Tdoc List
2025-08-29 16:07
Agenda | Topic | TDoc | Title | Source | Type | For | Avail | Treated | Decision | Wdrn | Replaced-by | Replaces |
---|---|---|---|---|---|---|---|---|---|---|---|---|
1 | Agenda and Meeting Objectives | S3‑252500 | Agenda | SA WG3 Chair | agenda | Yes |
Yes
| approved | No | |||
S3‑252502 | Process for SA3#123 | WG Chair | other | Yes |
Yes
| noted | No | |||||
S3‑252503 | Detailed agenda planning | SA WG3 Chair | other | No |
Yes
| noted | No | |||||
2 | Meeting Reports |   | ||||||||||
2.1 | Previous SA3 meeting report/s and SA report | S3‑252501 | Report from SA3#122 | MCC | report | Yes |
Yes
| approved | No | |||
S3‑252925 | Report from last SA meeting | SA WG3 Chair | report | Information | Yes |
Yes
| revised | No | S3‑253065 | |||
S3‑253065 | Report from last SA meeting | SA WG3 Chair | report | Information | Yes |
Yes
| noted | No | S3‑252925 | |||
2.2 | SA3-LI Report |   | ||||||||||
3 | Reports and Liaisons from other Groups | S3‑252505 | LS on UE parameters update header security | C1-253719 | LS in | Yes |
YesTdoc 924 is a CR related to this issue.
| postponed | No | |||
S3‑252506 | Reply LS on Security related protocol-specific parameters for N6 delay measurement | C3-252543 | LS in | Yes |
Yes
| postponed | No | |||||
S3‑252528 | LS on Security related protocol-specific parameters for N6 delay measurement | Nokia, Nokia Shanghai Bell | LS out | Yes |
YesEricsson: this is out of scope of 3GPP. Huawei agreed with this.
| revised | No | S3‑252927 | ||||
S3‑252927 | LS on Security related protocol-specific parameters for N6 delay measurement | Nokia, Nokia Shanghai Bell | LS out | - | Yes |
Yes
| noted | No | S3‑252528 | |||
S3‑252508 | Reply LS on paging ID length | C4-252466 | LS in | Yes |
YesORANGE: they are still taking about the PLMNID and they don’t seem to be aware of the LS from SA plenary.
| replied to | No | |||||
S3‑252518 | Reply LS on paging ID length | S2-2505793 | LS in | Yes |
Yes
| replied to | No | |||||
S3‑252594 | Reply LS on paging ID length | OPPO | LS out | Approval | Yes |
Yes
| merged | No | S3‑252933 | |||
S3‑252510 | O-RAN ALLIANCE - 3GPP collaboration on PQC | O-RAN-WG11 | LS in | Yes |
Yes
| replied to | No | |||||
S3‑252628 | Reply LS to O-RAN ALLIANCE on PQC | Huawei, HiSilicon | LS out | Approval | Yes |
YesEricsson didn’t find it practical to have a joint meeting with O-RAN.
| revised | No | S3‑252928 | |||
S3‑252928 | Reply LS to O-RAN ALLIANCE on PQC | Huawei, HiSilicon | LS out | Approval | Yes |
Yes
| approved | No | S3‑252628 | |||
S3‑252513 | Reply LS on security verification related to NR Femto nodes | R3-254031 | LS in | Yes |
Yes
| replied to | No | |||||
S3‑252602 | Alignment of CAG verification | ZTE | CR | Agreement | Yes |
Yes
| merged | No | S3‑252929 | |||
S3‑252644 | Updates to address comments from RAN in LS R3-254031. | Nokia | CR | Agreement | Yes |
Yes
| merged | No | S3‑252929 | |||
S3‑252678 | Changes based on RAN3 input | Huawei, HiSilicon | CR | Approval | Yes |
Yes
| revised | No | S3‑252929 | |||
S3‑252929 | Changes based on RAN3 input | Huawei, HiSilicon | CR | Approval | Yes |
Yes
| agreed | No | S3‑252678 | |||
S3‑252601 | Reply LS on security verification related to NR Femto nodes | ZTE Corporation | LS out | Approval | Yes |
Yes
| merged | No | S3‑252930 | |||
S3‑252647 | Reply LS to Reply LS on security verification related to NR Femto nodes | Nokia | LS out | Agreement | Yes |
Yes
| merged | No | S3‑252930 | |||
S3‑252677 | Draft Reply LS on security verification related to NR Femto nodes | Huawei, HiSilicon | LS out | Approval | Yes |
Yes
| revised | No | S3‑252930 | |||
S3‑252930 | Reply LS on security verification related to NR Femto nodes | Huawei, HiSilicon | LS out | Approval | Yes |
Yes
| approved | No | S3‑252677 | |||
S3‑252523 | LS to 3GPP about the external data channel content access requirements | GSMA | LS in | Yes |
Yes
| replied to | No | |||||
S3‑252767 | Reply LS to The External Data Channel Content Access | Huawei, HiSilicon | LS out | Approval | Yes |
Yes
| revised | No | S3‑252931 | |||
S3‑252931 | Reply LS to The External Data Channel Content Access | Huawei, HiSilicon | LS out | Approval | Yes |
Yes
| approved | No | S3‑252767 | |||
S3‑252849 | Reply GSMA LS about the external data channel content access requirements | Apple | LS out | Yes |
Yes
| merged | No | S3‑252931 | ||||
S3‑252527 | LS to SA WG3: Completion of SA3-LI Cryptographic Inventory | s3i250445 | LS in | Yes |
YesHuawei: the SA3 guidelines on crypto inventory are in a TR, but this is making changes on a normative specification.
Alex (SA3-LI Chair): this CR was already agreed by SA3 by email. I'm ok if SA3 wants to make a CR to their specifications to align. Huawei agreed that a CR would be good.
| noted | No | |||||
S3‑252539 | LS from GSMA NRG to 3GPP SA3 on further refinements of PRINS | GSMA | LS in | Yes |
YesCableLabs had CRs and a mini WID related.
| replied to | No | |||||
S3‑252591 | Reply LS on further refinements of PRINS | CableLabs | LS out | Approval | Yes |
Yes
| revised | No | S3‑253063 | |||
S3‑253063 | Reply LS on further refinements of PRINS | CableLabs | LS out | Approval | Yes |
Yes
| approved | No | S3‑252591 | |||
S3‑252540 | LS reply on authorization and authentication in Avatar communication | S4-251564 | LS in | Yes |
Yes
| noted | No | |||||
S3‑252511 | Reply LS on D2R message size for inventory response | R3-253940 | LS in | Yes |
Yes
| noted | No | |||||
S3‑252512 | Reply LS on signalling feasibility of dataset and parameter sharing | R3-253961 | LS in | Yes |
Yes
| noted | No | |||||
S3‑252516 | Reply LS on stage 1 requirements for the support for PWS over satellite NGRAN in Rel-17 | S2-2505538 | LS in | Yes |
Yes
| noted | No | |||||
S3‑252517 | Reply LS on AI/ML UE sided data collection | S2-2505713 | LS in | Yes |
Yes
| noted | No | |||||
S3‑252519 | LS on Discreet listening | S6-252529 | LS in | Yes |
Yes
| noted | No | |||||
S3‑252521 | Reply LS on OSAppID usage by AppToken use case | SP-250782 | LS in | Yes |
Yes
| noted | No | |||||
S3‑252543 | LS on consent of draft new Recommendation ITU-T Y.3165 (ex Y.CCO-req) “Requirements of orchestration supporting confidential computing for network slices in IMT-2020 networks and beyond” | ITU-T | LS in | Yes |
Yes
| noted | No | |||||
S3‑252545 | 5G-Enabled Timber Manufacturing: Advancing Standards for Digital Traceability, Localization, and Circular Economy Integration | 5G-TIMBER Project Consortium | LS in | Yes |
Yes
| noted | No | |||||
S3‑252514 | LS Response to SA3-LI on RCS lawful intercept requirements (s3i250083) | GSMA | LS in | Yes |
Yes
| noted | No | |||||
S3‑252524 | LS to SA WG1: Identifying a Roamed-In User’s Permanent Subscription Identity by the VPLMN | s3i250440 | LS in | Yes |
Yes
| noted | No | |||||
S3‑252525 | LS to SA WG1: Including a reference to TS 33.126 in TR 22.870 | s3i250441 | LS in | Yes |
Yes
| noted | No | |||||
S3‑252526 | LS to SA WG1: Fixed Wireless Access Stage 1 requirements needed for LI support | s3i250442 | LS in | Yes |
Yes
| noted | No | |||||
S3‑252536 | ProducerSnssaiList conditions and content | Nokia | CR | Yes |
Yes
| withdrawn | Yes | |||||
4 | Rel-19 and Maintenance (pre-Rel-19) |   | ||||||||||
4.1 | Work Items |   | ||||||||||
4.1.1 | Security Aspects of Ambient IoT Services in 5G | S3‑252726 | Resolution of EN’s concerning AIOT authentication and command protection. | Nokia | pCR | Approval | Yes |
Yes
| merged | No | S3‑252942 | |
S3‑252655 | update to authentication procedure | Huawei, HiSilicon, Lenovo | pCR | Approval | Yes |
Yes
| merged | No | S3‑252942 | |||
S3‑252848 | Authentication Procedure for Inventory Only | OPPO | pCR | Approval | Yes |
Yes
| merged | No | S3‑252942 | |||
S3‑252558 | Solution update on Authentication | vivo | pCR | Approval | Yes |
Yes
| merged | No | S3‑252942 | |||
S3‑252611 | Update the clause 5.2 Authentication procedure | ZTE Corporation | pCR | Approval | Yes |
Yes
| merged | No | S3‑252942 | |||
S3‑252827 | Pseudo-CR on Addressing EN in AIoT Authentication Procedure | Ericsson | pCR | Approval | Yes |
Yes
| merged | No | S3‑252942 | |||
S3‑252806 | Addressing Editor’s Notes in the authentication procedure | Qualcomm Incorporated | pCR | Approval | Yes |
Yes
| merged | No | S3‑252942 | |||
S3‑252807 | AIoT specific key bootstrapping procedure | Qualcomm Incorporated | pCR | Approval | Yes |
Yes
| merged | No | S3‑252942 | |||
S3‑252836 | Discussion on general procedure of inventory and command | CATT | discussion | Endorsement | Yes |
Yes
| merged | No | S3‑252942 | |||
S3‑252837 | pCR to TS33.369 Update authentication procedure | CATT | pCR | Approval | Yes |
Yes
| merged | No | S3‑252942 | |||
S3‑252852 | AIoT TS - Addressing EN on RES generation in Authentication procedure | Apple | pCR | Yes |
Yes
| merged | No | S3‑252942 | ||||
S3‑252853 | AIoT TS - Addressing EN on Authentication anchor in Authentication procedure | Apple | pCR | Yes |
Yes
| merged | No | S3‑252942 | ||||
S3‑252863 | Addressing ENs in AIoT authentication procedure | Beijing Xiaomi Mobile Software | pCR | Approval | Yes |
Yes
| noted | No | ||||
S3‑252942 | Addressing ENs in AIoT authentication procedure | Beijing Xiaomi Mobile Software | pCR | Approval | Yes |
Yes
| approved | No | S3‑252863 | |||
