by other SDOs Huawei, HiSilicon pCR Approval Yes
Yes
 		revised No S3‑252983  
    S3‑252983 General description for protocols not updated for PQC by other SDOs Huawei, HiSilicon pCR Approval Yes
Yes
 		approved No   S3‑252635
    S3‑252636 Protocol - SUCI calculation Huawei, HiSilicon pCR Approval Yes
Yes
 		merged No S3‑252984  
    S3‑252719 New Key issue for PQC SUCI Protection Nokia pCR Approval Yes
Yes
 		revised No S3‑252984  
    S3‑252984 New Key issue for PQC SUCI Protection Nokia pCR Approval Yes
Yes
 		approved No   S3‑252719
    S3‑252759 Pseudo-CR on Key Issue on SUPI Concealment Samsung pCR Approval Yes
Yes
 		merged No S3‑252984  
    S3‑252841 Hybrid PQC for SUCI calculation THALES pCR Approval Yes
YesORANGE: these algorithms should be evaluated in SAGE. Not sure that we can handle this in SA3. Nokia didn’t agree, this was a 3GPP procedure.
 		merged No S3‑252984  
    S3‑252691 pCR on Threats on Bidding down attacks during coexistence of PQC and classical algorithms Huawei, HiSilicon pCR Approval Yes
YesNokia didn’t support this contribution. Ericsson, Cisco didn’t support it either. Huawei:, Qualcomm: bidding down attacks can happen in any transitioning system, it's a general problem. Huawei: no other organization will deal with these attacks, only 3GPP.
 		noted No    
    S3‑252637 Protocol - MIKEY-SAKKE Huawei, HiSilicon pCR Approval Yes
Yes
 		revised No S3‑253037  
    S3‑253037 Protocol - MIKEY-SAKKE Huawei, HiSilicon pCR Approval Yes
Yes
 		approved No   S3‑252637
    S3‑252760 Pseudo-CR on SUPI Concealment using hybrid method Samsung pCR Approval Yes
YesNCSC: the key issue has solutions. Thales: postpone all solutions for next meeting, focus on key issues this meeting.This was agreed.
 		noted No    
    S3‑252761 Pseudo-CR on SUPI Concealment using Hybrid shared Key Samsung pCR Approval Yes
Yes
 		noted No    
    S3‑252762 Pseudo-CR on PQC shared key solution for SUPI Concealment Samsung pCR Approval Yes
Yes
 		noted No    
    S3‑252975 Draft TR 33.703 Qualcomm draft TR Approval No
Yes
 		email approval No    
6.1 5G-Advance Endorsed SIDs                      
6.1.1 New SID on AIMLE Service Security (Lenovo) S3‑252918 SID on AIMLE Service Security enhancement Lenovo, Motorola Mobility SID new Approval Yes
Yes
 		revised No S3‑252958 S3‑252395
    S3‑252958 SID on AIMLE Service Security enhancement Lenovo, Motorola Mobility SID new Approval Yes
Yes
 		agreed No   S3‑252918
    S3‑252919 Draft TR Skeleton for FS_AIMLE_Sec Lenovo other Approval Yes
Yes
 		endorsed No    
    S3‑252920 Scope for AIMLE Service Security Lenovo other Endorsement Yes
Yes
 		revised No S3‑253003  
    S3‑253003 Scope for AIMLE Service Security Lenovo other Endorsement Yes
Yes
 		endorsed No   S3‑252920
    S3‑252777 New Key Issue on Authentication and Authorization of FL members for the AIMLE Service Security Huawei, HiSilicon other Approval Yes
YesEricsson: the key issue is not concrete enough.No strong opinion but offline discussion is needed to undertand what the problem we are trying to solve.