S3‑252865 | Clarification on the security for group inventory | Beijing Xiaomi Mobile Software | pCR | Approval | Yes |
Yes
| merged | No | S3‑252942 | |||
S3‑252847 | Authentication Procedure for Command | OPPO | pCR | Approval | Yes |
Yes
| merged | No | S3‑252942 | |||
S3‑252754 | Authentication during command procedure | Samsung | pCR | Approval | Yes |
Yes
| merged | No | S3‑252942 | |||
S3‑252812 | Adding a description of mutual authentication | Qualcomm Incorporated | pCR | Approval | Yes |
Yes
| merged | No | S3‑252942 | |||
S3‑252656 | update to the information protection procedure | Huawei, HiSilicon, Lenovo | pCR | Approval | Yes |
Yes
| revised | No | S3‑252943 | |||
S3‑252943 | update to the information protection procedure | Huawei, HiSilicon, Lenovo | pCR | Approval | Yes |
Yes
| approved | No | S3‑252656 | |||
S3‑252559 | Solution update on command protection | vivo | pCR | Approval | Yes |
Yes
| merged | No | S3‑252943 | |||
S3‑252612 | Update the clause 5.3.3 Input parameters to integrity algorithm | ZTE Corporation | pCR | Approval | Yes |
Yes
| merged | No | S3‑252943 | |||
S3‑252727 | Resolution of EN concerning fixed length ciphertext. | Nokia | pCR | Approval | Yes |
Yes
| merged | No | S3‑252943 | |||
S3‑252741 | Update clause 5.3 in TS 33.369 | OPPO | pCR | Approval | Yes |
Yes
| merged | No | S3‑252943 | |||
S3‑252755 | Resolving EN on KAIOTF key | Samsung | pCR | Approval | Yes |
Yes
| merged | No | S3‑252943 | |||
S3‑252811 | Updates on the command protection | Qualcomm Incorporated | pCR | Approval | Yes |
Yes
| merged | No | S3‑252943 | |||
S3‑252838 | pCR to TS33.369 Update communication procedure | CATT | pCR | Approval | Yes |
Yes
| merged | No | S3‑252943 | |||
S3‑252866 | Addressing ENs of replay attack | Beijing Xiaomi Mobile Software | pCR | Approval | Yes |
Yes
| merged | No | S3‑252943 | |||
S3‑252560 | Solution update on Privacy in individual and group inventory | vivo | pCR | Approval | Yes |
Yes
| merged | No | S3‑252944 | |||
S3‑252571 | Protection of AIoT device identifier privacy during group inventory | Sony, Lenovo | pCR | Approval | Yes |
Yes
| merged | No | S3‑252944 | |||
S3‑252595 | Resolve ENs in Option for Group Inventory Procedure based on filtering | OPPO | other | Approval | Yes |
Yes
| merged | No | S3‑252944 | |||
S3‑252605 | resolving ENs for group inventory | ZTE Corporation | pCR | Approval | Yes |
Yes
| merged | No | S3‑252944 | |||
S3‑252809 | Privacy protection of device ID in group inventory | Qualcomm Incorporated | pCR | Approval | Yes |
Yes
| revised | No | S3‑252944 | |||
S3‑252944 | Privacy protection of device ID in group inventory | Qualcomm Incorporated | pCR | Approval | Yes |
Yes
| approved | No | S3‑252809 | |||
S3‑252843 | pCR to TS33.369 Group inventory procedure | CATT | pCR | Approval | Yes |
Yes
| merged | No | S3‑252944 | |||
S3‑252572 | Protection of AIoT device identifier privacy during Individual inventory | Sony | pCR | Approval | Yes |
Yes
| revised | No | S3‑252946 | |||
S3‑252946 | Protection of AIoT device identifier privacy during Individual inventory | Sony | pCR | Approval | Yes |
YesShow of hands requested:
Hybrid solution?
Supports --> Lenovo, Sony, ORANGE, T-Mobile, NTT-Docomo, ZTE, Samsung, KPN, Thales, Nokia, IDC, Lenovo.
Doesn’t support --> Huawei, Qualcomm, OPPO, CATT, Ericsson
946 is noted.
| noted | No | S3‑252572 | |||
S3‑252596 | Resolve ENs in Option A Individual Inventory Procedure | OPPO | other | Approval | Yes |
Yes
| merged | No | S3‑252945 | |||
S3‑252597 | Resolve ENs in Option B.2 Individual Inventory + Command Procedure | OPPO | other | Approval | Yes |
Yes
| merged | No | S3‑252945 | |||
S3‑252606 | resolving ENs for individual inventory option A | ZTE Corporation | pCR | Approval | Yes |
Yes
| merged | No | S3‑252945 | |||
S3‑252808 | Privacy protection of device ID in individual inventory | Qualcomm Incorporated | pCR | Approval | Yes |
Yes
| revised | No | S3‑252945 | |||
S3‑252945 | Privacy protection of device ID in individual inventory | Sony | pCR | Approval | Yes |
Yes
| approved | No | S3‑252808 | |||
S3‑252845 | pCR to TS33.369 Privacy protection for individual inventory procedure | CATT | pCR | Approval | Yes |
Yes
| merged | No | S3‑252945 | |||
S3‑252904 | Note for guidance for the individual inventory procedure | Lenovo | pCR | Approval | Yes |
Yes
| merged | No | S3‑252945 | |||
S3‑252603 | Discussion on where to calculate a temp ID | ZTE Corporation | pCR | Discussion | Yes |
Yes
| noted | No | ||||
S3‑252604 | resolving EN on network assigned ID | ZTE Corporation | pCR | Approval | Yes |
Yes
| merged | No | S3‑252945 | |||
S3‑252731 | Resolving Outstanding Issues for Privacy of AIoT | vivo | discussion | Decision | Yes |
Yes
| noted | No | ||||
S3‑252756 | Structure of the Temporary ID | Samsung | pCR | Approval | Yes |
Yes
| noted | No | ||||
S3‑252779 | Reply LS on paging ID length | CATT | LS out | Approval | Yes |
Yes
| revised | No | S3‑252933 | |||
S3‑252933 | Reply LS on paging ID length | CATT | LS out | Approval | Yes |
Yes
| approved | No | S3‑252779 | |||
S3‑252561 | Reply LS on S3-252518 | vivo | LS out | Approval | Yes |
Yes
| merged | No | S3‑252933 | |||
S3‑252828 | Issues related to paging all devices, and concurrent paging procedures | Ericsson | discussion | Endorsement | Yes |
Yes
| noted | No | ||||
S3‑252829 | LS on Issues related to paging all devices, and concurrent paging procedures | Ericsson | LS out | Approval | Yes |
Yes
| noted | No | ||||
S3‑252613 | Update the scope | ZTE Corporation | pCR | Approval | Yes |
Yes
| merged | No | S3‑252934 | |||
S3‑252717 | Credential storage and processing of credentials | ORANGE, Thales | pCR | Approval | Yes |
Yes
| merged | No | S3‑252934 | |||
S3‑252728 | Correction of TS to reflect the guidance from SA plenary regarding credential storage and processing | Nokia | pCR | Approval | Yes |
YesDiscussion over whether the TR was ready for approval. ORANGE didn’t find it ready yet.
Once this document was approved, it was agreed to send the TR for approval.
| revised | No | S3‑253059 | |||
S3‑253059 | Correction of TS to reflect the guidance from SA plenary regarding credential storage and processing | Nokia | pCR | Approval | Yes |
Yes
| approved | No | S3‑252728 | |||
S3‑252753 | Resolving EN on credential storage | Samsung | pCR | Approval | Yes |
Yes
| merged | No | S3‑252934 | |||
S3‑252805 | Updates on storage and processing of credentials requirements on the device | Qualcomm Incorporated | pCR | Approval | Yes |
Yes
| merged | No | S3‑252934 | |||
S3‑252846 | pCR on alignment with SA plenary guidance in SP-250582 | NTT DOCOMO INC. | pCR | Approval | Yes |
Yes
| revised | No | S3‑252934 | |||
S3‑252934 | pCR on alignment with SA plenary guidance in SP-250582 | NTT DOCOMO INC. | pCR | Approval | Yes |
Yes
| approved | No | S3‑252846 | |||
S3‑252867 | Update to AIOT security aspects based on SA guidance | Beijing Xiaomi Mobile Software | pCR | Approval | Yes |
Yes
| merged | No | S3‑252934 | |||
S3‑252885 | PCR-Update clause 4.1 of TS 33.369 | China Mobile | pCR | Approval | Yes |
Yes
| revised | No | S3‑253051 | |||
S3‑253051 | PCR-Update clause 4.1 of TS 33.369 | China Mobile | pCR | Approval | Yes |
Yes
| approved | No | S3‑252885 | |||
S3‑252557 | Key separation requirements on the AIoT device | vivo | pCR | Approval | Yes |
Yes
| merged | No | S3‑252996 | |||
S3‑252657 | update to requirement on device | Huawei, HiSilicon, Lenovo | pCR | Approval | Yes |
Yes
| revised | No | S3‑252996 | |||
S3‑252996 | update to requirement on device | Huawei, HiSilicon, Lenovo | pCR | Approval | Yes |
Yes
| approved | No | S3‑252657 | |||
S3‑252729 | Resolution of EN’s concerning requirements for a random number generator. | Nokia | pCR | Approval | Yes |
Yes
| merged | No | S3‑252996 | |||
S3‑252792 | pCR to TS33.369 Update Requirements related to authentication between device and network | CATT | pCR | Approval | Yes |
Yes
| merged | No | S3‑252996 | |||
S3‑252810 | Updates on command protection in security requirements | Qualcomm Incorporated | pCR | Approval | Yes |
Yes
| merged | No | S3‑252996 | |||
S3‑252834 | pCR to TS33.369 Update Requirements for command protection | CATT | pCR | Approval | Yes |
Yes
| merged | No | S3‑252996 | |||
S3‑252835 | pCR to TS33.369 Update Requirements for identifier privacy | CATT | pCR | Approval | Yes |
Yes
| merged | No | S3‑252996 | |||
S3‑252840 | pCR on device identifier privacy requirement | NTT DOCOMO INC. | pCR | Approval | Yes |
Yes
| merged | No | S3‑252996 | |||
S3‑252855 | AIoT TS - Security Requirements for AIoT devices | Apple | pCR | Yes |
Yes
| merged | No | S3‑252996 | ||||
S3‑252857 | Update requirements on AIOT privacy | OPPO | pCR | Approval | Yes |
Yes
| merged | No | S3‑252996 | |||
S3‑252864 | Update to the requirements related to the authentication | Beijing Xiaomi Mobile Software | pCR | Approval | Yes |
Yes
| merged | No | S3‑252996 | |||
S3‑252878 | Security requirements to AIoT Device | OPPO | pCR | Approval | Yes |
Yes
| merged | No | S3‑252996 | |||
S3‑252886 | PCR-Update clause 4.2.1.4 of TS 33.369 | China Mobile | pCR | Approval | Yes |
Yes
| merged | No | S3‑252996 | |||
S3‑252592 | content to clause 4.2.2.1 requirement on authentication | OPPO | pCR | Approval | Yes |
Yes
| merged | No | S3‑252997 | |||
S3‑252608 | Update the clause 4.2.2 Requirements on the AIOTF | ZTE Corporation | pCR | Approval | Yes |
Yes
| revised | No | S3‑252997 | |||
S3‑252997 | Update the clause 4.2.2 Requirements on the AIOTF | ZTE Corporation | pCR | Approval | Yes |
Yes
| approved | No | S3‑252608 | |||
S3‑252658 | update to requirement on AIOTF | Huawei, HiSilicon, Lenovo | pCR | Approval | Yes |
Yes
| merged | No | S3‑252997 | |||
S3‑252854 | AIoT TS - Security Requirements for AIOTF | Apple | pCR | Yes |
Yes
| merged | No | S3‑252997 | ||||
S3‑252887 | PCR-Update clause 4.2.3 of TS 33.369 | China Mobile | pCR | Approval | Yes |
Yes
| revised | No | S3‑252998 | |||
S3‑252998 | PCR-Update clause 4.2.3 of TS 33.369 | China Mobile | pCR | Approval | Yes |
Yes
| approved | No | S3‑252887 | |||
S3‑252609 | Update the clause 4.2.3 Requirements on the ADM | ZTE Corporation | pCR | Approval | Yes |
Yes
| merged | No | S3‑252998 | |||
S3‑252659 | update to requirement on ADM | Huawei, HiSilicon, Lenovo | pCR | Approval | Yes |
Yes
| merged | No | S3‑252998 | |||
S3‑252844 | Security requirements to AIOT ADM | OPPO | pCR | Approval | Yes |
Yes
| merged | No | S3‑252998 | |||
S3‑252856 | AIoT TS - Security Requirements for ADM | Apple | pCR | Yes |
Yes
| merged | No | S3‑252998 | ||||
S3‑252610 | Update the clause 4.2.4 Security Requirements on the NG-RAN | ZTE Corporation | pCR | Approval | Yes |
Yes
| merged | No | S3‑252999 | |||
S3‑252660 | update to requirement on NG-RAN | Huawei, HiSilicon, Lenovo | pCR | Approval | Yes |
Yes
| merged | No | S3‑252999 | |||
S3‑252880 | Security requirements to AIoT NG RAN | OPPO | pCR | Approval | Yes |
Yes
| revised | No | S3‑252999 | |||
S3‑252999 | Security requirements to AIoT NG RAN | OPPO | pCR | Approval | Yes |
Yes
| approved | No | S3‑252880 | |||
S3‑252888 | PCR-Update clause 4.2.4 of TS 33.369 | China Mobile | pCR | Approval | Yes |
Yes
| merged | No | S3‑252999 | |||
S3‑252607 | abbr and edtorial update to TS 33.369 | ZTE Corporation | pCR | Approval | Yes |
Yes
| not treated | No | ||||
S3‑252661 | New clause for security related services | Huawei, HiSilicon, Lenovo | pCR | Approval | Yes |
Yes
| not treated | No | ||||
S3‑252909 | Outstanding Issues in AIoT | OPPO | discussion | Endorsement | Yes |
YesCMCC wanted to extend the scope to any kind of 5G private network.
ORANGE,NTT-Docomo: private networks in 3GPP are NPN.
The Chair proposed to make changes in the WID, TS and scope to reflect these changes. This was agreed.
AUTHENTICATION FOR THE INVENTORY PROCEDURE
There was a show of hands in the following options for authentication during the inventory procedure:
Root key:
Lenovo, CMCC, Sony,Apple, OPPO, Vivo,Xiaomi, Ericsson, Huawei, CATT, Nokia, Thales
Intermediate key:
NTT-Docomo, ZTE, Qualcomm, Phillips, KPN
The Chair suggested going for the Root Key option, and adding that there will be a single root key per UE per security domain.
On question 4: whether device generated RAND is needed during group inventory procedure. It was pointed out that there should be a distinction between individual inventory and group inventory.
Show of hands for group inventory:
Needed: CMCC, Phillips, Vivo, OPPO, Apple,Huawei, Nokia, Ericsson,Xiaomi, CATT,ZTE
Not needed: Sony, ORANGE, Thales, Lenovo.
On question 4: whether device generated RAND is needed for authentication during the inventory procedure. Individual inventory. Show of hands:
In favour: Lenovo, Phillips, Vivo, NTT-Docomo, Apple, Xiaomi, ZTE, OPPO, Qualcomm, Huawei, CATT, Ericsson
Against: ORANGE, Sony, Thales, CMCC.
The Chair suggested to go for using the RAND. Qualcomm sustained their objection.
On question 3: whether ADM or AIOTF performs RES comparison, the Chair proposed another show of hands.
ADM performs RES comparison: Sony, Xiaomi, Lenovo, CATT, Apple, Qualcomm.
AiOTF: CMCC, ORANGE, Vivo, OPPO, ZTE, Thales, Huawei, Ericsson, Nokia, Philips.
The Chair suggested going for the AiOTF performign the RES comparisons.
Question 2: RAND generated at the ADM or AiOTF.
ADM: NTT-Docomo, Lenovo, CMCC, OPPO, Vivo, Apple, Qualcomm, ORANGE, Thales, Ericsson, Huawei, CATT.
AiOTF: Sony, Xiaomi, ZTE.
The Chair suggested that the ADM generated the RAND.
AUTHENTICATION FOR THE COMMAND PROCEDURE
ORANGE: these questions aren't security specific, these are designed to choose a solution so let's vote o nthe solutions.
Question 2 show of hands: network authentication explicit or implicit?
Explicit: OPPO
Implicit: Sony, Huawei, Lenovo, Vivo, CMCC, CATT,Xiaomi, Samsung, Qualcomm, Ericsson.
The Chair suggested to have the network authentication implicit.This was the way forward.
Question 3: replay protection needed? SA3 assumes there is only one command. This was agreed.
Multiple command: it becomes too complex.
ID PROTECTION
Xiaomi: we should ask whether ID protection is supported or not.
Agreed questions beforehand:
Privacy protection needed to be specified in Rel-19?
Not needed --> Xiaomi, Huawei, ORANGE, OPPO
Needed to be specified and mandatory? Lenovo, NTT-Docomo, Sony, Ericsson
Needed and optional? ORANGE, CMCC, CATT,OPPO,Vivo, Samsung, ZTE, KPN, ORANGE, Thales, Huawei, Nokia. CATT, Qualcomm, Apple
The Chair suggested to specify privacy protection in Rel-19 and optional.
Question 1-->
Root key used for verifying temp ID? Lenovo, OPPO, Huawei, Sony, Nokia, CATT, CMCC, Phillips, Ericsson, Vivo, Qualcomm
Intermediate key? NTT-Docomo, ZTE, ORANGE
The Chair suggested to go for the root key. This was approved as way forward.
Question 2--> Huawei, Qualcomm commented that this wasn’t needed anymore.
Question 3--> Addressing scenario of multiple fake paging requests?
| noted | No | ||||
S3‑252507 | Reply LS on AIoT device identifier length | C4-252465 | LS in | Yes |
Yes
| noted | No | |||||
S3‑252515 | Reply to LS on power and energy consumption budget for security features in A-IoT | RP-251886 | LS in | Yes |
YesORANGE: RAN2 making decisions about AS security? This is up to SA3.
| noted | No | |||||
S3‑252520 | Reply LS on secure storage and processing of credentials for AIoT | ETSI TC SET | LS in | Yes |
Yes
| replied to | No | |||||
S3‑252522 | LS on AIoT device credentials storage | SP-250852 | LS in | Yes |
Yes
| noted | No | |||||
S3‑252593 | Resolve ENs on device security storage of credentials | OPPO | pCR | Approval | No |
Yes
| withdrawn | Yes | ||||
S3‑252730 | LS reply to LS on secure storage and processing of credentials for AIoT | Nokia | LS out | Approval | Yes |
Yes
| revised | No | S3‑252932 | |||
S3‑252932 | LS reply to LS on secure storage and processing of credentials for AIoT | Nokia | LS out | Approval | Yes |
Yes
| approved | No | S3‑252730 | |||
S3‑252889 | Update clause 4.2.2 of TS 33.369 | China Mobile | pCR | Approval | No |
Yes
| withdrawn | Yes | ||||
S3‑252935 | Revised WID AmbientIoT-SEC | OPPO | WID revised | Agreement | Yes |
Yes
| agreed | No | ||||
S3‑252941 | Draft TS 33.369 | OPPO | draft TS | Approval | No |
Yes
| email approval | No | ||||
S3‑253047 | Reply LS on security parameter in paging request message | R2-2506465 | LS in | discussion | Yes |
Yes
| noted | No | ||||
S3‑253060 | Cover sheet TS 33.369 | OPPO | TS or TR cover | Approval | Yes |
Yes
| approved | No | ||||
4.1.2 | All other WIs (not listed above) | S3‑252614 | Update the description of the Femto architecture | ZTE | CR | Agreement | Yes |
Yes
| agreed | No | ||
S3‑252646 | Figure 4.1.1 updates missing from CR S3-252011 | Nokia | CR | Agreement | Yes |
Yes
| agreed | No | ||||
S3‑252688 | Editorial change to clause 5.1 in TS 33544 | Huawei, HiSilicon | CR | Approval | Yes |
Yes
| agreed | No | ||||
S3‑252736 | Remove duplicated descriptions about authorization in multi-hop relay | China Telecom | CR | Yes |
YesIssues on the cover page.
| revised | No | S3‑252969 | ||||
S3‑252969 | Remove duplicated descriptions about authorization in multi-hop relay | China Telecom | CR | - | Yes |
Yes
| agreed | No | S3‑252736 | |||
S3‑252839 | Revision of two errors in TS 33.501 | China Mobile Com. Corporation | CR | Approval | Yes |
Yes
| agreed | No | ||||
S3‑252842 | Processing and storage capabilities on board satellites | Thales | CR | Agreement | Yes |
YesT-Mobile: remove the "may" as it sounds normative.
| revised | No | S3‑252936 | |||
S3‑252936 | Processing and storage capabilities on board satellites | Thales | CR | Agreement | Yes |
Yes
| agreed | No | S3‑252842 | |||
S3‑252747 | Correction of PKIHeader | Ericsson | CR | Agreement | Yes |
Yes
| agreed | No | ||||
S3‑252749 | Correction of PKIHeader | Ericsson | CR | Agreement | Yes |
Yes
| agreed | No | ||||
S3‑252573 | IANA registration information for ACME | Google Korea LLC | CR | Approval | Yes |
Yes
| revised | No | S3‑252937 | |||
S3‑252937 | IANA registration information for ACME | Google Korea LLC | CR | Approval | Yes |
Yes
| agreed | No | S3‑252573 | |||
S3‑252662 | Clarification on X.12 | Huawei, HiSilicon | CR | Agreement | Yes |
Yes
| revised | No | S3‑252938 | |||
S3‑252938 | Clarification on X.12 | Huawei, HiSilicon | CR | Agreement | Yes |
Yes
| agreed | No | S3‑252662 | |||
S3‑252833 | Supplement to TS 33.501: privacy-preserving sample alignment for VFL participants via NEF | China Mobile Com. Corporation | CR | Approval | Yes |
YesEricsson disagreed: this maintenance CR is introducing a new solution for a study that was closed. Nokia supported this.