 		revised No S3‑253005  
    S3‑253005 New Key Issue on Authentication and Authorization of FL members for the AIMLE Service Security Huawei, HiSilicon other Approval Yes
Yes
 		endorsed No   S3‑252777
    S3‑252921 New KI on AIMLE FL Service Authorization and Security Lenovo other Approval Yes
Yes
 		merged No S3‑253005  
    S3‑252922 New KI on Secure AIMLE ML Model Access Lenovo other Approval Yes
Yes
 		revised No S3‑253006  
    S3‑253006 New KI on Secure AIMLE ML Model Access Lenovo other Approval Yes
Yes
 		endorsed No   S3‑252922
    S3‑253004 Draft TR for FS_AIMLE_Sec Lenovo other Approval No
Yes
 		email approval No    
6.1.2 New SID on Security Aspects for IMS resiliency (KDDI) S3‑252562 Overview of IMS Resilience vivo other Approval Yes
Yes
 		not treated No    
    S3‑252563 New Key issue on IMS authentication enhancement for IMS Resilience vivo, KDDI other Approval Yes
Yes
 		not treated No    
    S3‑252639 Discussion on Security Aspects for IMS resiliency study KDDI, Boost Mobile Network discussion Discussion Yes
Yes
 		not treated No   S3‑251904
    S3‑252640 New SID on Security Aspects for IMS resiliency KDDI, AT&T, Boost Mobile Network, Deutsche Telekom, SK Telecom, SoftBank, TOYOTA MOTOR CORPORATION, Rakuten Mobile, Verizon, vivo, Vodafone, NEC, Philips, Ericsson, Telefonica SID new Approval Yes
Yes
 		revised No S3‑252957 S3‑252352
    S3‑252957 New SID on Security Aspects for IMS resiliency KDDI, AT&T, Boost Mobile Network, Deutsche Telekom, SK Telecom, SoftBank, TOYOTA MOTOR CORPORATION, Rakuten Mobile, Verizon, vivo, Vodafone, NEC, Philips, Ericsson, Telefonica SID new Approval Yes
Yes
 		agreed No   S3‑252640
    S3‑252641 Skeleton for FS_IMSRE_SEC KDDI other Approval Yes
Yes
 		not treated No    
6.1.3 New SID on Security Aspect for NR Femto Phase 2 (ZTE) S3‑252615 New SID on Security Aspect for NR Femto Phase 2 ZTE Corporation SID new Agreement Yes
Yes
 		revised No S3‑253062  
    S3‑253062 New SID on Security Aspect for NR Femto Phase 2 ZTE Corporation SID new Agreement Yes
Yes
 		agreed No   S3‑252615
    S3‑252616 Skeleton for FS_NR_Femto_Sec_Ph2 ZTE Corporation other Approval Yes
Yes
 		endorsed No    
    S3‑252617 Security Architecture and Assumptions ZTE Corporation other Approval Yes
Yes
 		revised No S3‑253008  
    S3‑253008 Security Architecture and Assumptions ZTE Corporation other Approval Yes
Yes
 		endorsed No   S3‑252617
    S3‑252652 Add security assumptions for NR_Femto_sec_ph2 China Telecommunications Corp. other Approval Yes
Yes
 		merged No S3‑253008  
    S3‑252682 Architecture for Femto ph2 Huawei, HiSilicon other Approval Yes
Yes
 		merged No S3‑253008  
    S3‑252618 New KI on detection of misconfigured or malicious NR Femto ZTE Corporation other Approval Yes
Yes
 		merged No S3‑253009  
    S3‑252692 New KI for NR_Femto_sec_ph2 China Telecommunications Corp. other   Yes
Yes
 		revised No S3‑253009  
    S3‑253009 New KI for NR_Femto_sec_ph2 China Telecommunications Corp. other - Yes
Yes
 		endorsed No   S3‑252692
    S3‑252619 New KI on security and privacy aspects for local access ZTE Corporation other Approval Yes
Yes
 		revised No S3‑253010  
    S3‑253010 New KI on security and privacy aspects for local access ZTE Corporation other Approval Yes
Yes
 		endorsed No   S3‑252619
    S3‑252683 New key issue on the security of localized UPF Huawei, HiSilicon other Approval Yes
Yes
 		merged No S3‑253010  
    S3‑253007 Draft TR for FS_NR_Femto_Sec_Ph2 ZTE other Endorsement No
Yes
 		email approval No    
6.1.4 New SID on Security aspects of WAB nodes for NR (Nokia) S3‑252642 New SID on Security aspects of WAB nodes for NR Nokia SID new Approval Yes
Yes
 		revised No S3‑252959 S3‑252418
    S3‑252959 New SID on Security aspects of WAB nodes for NR Nokia SID new Approval Yes
Yes
 		agreed No   S3‑252642
    S3‑252645 Skeleton for TR for study on security aspects of WAB nodes for NR Nokia other Approval Yes
Yes
 		endorsed No    
    S3‑252684 Architecture for WAB Huawei, HiSilicon other Approval Yes
Yes
 		endorsed No    
    S3‑252685 new key issue on security from WAB to the UE's network Huawei, HiSilicon other Approval Yes
Yes
 		noted No    
    S3‑252686 new key issue on security of the link between WAB-gNB and OAM Huawei, HiSilicon other Approval Yes
Yes
 		endorsed No    
    S3‑252778 New Key Issue on Security Protection of Compromised WAB Nodes and Core Network Measures Huawei, HiSilicon other Approval Yes
Yes
 		noted No    
    S3‑252987 TR for study on security aspects of WAB nodes for NR Nokia other Approval No
Yes
 		email approval No    
6.1.5 New SID on security for PLMN hosting a NPN phase 2 (China Telecom) S3‑252648 New SID on security for PLMN hosting a NPN phase 2 China Telecommunications Corp.,ZTE, China Unicom, China Mobile, CAIC SID new Approval Yes
Yes
 		revised No S3‑252960  
    S3‑252960 New SID on security for PLMN hosting a NPN phase 2 China Telecommunications Corp.,ZTE, China Unicom, China Mobile, CAIC SID new Approval Yes
Yes
 		agreed No   S3‑252648
    S3‑252649 Skeleton of security for PLMN hosting a NPN phase 2 China Telecommunications Corp.,ZTE, CAICT, Johns Hopkins University APL other Approval Yes
Yes
 		revised No S3‑253042  
    S3‑253042 Skeleton of security for PLMN hosting a NPN phase 2 China Telecommunications Corp.,ZTE, CAICT, Johns Hopkins University APL other Approval Yes
Yes
 		endorsed No   S3‑252649
    S3‑252722 Update the scope ZTE Deutschland other   Yes
Yes
 		revised No S3‑253044  
    S3‑253044 Update the scope ZTE Deutschland other - Yes
Yes
 		endorsed No   S3‑252722
    S3‑252723 Update the clause 5 Security assumptions ZTE Deutschland other   Yes
Yes
 		revised No S3‑253045  
    S3‑253045 Update the clause 5 Security assumptions ZTE Deutschland other - Yes
Yes
 		endorsed No   S3‑252723
    S3‑252650 Pseudo-CR on TEID issue in N9 interface China Telecommunications Corp.,, CableLabs, CAICT, ZTE other Approval Yes
Yes
 		not treated No    
    S3‑252651 Pseudo-CR on topology hiding in N9 interface China Telecommunications Corp.,CAICT, ZTE other Approval Yes
Yes
 		not treated No    
    S3‑252620 New key issue on SBA interface protectiong ZTE Corporation,China Telecom other Approval Yes
Yes
 		not treated No    
    S3‑253043 Draft TR of security for PLMN hosting a NPN phase 2 China Telecom other Endorsement Yes
Yes
 		endorsed No    
6.1.6 New SID on security aspects for QUIC or TLS (Huawei) S3‑252679 Skeleton to using PSK in MPQUIC study Huawei, HiSilicon other Approval Yes
Yes
 		endorsed No    
    S3‑252680 Architecture for MPQUIC study Huawei, HiSilicon other Approval Yes
Yes
 		not treated No    
    S3‑252871 Key Issue on PSK Derivation Xiaomi Technology other Endorsement Yes
Yes
 		not treated No    
    S3‑252681 New key issue on key generation Huawei, HiSilicon other Approval Yes
Yes
 		not treated No    
    S3‑252766 Pseudo-CR on New Key Issue for PSK Derivation for MPQUIC in ATSSS CATT other Endorsement Yes
Yes
 		not treated No    
    S3‑252769 Pseudo-CR on New Key Issue for PSK Delivery for MPQUIC in ATSSS CATT other Endorsement Yes
Yes
 		not treated No    
    S3‑252663 New key issue on the PSK distribution Huawei, HiSilicon other Approval Yes
Yes
 		not treated No    
    S3‑252872 Key Issue on PSK Delivery Xiaomi Technology other Endorsement Yes
Yes
 		not treated No    
    S3‑252534 New Key Issue for Support of PSK Mode between the UE and UPF InterDigital, Inc. other Endorsement Yes
Yes
 		not treated No    
    S3‑252664 New key issue of the PSK usage in QUIC or TLS Huawei, HiSilicon other Approval Yes
Yes
 		not treated No    
6.1.7 New SID on Security of AIML_Ph2 (VIVO) S3‑252569 New SID on Security of AIML_Ph2 vivo, CMCC, Nokia, OPPO SID new Approval Yes
Yes
 		revised No S3‑252962 S3‑252356
    S3‑252962 New SID on Security of AIML_Ph2 vivo, CMCC, Nokia, OPPO SID new Approval Yes
Yes
 		agreed No   S3‑252569
    S3‑252564 Skeleton for AIML_Ph2_SEC vivo other Approval Yes
Yes
 		endorsed No    
    S3‑252565 Overview vivo other Approval Yes
Yes
 		revised No S3‑252988  
    S3‑252988 Overview vivo other Approval Yes
Yes
 		endorsed No   S3‑252565
    S3‑252737 New KI - security and privacy aspects of exposure of the standardized data Ericsson other Approval Yes
Yes
 		merged No S3‑252990  
    S3‑252533 New Key Issue for Security and Privacy for UE Data Collection Transfer InterDigital, Inc. other Endorsement Yes
Yes
 		merged No S3‑252990  
    S3‑252621 New KI on Security for UP to support UE data collection ZTE Corporation other Approval Yes
Yes
 		merged No S3‑252990  
    S3‑252671 Exposure security for UE data towards OTT servers Huawei, HiSilicon other Approval Yes
Yes
 		revised No S3‑252989  
    S3‑252989 Exposure security for UE data towards OTT servers Huawei, HiSilicon other Approval No
Yes
 		noted No   S3‑252671
    S3‑252672 Authenticate and Authorize UE connection setup with data collection NF with communication security Huawei, HiSilicon other Approval Yes