Huawei: not a correction.
ZTE,Vivo: not needed.
| not pursued | No | ||||
S3‑252535 | Reference update | Nokia | CR | Yes |
Yes
| agreed | No | |||||
S3‑252631 | Removing EN in clause 6.5.3.4 of TS 33.122 | Huawei, HiSilicon | CR | Agreement | Yes |
YesNokia didn’t agree with removing the Ens.
| revised | No | S3‑252939 | |||
S3‑252939 | Removing EN in clause 6.5.3.4 of TS 33.122 | Huawei, HiSilicon | CR | Agreement | Yes |
Yes
| agreed | No | S3‑252631 | |||
S3‑252782 | Security of Open Discover Service APIs Procedure | Ericsson | CR | Agreement | Yes |
YesHuawei: never discussed in the study, we need a WID for this. We finished the CAPIF WID already.
Lenovo agreed that this wasn't studied at all.
Xiaomi: move this to CAPIF phase 4.
| not pursued | No | ||||
S3‑252862 | Resolve EN related to purpose of data processing | Xiaomi, Nokia | CR | Agreement | Yes |
Yes
| merged | No | S3‑252939 | |||
S3‑252876 | Updating tables for token claims and access token request | Ericsson | CR | Agreement | Yes |
YesNokia: I want to see alignment with CT3.
| revised | No | S3‑252940 | |||
S3‑252940 | Updating tables for token claims and access token request | Ericsson | CR | Agreement | Yes |
Yes
| agreed | No | S3‑252876 | |||
S3‑252877 | Clarification on interaction with the resource owner | Ericsson, AT&T | CR | Agreement | Yes |
YesHuawei disagreed with this change.
Lenovo: this is not clarifying the issue.
Nokia: if the update is needed, let's do it in phase 4.
| not pursued | No | ||||
S3‑252814 | Mandating AEAD ciphersuites for TLS 1.2 | Qualcomm Incorporated | CR | Agreement | Yes |
YesPhillips had issues with this and the following CRs on the subject.
Ericsson also had issues and proposed to postpone to have more time to analyse it.
| not pursued | No | ||||
S3‑252815 | Addressing ambiguities in clause 6.2.3 | Qualcomm Incorporated | CR | Agreement | Yes |
Yes
| not pursued | No | ||||
S3‑252816 | Addressing ambiguities in clause 6.2.3 | Qualcomm Incorporated | CR | Agreement | Yes |
Yes
| not pursued | No | ||||
S3‑252817 | Addressing ambiguities in clause 6.2.3 | Qualcomm Incorporated | CR | Agreement | Yes |
Yes
| not pursued | No | ||||
S3‑252553 | Clarification on N6 delay measurement security | Ericsson | CR | Agreement | Yes |
YesConcerns from Niokia. Out of scope of what was done in the study.
| not pursued | No | ||||
S3‑252891 | Security of IMS avatar communication - receiving UE ID verification | Philips International B.V. | draftCR | Approval | Yes |
Yes
| noted | No | ||||
S3‑252892 | Security of IMS avatar communication - providing the authorization token to the receiving UE | Philips International B.V. | draftCR | Approval | Yes |
Yes
| revised | No | S3‑253056 | |||
S3‑253056 | Security of IMS avatar communication - providing the authorization token to the receiving UE | Philips International B.V. | draftCR | Approval | Yes |
Yes
| approved | No | S3‑252892 | |||
S3‑252894 | Living document for NG_RTC_SEC_Ph2: draftCR to TS 33.328, Security of IMS avatar communication | Ericsson, Huawei, HiSilicon, Nokia, Nokia Shanghai Bell, Philips International B.V. | draftCR | Approval | Yes |
Yes
| revised | No | S3‑253057 | |||
S3‑253057 | Living document for NG_RTC_SEC_Ph2: draftCR to TS 33.328, Security of IMS avatar communication | Ericsson, Huawei, HiSilicon, Nokia, Nokia Shanghai Bell, Philips International B.V. | draftCR | Approval | No |
Yes
| email approval | No | S3‑252894 | |||
S3‑252653 | Security handling where CU is acting as MN and SN is unchanged | Huawei, HiSilicon | CR | Approval | Yes |
Yes
| agreed | No | ||||
S3‑252654 | editorial change and alignment to LTM procedure | Huawei, HiSilicon | CR | Approval | Yes |
Yes
| revised | No | S3‑252947 | |||
S3‑252947 | editorial change and alignment to LTM procedure | Huawei, HiSilicon | CR | Approval | Yes |
Yes
| agreed | No | S3‑252654 | |||
S3‑252738 | NSCI handling during LTM procedure | LG Electronics | CR | Approval | Yes |
Yes
| agreed | No | ||||
S3‑252739 | Clarification on handling mismatch of security capabilities | LG Electronics | CR | Approval | Yes |
Yes
| merged | No | S3‑252947 | |||
S3‑252751 | Correction to security mechanism and procedures for L1/L2 Triggered Mobility | Samsung | CR | Agreement | Yes |
Yes
| revised | No | S3‑252948 | |||
S3‑252948 | Correction to security mechanism and procedures for L1/L2 Triggered Mobility | Samsung | CR | Agreement | Yes |
Yes
| agreed | No | S3‑252751 | |||
S3‑252752 | Revised WID on security aspects of NR mobility enhancement | Samsung | WID revised | Approval | Yes |
Yes
| noted | No | ||||
S3‑252787 | Modification on the description of Nnrf_AccessToken_RetrieveKey Service Operation | Huawei, HiSilicon | CR | Agreement | Yes |
YesNokia proposed to reword the definition instead.
Ericsson didn’t agree with the CR.
| revised | No | S3‑252949 | |||
S3‑252949 | Modification on the description of Nnrf_AccessToken_RetrieveKey Service Operation | Huawei, HiSilicon | CR | Agreement | No |
Yes
| not pursued | No | S3‑252787 | |||
S3‑252917 | Firmware/BIOS acces to Privileged Users | Department of Telecom | CR | Approval | Yes |
YesEricsson didn’t agree with this change.
| not pursued | No | ||||
S3‑252974 | Firmware/BIOS acces to Privileged Users | Department of Telecom | draftCR | Approval | Yes |
Yes
| approved | No | ||||
S3‑252803 | Correcting the RRC replay test case to remove the UP packets text | Qualcomm Incorporated | CR | Agreement | Yes |
YesTdoc 588 (MITRE) made a similar change for Rel-20.
| revised | No | S3‑252950 | |||
S3‑252950 | Correcting the RRC replay test case to remove the UP packets text | Qualcomm Incorporated | CR | Agreement | Yes |
Yes
| agreed | No | S3‑252803 | |||
S3‑252804 | Correcting the UP replay test case to remove the response messages | Qualcomm Incorporated | CR | Agreement | Yes |
Yes
| revised | No | S3‑252951 | |||
S3‑252951 | Correcting the UP replay test case to remove the response messages | Qualcomm Incorporated | CR | Agreement | Yes |
Yes
| agreed | No | S3‑252804 | |||
S3‑252541 | Revision of TS 33.326 Rel 17 | T-Mobile USA Inc., Ericson | CR | Approval | Yes |
Yes
| not pursued | No | ||||
S3‑252542 | Revision of TS 33.326 Rel 18 | T-Mobile USA Inc. | CR | Approval | Yes |
YesHuawei preferred to see this in Rel-18 only.
| agreed | No | ||||
S3‑252582 | Correct mutual authentication requirement | MITRE-FFRDC | CR | Approval | Yes |
YesHuawei didn’t find this necessary.
| revised | No | S3‑252952 | |||
S3‑252952 | Correct mutual authentication requirement | MITRE-FFRDC | CR | Approval | Yes |
Yes
| agreed | No | S3‑252582 | |||
S3‑252796 | Ensuring the AMF selects an algorithm supported by the UE | Qualcomm Incorporated | CR | Agreement | Yes |
YesEricsson: impact on stage 3?
Huawei: we are not in favour of touching this old text unless there is confusion in stage 3. Otherwise, they suggested a rewording.
| revised | No | S3‑252953 | |||
S3‑252953 | Ensuring the AMF selects an algorithm supported by the UE | Qualcomm Incorporated | CR | Agreement | Yes |
Yes
| agreed | No | S3‑252796 | |||
S3‑252797 | Clarifications for the AS algorithm selection text | Qualcomm Incorporated | CR | Agreement | Yes |
Yes
| revised | No | S3‑252954 | |||
S3‑252954 | Clarifications for the AS algorithm selection text | Qualcomm Incorporated | CR | Agreement | Yes |
Yes
| agreed | No | S3‑252797 | |||
S3‑252798 | Correcting the message names in the inactive to connected state change | Qualcomm Incorporated | CR | Agreement | Yes |
Yes
| agreed | No | ||||
S3‑252799 | Correct the keynames in clause 6.9.4.1 | Qualcomm Incorporated | CR | Agreement | Yes |
Yes
| agreed | No | ||||
S3‑252800 | Correcting the storage of EPS NAS algorithms | Qualcomm Incorporated | CR | Agreement | Yes |
Yes
| not pursued | No | ||||
S3‑252801 | Clarifying algorithm selection in clause 8.4.2 | Qualcomm Incorporated | CR | Agreement | Yes |
Yes
| not pursued | No | ||||
S3‑252802 | Clarifying the handling of the selected EPS NAS algorithms | Qualcomm Incorporated | CR | Agreement | Yes |
Yes
| not pursued | No | ||||
S3‑252823 | JWS profile requirements alignment by use case | Ericsson | CR | Agreement | Yes |
Yes
| revised | No | S3‑252955 | |||
S3‑252955 | JWS profile requirements alignment by use case | Ericsson | CR | Agreement | Yes |
Yes
| agreed | No | S3‑252823 | |||
S3‑252824 | New JWS profile for access tokens | Ericsson | CR | Agreement | Yes |
YesHuawei: x5t is not mentioned anywhere in 3GPP. We don’t agree with it.