Yes
 		revised No S3‑252990  
    S3‑252990 Authenticate and Authorize UE connection setup with data collection NF with communication security Huawei, HiSilicon other Approval Yes
Yes
 		endorsed No   S3‑252672
    S3‑252781 New Key Issue for Security Aspect of Data Transfer over UP CATT other Endorsement Yes
Yes
 		merged No S3‑252990  
    S3‑252861 Key Issue on secure connection between UE and the data collection related network function Xiaomi communications other Endorsement Yes
Yes
 		merged No S3‑252990  
    S3‑252566 New KI: Protection for reporting data vivo other Approval Yes
Yes
 		merged No S3‑252990  
    S3‑252598 New KI on authorization of UE data collection and exposure OPPO other Approval Yes
Yes
 		merged No S3‑252990  
    S3‑252670 Authorization for UE Data towards OTT servers Huawei, HiSilicon other Approval Yes
Yes
 		merged No S3‑252990  
    S3‑252532 New Key Issue for Privacy for UE Data Collection Exposure InterDigital, Inc. other Endorsement Yes
Yes
 		merged No S3‑252990  
    S3‑252567 New KI: Privacy for UE to report data vivo other Approval Yes
Yes
 		merged No S3‑252990  
    S3‑252780 New Key Issue for User Consent for UE Data Collection CATT other Endorsement Yes
Yes
 		merged No S3‑252990  
    S3‑253064 Draft TR AIML Phase 2 Vivo other Endorsement No
Yes
 		email approval No    
6.1.8 New SID on security aspects of Integrated Sensing and Communication (Xiaomi) S3‑252868 New SID on security and privacy aspects of Integrated Sensing and Communication Xiaomi Technology SID new Approval Yes
Yes
 		revised No S3‑252963  
    S3‑252963 New SID on security and privacy aspects of Integrated Sensing and Communication Xiaomi Technology SID new Approval Yes
YesIt was requested to capture in the minutes: RAN scope should be captured in the TR.
 		agreed No   S3‑252868
    S3‑252869 Skeleton for ISAC Security TR Xiaomi Technology other Endorsement Yes
Yes
 		endorsed No    
    S3‑252675 Adding scope of Sensing Huawei, HiSilicon other Approval Yes
Yes
 		revised No S3‑253012  
    S3‑253012 Adding scope of Sensing Huawei, HiSilicon other Approval Yes
Yes
 		endorsed No   S3‑252675
    S3‑252870 Scope of ISAC Security TR Xiaomi Technology other Endorsement Yes
Yes
 		merged No S3‑253012  
    S3‑252693 Add security assumptions for ISAC_sec_sid China Telecommunications Corp. other   Yes
Yes
 		endorsed No    
    S3‑252622 New key issue on authentication and authorization for sensing service ZTE Corporation other Approval Yes
Yes
 		merged No S3‑253013  
    S3‑252674 New key issue on Security between network and Sensing service consumer Huawei, HiSilicon other Approval Yes
Yes
 		merged No S3‑253013  
    S3‑252858 Key Issue on Security Aspects of Authorization for Sensing Service Invocation Revocation and Exposure Xiaomi communications, InterDigital other Endorsement Yes
Yes
 		revised No S3‑253013  
    S3‑253013 Key Issue on Security Aspects of Authorization for Sensing Service Invocation Revocation and Exposure Xiaomi communications, InterDigital other Endorsement Yes
Yes
 		endorsed No   S3‑252858
    S3‑252881 new KI on authorization of sensing service request Nokia, Nokia Shanghai Bell other Approval Yes
Yes
 		merged No S3‑253013  
    S3‑252568 New KI: Authorization for sensing vivo other Approval Yes
Yes
 		merged No S3‑253013  
    S3‑252694 New KI for ISAC_sec_sid China Telecommunications Corp. other   Yes
Yes
 		merged No S3‑253013  
    S3‑252742 New Key issue on authorization for sensing service OPPO other Approval Yes
Yes
 		merged No S3‑253013  
    S3‑252673 New key issue on security between Sensing Function(s) and Sensing Entities Huawei, HiSilicon other Approval Yes
Yes
 		merged No S3‑253014  
    S3‑252743 New Key issue on protection of sensing data transmission OPPO other Approval Yes
Yes
 		merged No S3‑253014  
    S3‑252859 Key Issue on Security Protection for Sensing Service Operations Xiaomi communications, InterDigital other Endorsement Yes
Yes
 		revised No S3‑253014  
    S3‑253014 Key Issue on Security Protection for Sensing Service Operations Xiaomi communications, InterDigital other Endorsement Yes
Yes
 		endorsed No   S3‑252859
    S3‑252623 New key issue on privacy aspect of sensing result exposure ZTE Corporation other Approval Yes
Yes
 		merged No S3‑253013  
    S3‑252624 New key issue on user consent for sensing service ZTE Corporation other Approval Yes
YesHuawei: postpone and wait for SA2 progress. Qualcomm supported this.