NCSC: we can introduce it and mention it.
| merged | No | S3‑252955 | |||
S3‑252825 | JWE profile requirements alignment by use case | Ericsson | CR | Agreement | Yes |
Yes
| revised | No | S3‑253033 | |||
S3‑253033 | JWE profile requirements alignment by use case | Ericsson | CR | Agreement | Yes |
Yes
| agreed | No | S3‑252825 | |||
S3‑252826 | Remove duplicate JWE requirements for N32 interface | Ericsson | CR | Agreement | Yes |
Yes
| revised | No | S3‑253034 | |||
S3‑253034 | Remove duplicate JWE requirements for N32 interface | Ericsson | CR | Agreement | Yes |
Yes
| agreed | No | S3‑252826 | |||
S3‑252924 | Alignment CR for UPU Header Security | Lenovo | CR | Approval | Yes |
YesEricsson: we usually don’t refer to stage 3. If it's taken care of over there we don’t refer to them.
| revised | No | S3‑252926 | |||
S3‑252926 | Alignment CR for UPU Header Security | Lenovo | CR | Approval | Yes |
Yes
| not pursued | No | S3‑252924 | |||
S3‑252529 | XRM IANA Label registration removal | Nokia | CR | Yes |
YesEricsson didn’t agree with these changes.
| not pursued | No | |||||
S3‑252530 | Forwarding Action Rule procedure correction | Nokia | CR | Yes |
YesEricsson commented that it should be AS instead of AF. They suggested some rewording.
| revised | No | S3‑253058 | ||||
S3‑253058 | Forwarding Action Rule procedure correction | Nokia | CR | - | Yes |
Yes
| agreed | No | S3‑252530 | |||
S3‑252544 | [33.180] Terminology alignment on Logging, Recording, Replay and Discreet Monitoring | Airbus | CR | Approval | No |
Yes
| withdrawn | Yes | ||||
S3‑252734 | Remove duplicated descriptions about authorization in multi-hop relay | China Telecommunications Corp. | CR | Yes |
Yes
| withdrawn | Yes | |||||
S3‑253055 | Security of IMS avatar communication | Ericsson | CR | Agreement | No |
Yes
| email approval | No | ||||
4.2 | Study Items |   | ||||||||||
4.2.1 | Study on security Aspect of Ambient IoT Services in 5G | S3‑252716 | Revision of two errors in TR 33.713 | China Mobile Com. Corporation | pCR | Approval | Yes |
Yes
| approved | No | ||
S3‑252905 | AIoT TR Disclaimer | OPPO, Thales, Orange | pCR | Approval | Yes |
Yes
| approved | No | ||||
S3‑252906 | AIoT TR Clean Up | OPPO | pCR | Approval | Yes |
YesMCC: reword "expected", as the document is finished.
Remove references to SA2 and refer to their TR instead.
ORANGE: no further evaluation is done instead of not addressed.
These changes will be incorporated in the next version of the TR.
| approved | No | ||||
S3‑252907 | Cover for TR 33.713 | OPPO | TS or TR cover | Approval | Yes |
Yes
| revised | No | S3‑253000 | |||
S3‑253000 | Cover for TR 33.713 | OPPO | TS or TR cover | Approval | Yes |
Yes
| approved | No | S3‑252907 | |||
S3‑253001 | Draft TR 33.713 | OPPO | draft TR | Approval | Yes |
Yes
| approved | No | ||||
4.2.2 | All other SIs (not listed above) | S3‑252599 | Editoral change of clause 6.5.1 and add a title for clause 6.6.2 | OPPO, Samsung | CR | Approval | Yes |
Yes
| agreed | No | ||
S3‑252735 | Supplementing TR 33.938 with the SRTP Security Protocol | China Mobile Com. Corporation | CR | Approval | Yes |
YesMCC commented that the SID was over and no new content was allowed. It was agreed that this could go as a correction instead of introduction of a new feature. Some corrections were also suggested to the cover page.
Nokia: remove last line.
Huawei commented that the content should follow the template used in the TR. Tables should also be added.
It was commented that TS 33.328 should be marked as a 5G specification in the Portal.
| not pursued | No | ||||
S3‑252765 | Revision of two errors in TR 33.700-22 | China Mobile Com. Corporation | CR | Approval | Yes |
Yes
| revised | No | S3‑253035 | |||
S3‑253035 | Revision of two errors in TR 33.700-22 | China Mobile Com. Corporation | CR | Approval | Yes |
Yes
| agreed | No | S3‑252765 | |||
S3‑252783 | Reorder table rows alphabetically in TR 33.938 | Huawei, HiSilicon | CR | Agreement | Yes |
Yes
| merged | No | S3‑253036 | |||
S3‑252784 | Editorial changes to TR 33.938 | Huawei, HiSilicon | CR | Agreement | Yes |
Yes
| revised | No | S3‑253036 | |||
S3‑253036 | Adding references, formatting tables and providing corrections to 4.2.12 for TR 33.938 | Huawei, HiSilicon | CR | Agreement | Yes |
Yes
| agreed | No | S3‑252784 | |||
S3‑252785 | Adding MOBILE protocol to the inventory list | Huawei, HiSilicon | CR | Agreement | Yes |
Yes
| not pursued | No | ||||
S3‑252786 | Revision of two errors in TR 33.790 | China Mobile Com. Corporation | CR | Approval | Yes |
Yes
| agreed | No | ||||
S3‑252818 | Adding missing references in 33.938 | Qualcomm Incorporated | CR | Agreement | Yes |
Yes
| merged | No | S3‑253036 | |||
S3‑252819 | Minor Typos and Consistency-related Edits | Qualcomm Incorporated | CR | Agreement | Yes |
Yes
| merged | No | S3‑253036 | |||
S3‑252851 | Revise the description on “SMS over NAS” | Apple, Nokia | CR | Yes |
Yes
| merged | No | S3‑253036 | ||||
S3‑253049 | Revise the description on “SMS over NAS” | Apple, Nokia | other | - | No |
Yes
| withdrawn | Yes | ||||
5 | Rel-20 topics |   | ||||||||||
5.1 | Work Items (Approved) |   | ||||||||||
5.1.1 | Security related Events Handling | S3‑252547 | Security related Events Handling | VODAFONE | draft TS | Approval | Yes |
Yes
| approved | No | ||
S3‑252548 | Security related Events Handling Overview | Vodafone, Verizon, T-Mobile US, CMCC, NTT DOCOMO, Telecom Italia, AT&T, BT, Charter Communications, Deutsche Telekom | pCR | Approval | Yes |
YesEricsson: management uses SBMA, not SBA.The caption of the figure reads that this is an example, it could be interpreted as a normative figure; it should be put in an Annex or adding a clarification.
| revised | No | S3‑252992 | |||
S3‑252992 | Security related Events Handling Overview | Vodafone, Verizon, T-Mobile US, CMCC, NTT DOCOMO, Telecom Italia, AT&T, BT, Charter Communications, Deutsche Telekom | pCR | Approval | Yes |
Yes
| approved | No | S3‑252548 | |||
S3‑252549 | pCR to TS 33.502 - Collection requirements for Security related Events | China Mobile, AT&T, Vodafone, T-Mobile US, NTT DOCOMO, BT, Verizon, Telecom Italia, Charter Communications, Deutsche Telekom | pCR | Approval | Yes |
YesHuawei: implementation specific and ambiguous.Merge in 993.
| merged | No | S3‑252993 | |||
S3‑252550 | pCR to TS 33.502 - Configuration requirements for Security related Events | Vodafone, Verizon, T-Mobile US, CMCC, NTT DOCOMO, Telecom Italia, AT&T, BT, Charter Communications, Deutsche Telekom | pCR | Approval | Yes |
YesHuawei: we prefer to wait for configuration aspects to be clarified by SA5.
| revised | No | S3‑252994 | |||
S3‑252994 | pCR to TS 33.502 - Configuration requirements for Security related Events | Vodafone, Verizon, T-Mobile US, CMCC, NTT DOCOMO, Telecom Italia, AT&T, BT, Charter Communications, Deutsche Telekom | pCR | Approval | Yes |
Yes
| approved | No | S3‑252550 | |||
S3‑252551 | pCR to TS 33.502 - General requirements for Security related Events | China Mobile, AT&T, Vodafone, T-Mobile US, NTT DOCOMO, BT, Verizon, Telecom Italia, Charter Communications, Deutsche Telekom | pCR | Approval | Yes |
Yes
| revised | No | S3‑252993 | |||
S3‑252993 | pCR to TS 33.502 - General requirements for Security related Events | China Mobile, AT&T, Vodafone, T-Mobile US, NTT DOCOMO, BT, Verizon, Telecom Italia, Charter Communications, Deutsche Telekom | pCR | Approval | Yes |
Yes
| approved | No | S3‑252551 | |||
S3‑252552 | pCR to TS 33.502 - Delivery requirements for Security related Events | Vodafone, Verizon, T-Mobile US, CMCC, NTT DOCOMO, Telecom Italia, AT&T, BT, Charter Communications, Deutsche Telekom | pCR | Approval | Yes |
Yes
| revised | No | S3‑252995 | |||
S3‑252995 | pCR to TS 33.502 - Delivery requirements for Security related Events | Vodafone, Verizon, T-Mobile US, CMCC, NTT DOCOMO, Telecom Italia, AT&T, BT, Charter Communications, Deutsche Telekom | pCR | Approval | Yes |
Yes
| approved | No | S3‑252552 | |||
S3‑252725 | pCR for security related events requirements in TS 33.502 | China Telecom Corporation Ltd. | pCR | Approval | Yes |
YesEricsson: configuration capability term is unclear.
| merged | No | S3‑252994 | |||
S3‑252895 | Pseudo-CR on security related event requirements | Ericsson | pCR | Approval | Yes |
YesHuawei: better not to start numbering requirements, we don’t do this.
Vodafone:security related events, don't mention event logs.
Vodafone: let's split the content. First requirement in 993, second in 994 and third requirement in the revision of 552.
| merged | No | S3‑252994 | |||
S3‑252896 | Pseudo-CR on protection of security related events | Ericsson | pCR | Approval | Yes |
Yes
| merged | No | S3‑252995 | |||
S3‑252923 | pCR for TS 33.502 - Security related Events Requirement for Retention | IIT Bombay | pCR | Approval | Yes |
YesHuawei: it's too implementation specific. SA5 will be looking into this. I propose to wait and learn more about the configuration without speculating how SA5 is going to do this.
| merged | No | S3‑252994 | |||
S3‑252913 | pCR to TS 33.502 - Security related Events for Reconnaissance | IIT Bombay | pCR | Approval | Yes |
YesHuawei: too much content and mixing up concepts. This is going a bit beyond the scope of the WID (TLS handshake is not in scope).
| noted | No | ||||
S3‑252914 | pCR to TS 33.502 - Security related Events for Patch Updates | IIT Bombay | pCR | Approval | Yes |
YesEricsson wasn’t sure that this was in scope of the WID.Huawei agreed.
| noted | No | ||||
S3‑252915 | pCR to TS 33.502 - Security related Events for Authorization and Authentication | IIT Bombay | pCR | Approval | Yes |
Yes
| noted | No | ||||
S3‑252750 | Security related events for API security risks | Nokia | pCR | Approval | Yes |
YesHuawei: out of scope of the WID.Ericsson supported this comment.
| noted | No | ||||
S3‑252627 | pCR for security related events requirements in TS 33.502 | China Telecom Corporation Ltd. | pCR | Yes |
Yes
| withdrawn | Yes | |||||
S3‑252991 | Draft TS 33.502 | Vodafone | draft TS | Approval | No |
Yes
| email approval | No | ||||
5.1.2 | New WID on Mission Critical security | S3‑252676 | Clarification about security for MC over IOPS | Huawei, HiSilicon | CR | Agreement | Yes |
Yes
| revised | No | S3‑253002 | |
S3‑253002 | Clarification about security for MC over IOPS | Huawei, HiSilicon | CR | Agreement | No |
YesPostponed to the next meeting.
| not pursued | No | S3‑252676 | |||
S3‑252788 | Providing additional clarifications on MCData for Overview, Key management and One to-one- Communications subclauses based on TS 23.280 | Huawei, HiSilicon | CR | Approval | Yes |
Yes
| revised | No | S3‑252985 | |||
S3‑252985 | Providing additional clarifications on MCData for Overview, Key management and One to-one- Communications subclauses based on TS 23.280 | Huawei, HiSilicon | CR | Approval | Yes |
Yes
| agreed | No | S3‑252788 | |||
S3‑252789 | Adding a new subclause on Private One-to-One and Point-to-Point MCData communications to the MCData clause | Huawei, HiSilicon | CR | Approval | Yes |
Yes
| revised | No | S3‑252986 | |||
S3‑252986 | Adding a new subclause on Private One-to-One and Point-to-Point MCData communications to the MCData clause | Huawei, HiSilicon | CR | Approval | Yes |
Yes
| agreed | No | S3‑252789 | |||
5.1.3 | New WID on Security Assurance Specification for 5G-Advanced | S3‑252579 | Add test case on access token subject verification | MITRE-FFRDC, US National Security Agency | CR | Approval | Yes |
Yes
| not pursued | No | ||
S3‑253015 | Add test case on access token subject verification | MITRE-FFRDC, US National Security Agency | other | Approval | Yes |
YesThe content will be merged into the living document.
| approved | No | ||||
S3‑252580 | Add a threat on access token subject verification | MITRE-FFRDC, US National Security Agency | CR | Approval | Yes |
YesContent is agreed and will go to the draft C in S3-253017.
| not pursued | No | ||||
S3‑252581 | Discussion on update of SCAS access token verification | MITRE-FFRDC | discussion | Discussion | Yes |
Yes
| noted | No | ||||
S3‑252583 | Update TC on account protection | MITRE-FFRDC, Deutsche Telekom, BSI (DE) | CR | Approval | Yes |
Yes
| not pursued | No | ||||
S3‑252584 | Correct test case on GTP filtering | MITRE-FFRDC, Deutsche Telekom, BSI (DE) | CR | Approval | Yes |
YesContent is agreed and merged in to the draft CR.
| not pursued | No | ||||
S3‑252585 | Update TC on unnecessary services to include SS7 and SIGTRAN | MITRE-FFRDC, Deutsche Telekom, BSI (DE) | CR | Approval | Yes |
YesContent is agreed and merged in to the draft CR.
| not pursued | No | ||||
S3‑252586 | Update TC on Security event logging to include sensitive file access | MITRE-FFRDC, Deutsche Telekom, BSI (DE) | CR | Approval | Yes |
Yes
| not pursued | No | ||||
S3‑252587 | Update TC on restricted reachability of services | MITRE-FFRDC | CR | Approval | Yes |
Yes
| revised | No | S3‑253018 | |||
S3‑253018 | Update TC on restricted reachability of services | MITRE-FFRDC | CR | Approval | Yes |
YesContent is agreed and merged in to the draft CR.
| not pursued | No | S3‑252587 | |||
S3‑252588 | Correction of TC on gNB replay protection | MITRE-FFRDC | CR | Approval | Yes |
Yes
| merged | No | S3‑252950 | |||
S3‑252696 | Clarification on SMP | China Telecommunications Corp.,CAICT | CR | Approval | Yes |
Yes
| withdrawn | Yes | ||||
S3‑252697 | Clarification on expected results for synchronization failure handling | China Telecom, CAICT | CR | Approval | Yes |
YesConverted into a living document in 3019.
| not pursued | No | ||||
S3‑253019 | Living document TS 33.512 SCAS | Huawei | draftCR | Approval | No |
Yes
| email approval | No | ||||
S3‑252698 | Adding NOTE to web server tests related to configuration files | BSI (DE) | CR | Approval | Yes |
Yes
| revised | No | S3‑253020 | |||
S3‑253020 | Adding NOTE to web server tests related to configuration files | BSI (DE) | CR | Approval | Yes |
YesContent is agreed and merged into the draft CR.
| not pursued | No | S3‑252698 | |||
S3‑252699 | Clarification of TC_IE_VALUE_FORMAT | BSI (DE), Montsecure | CR | Approval | Yes |
Yes
| revised | No | S3‑253021 | |||
S3‑253021 | Clarification of TC_IE_VALUE_FORMAT | BSI (DE), Montsecure | CR | Approval | Yes |
YesContent is agreed and merged into the draft CR.
| not pursued | No | S3‑252699 | |||
S3‑252700 | Clarification of HTTP response codes for TC_NO_UNUSED_HTTP_METHODS | BSI (DE), Montsecure | CR | Approval | Yes |
Yes
| not pursued | No | ||||
S3‑252701 | Correction of test names and references in 33.216 | BSI (DE) | CR | Approval | Yes |
Yes
| revised | No | S3‑253022 | |||
S3‑253022 | Correction of test names and references in 33.216 | BSI (DE) | CR | Approval | Yes |
YesCotent will be merged into the draft CR.
| not pursued | No | S3‑252701 | |||
S3‑252702 | Adaption of test steps according to requirements in 33.216 | BSI (DE) | CR | Approval | Yes |
YesContent merged into the living document
| not pursued | No | ||||
S3‑252703 | Correction of references in 33.511 | BSI (DE) | CR | Approval | Yes |
YesContent merged into the living document.
| not pursued | No | ||||
S3‑252704 | Clarification of TC_SYNC_FAIL_SEAF_AMF | BSI (DE), Montsecure | CR | Approval | Yes |
YesContent merged into the living document.
| not pursued | No | ||||
S3‑252705 | Add test cases to ensure protection of initial NAS message in registration procedure | BSI (DE), Montsecure | CR | Approval | Yes |
Yes
| revised | No | S3‑252893 | |||
S3‑252706 | Add test case that verifies if the AUSF processes RES* failures correctly | BSI (DE), Montsecure | CR | Approval | Yes |
Yes
| not pursued | No | ||||
S3‑252707 | Add threat description about the implications of the AUSF not validating RES* correctly | BSI (DE), Montsecure | CR | Approval | Yes |
Yes
| not pursued | No | ||||
S3‑252708 | New NRF test case for validating timestamp of CCA | BSI (DE), Montsecure | CR | Approval | Yes |
Yes
| not pursued | No | ||||
S3‑253026 | New NRF test case for validating timestamp of CCA | BSI (DE), Montsecure | other | Approval | Yes |
Yes
| approved | No | ||||
S3‑252709 | Add additional TLS tests to TC_CP_AUTH_AF_NEF | BSI (DE) | CR | Approval | Yes |
Yes
| not pursued | No | ||||
S3‑252718 | Clarification on SMP | China Telecom, CAICT | CR | Approval | Yes |
Yes
| revised | No | S3‑253028 | |||
S3‑253028 | Clarification on SMP | China Telecom, CAICT | CR | Approval | Yes |
YesMerged into the living document,
| not pursued | No | S3‑252718 | |||
S3‑252771 | Corrections to 33.513 based on GSMA NESASG agreements | Huawei, HiSilicon, CAICT | draftCR | Approval | Yes |
Yes
| revised | No | S3‑253029 | |||
S3‑253029 | Corrections to 33.513 based on GSMA NESASG agreements | Huawei, HiSilicon, CAICT | draftCR | Approval | Yes |
Yes
| approved | No | S3‑252771 | |||
S3‑252772 | Corrections to 33.514 based on GSMA NESASG agreements | Huawei, HiSilicon, CAICT | draftCR | Approval | Yes |
Yes
| revised | No | S3‑253030 | |||
S3‑253030 | Corrections to 33.514 based on GSMA NESASG agreements | Huawei, HiSilicon, CAICT | draftCR | Approval | Yes |
Yes
| approved | No | S3‑252772 | |||
S3‑252773 | Distinguishing headings and rephrasing to 33.514 based on GSMA NESASG agreements | Huawei, HiSilicon, CAICT | draftCR | Approval | Yes |
Yes
| revised | No | S3‑253031 | |||
S3‑253031 | Distinguishing headings and rephrasing to 33.514 based on GSMA NESASG agreements | Huawei, HiSilicon, CAICT | draftCR | Approval | Yes |
Yes
| approved | No | S3‑252773 | |||
S3‑252774 | Corections to 33.512 based on GSMA NESASG agreements | Huawei, HiSilicon, CAICT | draftCR | Approval | Yes |
Yes
| revised | No | S3‑253032 | |||
S3‑253032 | Corections to 33.512 based on GSMA NESASG agreements | Huawei, HiSilicon, CAICT | draftCR | Approval | Yes |
Yes
| approved | No | S3‑252774 | |||
S3‑252775 | Introducing the threat to AMF which was approved but not implemented in 33.926 | Huawei, HiSilicon, CAICT | draftCR | Approval | Yes |
Yes
| revised | No | S3‑253017 | |||
S3‑253017 | Living document for TR 33.926 | Huawei, HiSilicon, CAICT | draftCR | Approval | No |
Yes
| email approval | No | S3‑252775 | |||
S3‑252893 | Add test cases to ensure protection of initial NAS message in registration procedure | BSI (DE), Montsecure | CR | Approval | Yes |
Yes
| revised | No | S3‑253025 | S3‑252705 | ||
S3‑253025 | Add test cases to ensure protection of initial NAS message in registration procedure | BSI (DE), Montsecure | CR | Approval | Yes |
YesContent merged into the living document.