 		noted No    
    S3‑252764 pCR Privacy requirements for sensing NTT DOCOMO INC. other Approval Yes
Yes
 		not treated No    
    S3‑252860 Key Issue on Privacy Protection for Sensing Services Xiaomi communications, InterDigital other Endorsement Yes
YesNokia supported the issue, although some rewording was needed. Privacy is always linked t to the human user. CMCC and Vivo didn’t agree with this. It was proposed to postpone the issue and wait for RAN progress.
 		noted No    
    S3‑253011 Draft TR for ISAC Security Xiaomi other Endorsement No
Yes
 		email approval No    
6.1.9 New SID on 5G Security Assurance Specification (SCAS) for the Container-based Products (Ericsson) S3‑252710 Scope for SCAS for Container-based Products BSI (DE) other Approval Yes
Yes
 		endorsed No    
    S3‑252711 References for SCAS for Container-based Products BSI (DE) other Approval Yes
Yes
 		not treated No    
    S3‑252712 Defintions for SCAS for Container-based Products BSI (DE) other Approval Yes
Yes
 		not treated No    
    S3‑252713 Assumptions for SCAS for Container-based Products BSI (DE) other Approval Yes
Yes
 		not treated No    
    S3‑252714 Assets and Threats for SCAS for Container-based Products BSI (DE) other Approval Yes
Yes
 		not treated No    
    S3‑252715 Test Cases for SCAS for Container-based Products BSI (DE) other Approval Yes
Yes
 		not treated No    
    S3‑252890 TR skeleton for Security Assurance Specification (SCAS) for the Container-based Product Ericsson other Approval Yes
Yes
 		endorsed No    
    S3‑253038 Draft TR SCAS for Container-based Products Ericsson other Endorsement No
Yes
 		email approval No    
6.1.10 New SID on Security Aspects of 5G Satellite Access Phase 4 (CATT) S3‑252745 New SID on Security Aspects of 5G Satellite Access Phase 4 CATT SID new Approval Yes
Yes
 		revised No S3‑252965  
    S3‑252965 New SID on Security Aspects of 5G Satellite Access Phase 4 CATT SID new Approval Yes
Yes
 		agreed No   S3‑252745
    S3‑252768 Discussion on security of UE-Satellite-UE in IMS Huawei, HiSilicon discussion Discussion Yes
Yes
 		noted No    
    S3‑252770 Revised SID on Security Aspects of 5G Satellite Access Phase 4 Huawei, HiSilicon other Approval Yes
Yes
 		noted No    
    S3‑252746 Skeleton of TR Satellite Phase 4 CATT other Approval Yes
Yes
 		endorsed No    
    S3‑252721 Add security assumptions for SAT_ph4_Sec sid China Telecommunications Corp. other   Yes
Yes
 		revised No S3‑253039  
    S3‑253039 Add security assumptions for SAT_ph4_Sec sid China Telecommunications Corp. other - Yes
Yes
 		endorsed No   S3‑252721
    S3‑252625 New key issue on UE security context synchronization in S&F Satellite operation ZTE Corporation other Approval Yes
Yes
 		merged No S3‑253041  
    S3‑252744 New Key issue on security protection in split MME architecture OPPO other Approval Yes
Yes
 		merged No S3‑253041  
    S3‑252748 New KI for TR Satellite Phase 4 CATT, Sateliot, Novamint other Approval Yes
Yes
 		revised No S3‑253041  
    S3‑253041 New KI for TR Satellite Phase 4 CATT, Sateliot, Novamint other Approval Yes
Yes
 		endorsed No   S3‑252748
    S3‑252776 New Key Issue on Security protection for Multi-Satellites Store and Forward Operation in Split MME Architecture Huawei, HiSilicon other Approval Yes
Yes
 		merged No S3‑253041  
    S3‑253040 Draft TR SAT_ph4_Sec CATT other Endorsement No
Yes
 		email approval No    
6.2 New 5G-Advance SIDs/WIDs S3‑252531 Study on Security aspects of CAPIF Phase 4 Nokia SID new   Yes
Yes
 		revised No S3‑252966  
    S3‑252966 Study on Security aspects of CAPIF Phase 4 Nokia SID new - Yes
Yes
 		agreed No   S3‑252531
    S3‑252574 Discussion of security aspects of SNPN cellular hotspots Cisco Systems Belgium discussion Discussion Yes
Yes
 		noted No    
    S3‑252575 Study on security aspects of SNPN cellular hotspots Cisco Systems Belgium SID new Approval Yes
YesORANGE: business model not clear, we need more information from SA1 and SA2. IT was agreed to send an LS to SA1, SA2 and SA for clarification.
 		revised No S3‑253048  
    S3‑253048 Study on security aspects of SNPN cellular hotspots Cisco Systems Belgium SID new Approval Yes
Yes
 		noted No   S3‑252575
    S3‑252589 New WID on PRINS Refinement CableLabs, Nokia, Charter Communications, China Telecom, Deutsche Telekom, Comcast Communications WID new Agreement Yes
Yes
 		revised No S3‑252967  
    S3‑252967 New WID on PRINS Refinement CableLabs, Nokia, Charter Communications, China Telecom, Deutsche Telekom, Comcast Communications WID new Agreement Yes
Yes
 		agreed No   S3‑252589
    S3‑252590 PRINS Refinement CableLabs, Nokia, Charter Communications, China Telecom, Deutsche Telekom, Comcast Communications draftCR Discussion Yes
Yes
 		noted No    
    S3‑252668 DP Study on best security practice for SBA Huawei, HiSilicon discussion Approval Yes
Yes
 		noted No    
    S3‑252669 SID Study on best security practice for SBA Huawei, HiSilicon SID new Approval Yes
Yes
 		revised No S3‑253052  
    S3‑253052 SID Study on best security practice for SBA Huawei, HiSilicon SID new Approval Yes
Yes
 		agreed No   S3‑252669
    S3‑252687 MPQUIC SID Huawei, HiSilicon SID new Approval Yes
Yes
 		revised No S3‑252961  
    S3‑252961 New SID on providing PSK for MPQUIC/TLS Huawei, HiSilicon SID new Approval Yes
Yes
 		agreed No   S3‑252687
    S3‑252813 Study on Security Aspect of Ambient IoT Services in 5G phase 2 Qualcomm Incorporated SID new Agreement Yes
Yes
 		merged No S3‑252968  
    S3‑252875 New SID on Security of application user consent architecture Ericsson SID new Agreement Yes
Yes
 		noted No    
    S3‑252879 New SID on Security Assurance Specification (SCAS) for Container-based Products Ericsson, Nokia, Nokia Shanghai Bell, BSI SID new Agreement Yes
Yes
 		revised No S3‑252964  
    S3‑252964 New SID on Security Assurance Specification (SCAS) for Container-based Products Ericsson, Nokia, Nokia Shanghai Bell, BSI SID new Agreement Yes
Yes
 		agreed No   S3‑252879
    S3‑252882 New WID on  SCAS for NR Femto China Mobile, CAICT, ZTE, CATT WID new Approval Yes
Yes
 		revised No S3‑252970  
    S3‑252970 New WID on  SCAS for NR Femto China Mobile, CAICT, ZTE, CATT WID new Approval Yes
Yes
 		agreed No   S3‑252882
    S3‑252883 New WID on  SCAS for NR Femto SeGW China Mobile, CAICT, ZTE, CATT WID new Approval Yes
Yes
 		revised No S3‑252971  
    S3‑252971 New WID on  SCAS for NR Femto SeGW China Mobile, CAICT, ZTE, CATT WID new Approval Yes
Yes
 		agreed No   S3‑252883
    S3‑252884 New SID on enhanced security management service about security policy provisioning China Mobile, ZTE, CATT, Johns Hopkins University APL, CAICT, CableLabs, Nokia, China Unicom, China Telecom SID new Approval Yes
Yes
 		revised No S3‑252972  
    S3‑252972 New SID on enhanced security management service about security policy provisioning China Mobile, ZTE, CATT, Johns Hopkins University APL, CAICT, CableLabs, Nokia, China Unicom, China Telecom SID new Approval Yes
Yes
 		noted No   S3‑252884
    S3‑252897 New SID on the security support for the Next Generation Real Time Communication services Phase 3 Ericsson SID new Agreement Yes
Yes
 		noted No    
    S3‑252903 Discussion on Early Detection Framework Based on O&M Logs for Abnormal Access to HSSUDM NTT DOCOMO INC.. discussion   Yes
Yes
 		noted No    
    S3‑252910 R20 Amabient IoT SID OPPO, Huawei SID new Agreement Yes
Yes
 		revised No S3‑252968  
    S3‑252968 R20 Amabient IoT SID OPPO, Huawei SID new Agreement Yes
YesNokia asked to be minuted: the study item is heavily underestimated in time units.