| not pursued | No | S3‑252893 | |||
S3‑253016 | Draft CR on SCAS Rel-20 TS 33.117 | Huawei | draftCR | Approval | No |
Yes
| email approval | No | ||||
S3‑253023 | Living document for TS 33.216 | Huawei | draftCR | Approval | No |
Yes
| email approval | No | ||||
S3‑253024 | Living document for TS 33.511 | Huawei | draftCR | Approval | No |
Yes
| email approval | No | ||||
S3‑253027 | Living document 33.518 | Huawei | draftCR | Approval | No |
Yes
| email approval | No | ||||
5.2 | Study Items (Approved) |   | ||||||||||
5.2.1 | Study on transitioning to Post Quantum Cryptography (PQC) in 3GPP | S3‑252632 | Skeleton for TR 33.703 | Huawei, HiSilicon, Qualcomm Incorporated | draft TR | Approval | Yes |
Yes
| approved | No | ||
S3‑252633 | Scope of TR 33.703 | Huawei, HiSilicon | pCR | Approval | Yes |
Yes
| revised | No | S3‑252976 | |||
S3‑252976 | Scope of TR 33.703 | Huawei, HiSilicon | pCR | Approval | Yes |
Yes
| approved | No | S3‑252633 | |||
S3‑252740 | Scope update | LG Electronics | pCR | Approval | Yes |
Yes
| merged | No | S3‑252976 | |||
S3‑252634 | Assumption text for TR 33.703 | Huawei, HiSilicon | pCR | Approval | Yes |
Yes
| merged | No | S3‑252977 | |||
S3‑252724 | Architecture Assumptions | Nokia | pCR | Approval | Yes |
Yes
| merged | No | S3‑252977 | |||
S3‑252830 | Pseudo-CR on assumptions of the PQC study | Ericsson | pCR | Approval | Yes |
Yes
| revised | No | S3‑252977 | |||
S3‑252977 | Pseudo-CR on assumptions of the PQC study | Ericsson | pCR | Approval | Yes |
Yes
| approved | No | S3‑252830 | |||
S3‑252638 | Description of PQC security level | Huawei, HiSilicon | pCR | Approval | Yes |
Yes
| revised | No | S3‑252978 | |||
S3‑252978 | Description of PQC security level | Huawei, HiSilicon | pCR | Approval | Yes |
Yes
| approved | No | S3‑252638 | |||
S3‑252758 | Pseudo-CR on Principles and attributes of PQC | Samsung | pCR | Approval | Yes |
Yes
| merged | No | S3‑252978 | |||
S3‑252763 | Impact of PQC algorithm transitioning on terminals | China Mobile Com. Corporation | pCR | Approval | Yes |
YesQualcomm, Nokia didn’t see where this could fit into the TR.
| noted | No | ||||
S3‑252667 | PQC Migration of different functionalities in authenticated key exchange protocols (e.g. IKEv2, TLS) | Huawei, HiSilicon | pCR | Approval | Yes |
YesNokia: Key exchange, certificate management are impactged by the harvest now decypt later attack. This needs rewording.
| revised | No | S3‑252979 | |||
S3‑252979 | PQC Migration of different functionalities in authenticated key exchange protocols (e.g. IKEv2, TLS) | Huawei, HiSilicon | pCR | Approval | Yes |
Yes
| noted | No | S3‑252667 | |||
S3‑252791 | Pseudo-CR on Usage mode of quantum-safe cryptographic algorithms in 6G systems | China Mobile | pCR | Approval | Yes |
Yes
| merged | No | S3‑252978 | |||
S3‑252793 | Pseudo-CR on Crypto Agility | China Mobile | pCR | Approval | Yes |
YesORANGE: this should be G-agnostic. Remove the normative statement with the shall.
Qualcomm: 3GPP will not do anything related to crypto-agility. CMCC replied that it is planned to have this in 6G. It was decided to remove this reference.
| revised | No | S3‑252980 | |||
S3‑252980 | Pseudo-CR on Crypto Agility | China Mobile | pCR | Approval | Yes |
Yes
| noted | No | S3‑252793 | |||
S3‑252666 | General description for clause 6.1 | Huawei, HiSilicon | pCR | Approval | Yes |
YesQualcomm: we disagree with any prioritization.
Nokia: I have an issue with referring to mature specifications.
| noted | No | ||||
S3‑252820 | Discussion on PQC Transition for TLS | Qualcomm Incorporated | discussion | Discussion | Yes |
Yes
| noted | No | ||||
S3‑252831 | Pseudo-CR on updating TLS for PQC | Ericsson | pCR | Approval | Yes |
Yes
| noted | No | ||||
S3‑252981 | Pseudo-CR on updating TLS for PQC | Ericsson | pCR | Approval | No |
Yes
| withdrawn | Yes | ||||
S3‑252821 | Discussion on PQC Transition for JWE and JWS | Qualcomm Incorporated | discussion | Discussion | Yes |
Yes
| noted | No | ||||
S3‑252832 | Pseudo-CR on updating JOSE and COSE for PQC | Ericsson | pCR | Approval | Yes |
Yes
| noted | No | ||||
S3‑252665 | PQC migration for PKI certificates | Huawei, HiSilicon | pCR | Approval | Yes |
Yes
| revised | No | S3‑252982 | |||
S3‑252982 | PQC migration for PKI certificates | Huawei, HiSilicon | pCR | Approval | Yes |
Yes
| noted | No | S3‑252665 | |||
S3‑252720 | New Key issue for PQC Key Exchange and Digital Signatures | Nokia | pCR | Approval | Yes |
YesQualcomm: where do we put this in the TR?
Nokia: this is a key issue.
Qualcomm: there are no key issues.
| noted | No | ||||
S3‑252635 | General description for protocols not updated for PQC by other SDOs | Huawei, HiSilicon | pCR | Approval | Yes |
Yes
| revised | No | S3‑252983 | |||
S3‑252983 | General description for protocols not updated for PQC by other SDOs | Huawei, HiSilicon | pCR | Approval | Yes |
Yes
| approved | No | S3‑252635 | |||
S3‑252636 | Protocol - SUCI calculation | Huawei, HiSilicon | pCR | Approval | Yes |
Yes
| merged | No | S3‑252984 | |||
S3‑252719 | New Key issue for PQC SUCI Protection | Nokia | pCR | Approval | Yes |
Yes
| revised | No | S3‑252984 | |||
S3‑252984 | New Key issue for PQC SUCI Protection | Nokia | pCR | Approval | Yes |
Yes
| approved | No | S3‑252719 | |||
S3‑252759 | Pseudo-CR on Key Issue on SUPI Concealment | Samsung | pCR | Approval | Yes |
Yes
| merged | No | S3‑252984 | |||
S3‑252841 | Hybrid PQC for SUCI calculation | THALES | pCR | Approval | Yes |
YesORANGE: these algorithms should be evaluated in SAGE. Not sure that we can handle this in SA3.
Nokia didn’t agree, this was a 3GPP procedure.
| merged | No | S3‑252984 | |||
S3‑252691 | pCR on Threats on Bidding down attacks during coexistence of PQC and classical algorithms | Huawei, HiSilicon | pCR | Approval | Yes |
YesNokia didn’t support this contribution. Ericsson, Cisco didn’t support it either.
Huawei:, Qualcomm: bidding down attacks can happen in any transitioning system, it's a general problem.
Huawei: no other organization will deal with these attacks, only 3GPP.
| noted | No | ||||
S3‑252637 | Protocol - MIKEY-SAKKE | Huawei, HiSilicon | pCR | Approval | Yes |
Yes
| revised | No | S3‑253037 | |||
S3‑253037 | Protocol - MIKEY-SAKKE | Huawei, HiSilicon | pCR | Approval | Yes |
Yes
| approved | No | S3‑252637 | |||
S3‑252760 | Pseudo-CR on SUPI Concealment using hybrid method | Samsung | pCR | Approval | Yes |
YesNCSC: the key issue has solutions.
Thales: postpone all solutions for next meeting, focus on key issues this meeting.This was agreed.
| noted | No | ||||
S3‑252761 | Pseudo-CR on SUPI Concealment using Hybrid shared Key | Samsung | pCR | Approval | Yes |
Yes
| noted | No | ||||
S3‑252762 | Pseudo-CR on PQC shared key solution for SUPI Concealment | Samsung | pCR | Approval | Yes |
Yes
| noted | No | ||||
S3‑252975 | Draft TR 33.703 | Qualcomm | draft TR | Approval | No |
Yes
| email approval | No | ||||
6.1 | 5G-Advance Endorsed SIDs |   | ||||||||||
6.1.1 | New SID on AIMLE Service Security (Lenovo) | S3‑252918 | SID on AIMLE Service Security enhancement | Lenovo, Motorola Mobility | SID new | Approval | Yes |
Yes
| revised | No | S3‑252958 | S3‑252395 |
S3‑252958 | SID on AIMLE Service Security enhancement | Lenovo, Motorola Mobility | SID new | Approval | Yes |
Yes
| agreed | No | S3‑252918 | |||
S3‑252919 | Draft TR Skeleton for FS_AIMLE_Sec | Lenovo | other | Approval | Yes |
Yes
| endorsed | No | ||||
S3‑252920 | Scope for AIMLE Service Security | Lenovo | other | Endorsement | Yes |
Yes
| revised | No | S3‑253003 | |||
S3‑253003 | Scope for AIMLE Service Security | Lenovo | other | Endorsement | Yes |
Yes
| endorsed | No | S3‑252920 | |||
S3‑252777 | New Key Issue on Authentication and Authorization of FL members for the AIMLE Service Security | Huawei, HiSilicon | other | Approval | Yes |
YesEricsson: the key issue is not concrete enough.No strong opinion but offline discussion is needed to undertand what the problem we are trying to solve.