 		agreed No   S3‑252910
    S3‑252902 Discussion on Early Detection Framework Based on O&M Logs for Abnormal Access to HSSUDM NTT DOCOMO INC.. discussion   Yes
Yes
 		withdrawn Yes    
    S3‑253046 LS on business model and architecture for SNPN cellular hotspots Cisco LS out Approval Yes
Yes
 		approved No    
6.3 New 6G SIDs/WIDs S3‑252576 draft 6G Security SID Nokia SID new Agreement Yes
YesNTT-Docomo. ORANGE, Thales: too much detail. NTT-Docomo: some things here read like key issues, work tasks are too specific. It was requested to minute: It was agreed by SA3 that the Study will incorporate high level work tasks (not too detailed or sub-bullets). Apple comsidered that only the two first work tasks were necessary.They found that the work task structure was clear or necessary. The Chair asked for a show of hands. In favour of keeping WT3 and WT4: Cisco, Interdigital, IDEMIA,Nokia, CATT,IDC,CableLabs, DT,Thales,ORANGE, NIST,Ericsson. Qualcomm, Sectra, OTD, China Telecom, China Mobile, SK, Verizon, OPPO, Lenovo, Vivo,Samsung, AT&T, T-Mobile. Apple and Xiaomi opposed to having WT3 and WT4 in the SID.
 		revised No S3‑252973  
    S3‑252973 draft 6G Security SID Nokia SID new Agreement Yes
YesHuawei didn’t find this SID in shape to start working in October. There were many issues about the structure, way of working, etc that needed to be figured out before. This was taken onffline. It was queried how to proceeed with the work. The Chair pointed out the two options: Agreeing the SID: official rapporteur taking the lead. Endorsing the SID: having a moderator like it was done in 5GA. Huawei: too open ended, there is no rush. Not clear what SA3 is going to do without a 6G architecture? NTT-Docomo: we don’t want to agree on a SID but start the work anyway spending TUs? Agree on this now and start the work in October or November. The Chair asked for a show of hands to see the opinion of the group. Agreeing to something this meeting? Ericsson, AT&T, Samsung, NTT-Docomo, T-Mobile, Charter, CMCC, Philips, Verizon, Vivo, OPPO, ZTE, Telecom Italia, Qualcomm, NIST, ORANGE, Thales, Ericsson, CAbleLbas, IDC, DT, Nokia, IDEMIA, CATT, Cisco, John Hopkins, Xiamoi, NTIU,Sectra Endorsing to something this meeting? Huawei, China Telecom Huawei:: we can endorse this and note that potential clarifications and additions are needed to the work tasks. Huawei: SA2 hasn’t decided the timeline of the study yet. There is no clear architecture. Huawei: work tasks too generic, too high level. We don’t even mention authentication in the work tasks. ORANGE: we can discuss some basic security assumptions, TR structure and not to dig into key issues. AT&T: SA2 SID is not very different from this one, and it was agreed. Huawei had a sustained objection on this SID to be agreed. The Chair commented that if endorsed, companies could still bring contributions to the Plenary. ORANGE proposed to send an LS to SA to give the news.
 		endorsed No   S3‑252576
    S3‑252577 Add WT for Study on Security for the 6G System Enhancements Johns Hopkins University APL SID new Approval Yes
Yes
 		merged No S3‑252973  
    S3‑252578 Updates to SA3 Moderator 6G SID Charter Communications, Inc SID new Agreement Yes
Yes
 		merged No S3‑252973  
    S3‑252600 CableLabs revision of SA3 Moderator 6G SID CableLabs SID new Discussion Yes
Yes
 		merged No S3‑252973  
    S3‑252626 ZTE views on draft 6G security SID ZTE Corporation other Approval Yes
Yes
 		merged No S3‑252973  
    S3‑252695 Pseudo-CR on update to 6G general SID China Telecommunications Corp. other Approval Yes
Yes
 		merged No S3‑252973  
    S3‑252733 Revision of draft_6G Security SID v1 vivo SID new Approval Yes
Yes
 		merged No S3‑252973  
    S3‑252757 Updates to draft 6G SID v1 Samsung other Approval Yes
Yes
 		merged No S3‑252973  
    S3‑252790 Revision of draft 6G Security SID for updating WT description CATT SID new Approval Yes
Yes
 		merged No S3‑252973  
    S3‑252794 Revision suggestion on Study on Security for the 6G System Enhancements China Mobile discussion Discussion Yes
Yes
 		noted No    
    S3‑252850 Update to SA3 6G SID Apple SID new   Yes
Yes
 		merged No S3‑252973  
    S3‑252873 Update to draft 6G Security SID Xiaomi Technology discussion Endorsement Yes
Yes
 		noted No    
    S3‑252901 OPPO’s update for draft 6G security SID Guangdong OPPO Mobile Telecom. other Approval Yes
Yes
 		merged No S3‑252973  
    S3‑252912 Cisco revision of draft 6G Security SID Cisco Systems SID new Discussion Yes
Yes
 		merged No S3‑252973  
    S3‑252916 Draft 6G SID change proposal Ericsson Hungary Ltd SID new Agreement Yes
Yes
 		merged No S3‑252973  
    S3‑252643 Discussion on update of 6G SID to avoid false base station attack SK Telecom discussion Approval Yes
Yes
 		noted No    
    S3‑252690 Discussion on Security of 6G System Huawei, HiSilicon discussion Discussion Yes
Yes
 		noted No    
    S3‑252732 Gathering Security Requirements from Other Working Group vivo discussion Information Yes
Yes
 		noted No    
    S3‑252874 Study about PLS for Sensing Cases in 6G OPPO discussion Discussion Yes
Yes
 		noted No    
    S3‑252898 WT proposal on Threat Analysis for 6G Ericsson discussion Endorsement Yes
Yes
 		noted No    
    S3‑252899 Example of a Threat Analysis for 6G Ericsson discussion Information Yes
Yes
 		noted No    
    S3‑252908 Discussion on Security of MAC CE and Lower Layers OPPO, Xidian University discussion Endorsement Yes
Yes
 		noted No    
    S3‑252546 New Study on DNS Security for 6G Core Network Johns Hopkins University APL SID new Approval Yes
YesHuawei: we will deal with DNS security if a key issue about it is found, but we don’t think we should start a whole SID about this. NTT-Docomo: too early for 6G. If for 5GA, it’s another discussion.
 		noted No    
    S3‑252554 New SID on supporting AEAD algorithms KDDI Corporation (TTC) SID new Approval Yes
YesThales asked to add a note on the WID: Key hierarchy includes the full key hierarchy and also the long term key.
 		revised No S3‑253050 S3‑252362
    S3‑253050 New SID on supporting AEAD algorithms KDDI Corporation (TTC) SID new Approval Yes
Yes
 		agreed No   S3‑252554
    S3‑252689 New SID on Multi-Party Trust Model for 6G System Huawei, HiSilicon SID new Approval Yes
Yes
 		noted No    
    S3‑252822 New Study on feasibility of decentralized trust enablement for 6G China Mobile, Johns Hopkins University, Deutsche Telekom SID new Approval Yes
YesWill wait for progress from GSMA and the 6G study.
 		noted No    
    S3‑252555 AEAD TR skeleton KDDI Corporation (TTC) discussion Information Yes
Yes
 		noted No    
    S3‑252556 Pseudo-CR on AEAD TR KDDI Corporation (TTC) discussion   Yes
Yes
 		noted No    
    S3‑252795 New Study on feasibility of decentralized trust enablement for 6G China Mobile SID new   No
Yes
 		withdrawn Yes    
    S3‑253061 Ls on progress of the 6G security Study ORANGE LS out Approval Yes
Yes
 		approved No    
6.4 SIDs/WIDs Prioritization S3‑252911 Rel-20 SA3 Work Planning SA WG3 Chair other Information Yes
Yes
 		revised No S3‑252956  
    S3‑252956 Rel-20 SA3 Work Planning SA WG3 Chair other Information No
Yes
 		noted No   S3‑252911
    S3‑252570 Discussion Paper on Prorization of 5GA SIDs vivo discussion Discussion Yes
Yes
 		noted No    
    S3‑252900 Some considerations about 6G task prioritization Ericsson discussion Discussion Yes
Yes
 		noted No    
7 CVD and research S3‑252509 CVD-2025-0101 - Four critical vulnerabilities in the access control mechanism of the 5G core Network GSMA LS in   Yes
Yes
 		postponed No    
    S3‑252537 LS on ProducerSnssaiList conditions and content Nokia LS out   Yes
Yes
 		merged No S3‑253054  
    S3‑252538 ProducerSnssaiList conditions and content Nokia CR   Yes
Yes
 		merged No S3‑253053  
    S3‑252629 Reply LS to GSMA on CVD-2025-0101 Huawei, HiSilicon LS out Approval Yes
Yes
 		noted No S3‑253054  
    S3‑253054 Reply LS to GSMA on CVD-2025-0101 Huawei, HiSilicon LS out Approval No
Yes
 		withdrawn Yes    
    S3‑252630 Clarification on access token with respect to a list of S-NSSAIs Huawei, HiSilicon CR Agreement Yes
Yes
 		revised No S3‑253053  
    S3‑253053 Clarification on access token with respect to a list of S-NSSAIs Huawei, HiSilicon CR Agreement No
Yes
 		not pursued No   S3‑252630
8 Any Other Business S3‑252504 SA3 meeting calendar SA WG3 Chair, MCC other   No
Yes
 		withdrawn Yes