| revised | No | S3‑253005 | |||
S3‑253005 | New Key Issue on Authentication and Authorization of FL members for the AIMLE Service Security | Huawei, HiSilicon | other | Approval | Yes |
Yes
| endorsed | No | S3‑252777 | |||
S3‑252921 | New KI on AIMLE FL Service Authorization and Security | Lenovo | other | Approval | Yes |
Yes
| merged | No | S3‑253005 | |||
S3‑252922 | New KI on Secure AIMLE ML Model Access | Lenovo | other | Approval | Yes |
Yes
| revised | No | S3‑253006 | |||
S3‑253006 | New KI on Secure AIMLE ML Model Access | Lenovo | other | Approval | Yes |
Yes
| endorsed | No | S3‑252922 | |||
S3‑253004 | Draft TR for FS_AIMLE_Sec | Lenovo | other | Approval | No |
Yes
| email approval | No | ||||
6.1.2 | New SID on Security Aspects for IMS resiliency (KDDI) | S3‑252562 | Overview of IMS Resilience | vivo | other | Approval | Yes |
Yes
| not treated | No | ||
S3‑252563 | New Key issue on IMS authentication enhancement for IMS Resilience | vivo, KDDI | other | Approval | Yes |
Yes
| not treated | No | ||||
S3‑252639 | Discussion on Security Aspects for IMS resiliency study | KDDI, Boost Mobile Network | discussion | Discussion | Yes |
Yes
| not treated | No | S3‑251904 | |||
S3‑252640 | New SID on Security Aspects for IMS resiliency | KDDI, AT&T, Boost Mobile Network, Deutsche Telekom, SK Telecom, SoftBank, TOYOTA MOTOR CORPORATION, Rakuten Mobile, Verizon, vivo, Vodafone, NEC, Philips, Ericsson, Telefonica | SID new | Approval | Yes |
Yes
| revised | No | S3‑252957 | S3‑252352 | ||
S3‑252957 | New SID on Security Aspects for IMS resiliency | KDDI, AT&T, Boost Mobile Network, Deutsche Telekom, SK Telecom, SoftBank, TOYOTA MOTOR CORPORATION, Rakuten Mobile, Verizon, vivo, Vodafone, NEC, Philips, Ericsson, Telefonica | SID new | Approval | Yes |
Yes
| agreed | No | S3‑252640 | |||
S3‑252641 | Skeleton for FS_IMSRE_SEC | KDDI | other | Approval | Yes |
Yes
| not treated | No | ||||
6.1.3 | New SID on Security Aspect for NR Femto Phase 2 (ZTE) | S3‑252615 | New SID on Security Aspect for NR Femto Phase 2 | ZTE Corporation | SID new | Agreement | Yes |
Yes
| revised | No | S3‑253062 | |
S3‑253062 | New SID on Security Aspect for NR Femto Phase 2 | ZTE Corporation | SID new | Agreement | Yes |
Yes
| agreed | No | S3‑252615 | |||
S3‑252616 | Skeleton for FS_NR_Femto_Sec_Ph2 | ZTE Corporation | other | Approval | Yes |
Yes
| endorsed | No | ||||
S3‑252617 | Security Architecture and Assumptions | ZTE Corporation | other | Approval | Yes |
Yes
| revised | No | S3‑253008 | |||
S3‑253008 | Security Architecture and Assumptions | ZTE Corporation | other | Approval | Yes |
Yes
| endorsed | No | S3‑252617 | |||
S3‑252652 | Add security assumptions for NR_Femto_sec_ph2 | China Telecommunications Corp. | other | Approval | Yes |
Yes
| merged | No | S3‑253008 | |||
S3‑252682 | Architecture for Femto ph2 | Huawei, HiSilicon | other | Approval | Yes |
Yes
| merged | No | S3‑253008 | |||
S3‑252618 | New KI on detection of misconfigured or malicious NR Femto | ZTE Corporation | other | Approval | Yes |
Yes
| merged | No | S3‑253009 | |||
S3‑252692 | New KI for NR_Femto_sec_ph2 | China Telecommunications Corp. | other | Yes |
Yes
| revised | No | S3‑253009 | ||||
S3‑253009 | New KI for NR_Femto_sec_ph2 | China Telecommunications Corp. | other | - | Yes |
Yes
| endorsed | No | S3‑252692 | |||
S3‑252619 | New KI on security and privacy aspects for local access | ZTE Corporation | other | Approval | Yes |
Yes
| revised | No | S3‑253010 | |||
S3‑253010 | New KI on security and privacy aspects for local access | ZTE Corporation | other | Approval | Yes |
Yes
| endorsed | No | S3‑252619 | |||
S3‑252683 | New key issue on the security of localized UPF | Huawei, HiSilicon | other | Approval | Yes |
Yes
| merged | No | S3‑253010 | |||
S3‑253007 | Draft TR for FS_NR_Femto_Sec_Ph2 | ZTE | other | Endorsement | No |
Yes
| email approval | No | ||||
6.1.4 | New SID on Security aspects of WAB nodes for NR (Nokia) | S3‑252642 | New SID on Security aspects of WAB nodes for NR | Nokia | SID new | Approval | Yes |
Yes
| revised | No | S3‑252959 | S3‑252418 |
S3‑252959 | New SID on Security aspects of WAB nodes for NR | Nokia | SID new | Approval | Yes |
Yes
| agreed | No | S3‑252642 | |||
S3‑252645 | Skeleton for TR for study on security aspects of WAB nodes for NR | Nokia | other | Approval | Yes |
Yes
| endorsed | No | ||||
S3‑252684 | Architecture for WAB | Huawei, HiSilicon | other | Approval | Yes |
Yes
| endorsed | No | ||||
S3‑252685 | new key issue on security from WAB to the UE's network | Huawei, HiSilicon | other | Approval | Yes |
Yes
| noted | No | ||||
S3‑252686 | new key issue on security of the link between WAB-gNB and OAM | Huawei, HiSilicon | other | Approval | Yes |
Yes
| endorsed | No | ||||
S3‑252778 | New Key Issue on Security Protection of Compromised WAB Nodes and Core Network Measures | Huawei, HiSilicon | other | Approval | Yes |
Yes
| noted | No | ||||
S3‑252987 | TR for study on security aspects of WAB nodes for NR | Nokia | other | Approval | No |
Yes
| email approval | No | ||||
6.1.5 | New SID on security for PLMN hosting a NPN phase 2 (China Telecom) | S3‑252648 | New SID on security for PLMN hosting a NPN phase 2 | China Telecommunications Corp.,ZTE, China Unicom, China Mobile, CAIC | SID new | Approval | Yes |
Yes
| revised | No | S3‑252960 | |
S3‑252960 | New SID on security for PLMN hosting a NPN phase 2 | China Telecommunications Corp.,ZTE, China Unicom, China Mobile, CAIC | SID new | Approval | Yes |
Yes
| agreed | No | S3‑252648 | |||
S3‑252649 | Skeleton of security for PLMN hosting a NPN phase 2 | China Telecommunications Corp.,ZTE, CAICT, Johns Hopkins University APL | other | Approval | Yes |
Yes
| revised | No | S3‑253042 | |||
S3‑253042 | Skeleton of security for PLMN hosting a NPN phase 2 | China Telecommunications Corp.,ZTE, CAICT, Johns Hopkins University APL | other | Approval | Yes |
Yes
| endorsed | No | S3‑252649 | |||
S3‑252722 | Update the scope | ZTE Deutschland | other | Yes |
Yes
| revised | No | S3‑253044 | ||||
S3‑253044 | Update the scope | ZTE Deutschland | other | - | Yes |
Yes
| endorsed | No | S3‑252722 | |||
S3‑252723 | Update the clause 5 Security assumptions | ZTE Deutschland | other | Yes |
Yes
| revised | No | S3‑253045 | ||||
S3‑253045 | Update the clause 5 Security assumptions | ZTE Deutschland | other | - | Yes |
Yes
| endorsed | No | S3‑252723 | |||
S3‑252650 | Pseudo-CR on TEID issue in N9 interface | China Telecommunications Corp.,, CableLabs, CAICT, ZTE | other | Approval | Yes |
Yes
| not treated | No | ||||
S3‑252651 | Pseudo-CR on topology hiding in N9 interface | China Telecommunications Corp.,CAICT, ZTE | other | Approval | Yes |
Yes
| not treated | No | ||||
S3‑252620 | New key issue on SBA interface protectiong | ZTE Corporation,China Telecom | other | Approval | Yes |
Yes
| not treated | No | ||||
S3‑253043 | Draft TR of security for PLMN hosting a NPN phase 2 | China Telecom | other | Endorsement | Yes |
Yes
| endorsed | No | ||||
6.1.6 | New SID on security aspects for QUIC or TLS (Huawei) | S3‑252679 | Skeleton to using PSK in MPQUIC study | Huawei, HiSilicon | other | Approval | Yes |
Yes
| endorsed | No | ||
S3‑252680 | Architecture for MPQUIC study | Huawei, HiSilicon | other | Approval | Yes |
Yes
| not treated | No | ||||
S3‑252871 | Key Issue on PSK Derivation | Xiaomi Technology | other | Endorsement | Yes |
Yes
| not treated | No | ||||
S3‑252681 | New key issue on key generation | Huawei, HiSilicon | other | Approval | Yes |
Yes
| not treated | No | ||||
S3‑252766 | Pseudo-CR on New Key Issue for PSK Derivation for MPQUIC in ATSSS | CATT | other | Endorsement | Yes |
Yes
| not treated | No | ||||
S3‑252769 | Pseudo-CR on New Key Issue for PSK Delivery for MPQUIC in ATSSS | CATT | other | Endorsement | Yes |
Yes
| not treated | No | ||||
S3‑252663 | New key issue on the PSK distribution | Huawei, HiSilicon | other | Approval | Yes |
Yes
| not treated | No | ||||
S3‑252872 | Key Issue on PSK Delivery | Xiaomi Technology | other | Endorsement | Yes |
Yes
| not treated | No | ||||
S3‑252534 | New Key Issue for Support of PSK Mode between the UE and UPF | InterDigital, Inc. | other | Endorsement | Yes |
Yes
| not treated | No | ||||
S3‑252664 | New key issue of the PSK usage in QUIC or TLS | Huawei, HiSilicon | other | Approval | Yes |
Yes
| not treated | No | ||||
6.1.7 | New SID on Security of AIML_Ph2 (VIVO) | S3‑252569 | New SID on Security of AIML_Ph2 | vivo, CMCC, Nokia, OPPO | SID new | Approval | Yes |
Yes
| revised | No | S3‑252962 | S3‑252356 |
S3‑252962 | New SID on Security of AIML_Ph2 | vivo, CMCC, Nokia, OPPO | SID new | Approval | Yes |
Yes
| agreed | No | S3‑252569 | |||
S3‑252564 | Skeleton for AIML_Ph2_SEC | vivo | other | Approval | Yes |
Yes
| endorsed | No | ||||
S3‑252565 | Overview | vivo | other | Approval | Yes |
Yes
| revised | No | S3‑252988 | |||
S3‑252988 | Overview | vivo | other | Approval | Yes |
Yes
| endorsed | No | S3‑252565 | |||
S3‑252737 | New KI - security and privacy aspects of exposure of the standardized data | Ericsson | other | Approval | Yes |
Yes
| merged | No | S3‑252990 | |||
S3‑252533 | New Key Issue for Security and Privacy for UE Data Collection Transfer | InterDigital, Inc. | other | Endorsement | Yes |
Yes
| merged | No | S3‑252990 | |||
S3‑252621 | New KI on Security for UP to support UE data collection | ZTE Corporation | other | Approval | Yes |
Yes
| merged | No | S3‑252990 | |||
S3‑252671 | Exposure security for UE data towards OTT servers | Huawei, HiSilicon | other | Approval | Yes |
Yes
| revised | No | S3‑252989 | |||
S3‑252989 | Exposure security for UE data towards OTT servers | Huawei, HiSilicon | other | Approval | No |
Yes
| noted | No | S3‑252671 | |||
S3‑252672 | Authenticate and Authorize UE connection setup with data collection NF with communication security | Huawei, HiSilicon | other | Approval | Yes |
Yes
| revised | No | S3‑252990 | |||
S3‑252990 | Authenticate and Authorize UE connection setup with data collection NF with communication security | Huawei, HiSilicon | other | Approval | Yes |
Yes
| endorsed | No | S3‑252672 | |||
S3‑252781 | New Key Issue for Security Aspect of Data Transfer over UP | CATT | other | Endorsement | Yes |
Yes
| merged | No | S3‑252990 | |||
S3‑252861 | Key Issue on secure connection between UE and the data collection related network function | Xiaomi communications | other | Endorsement | Yes |
Yes
| merged | No | S3‑252990 | |||
S3‑252566 | New KI: Protection for reporting data | vivo | other | Approval | Yes |
Yes
| merged | No | S3‑252990 | |||
S3‑252598 | New KI on authorization of UE data collection and exposure | OPPO | other | Approval | Yes |
Yes
| merged | No | S3‑252990 | |||
S3‑252670 | Authorization for UE Data towards OTT servers | Huawei, HiSilicon | other | Approval | Yes |
Yes
| merged | No | S3‑252990 | |||
S3‑252532 | New Key Issue for Privacy for UE Data Collection Exposure | InterDigital, Inc. | other | Endorsement | Yes |
Yes
| merged | No | S3‑252990 | |||
S3‑252567 | New KI: Privacy for UE to report data | vivo | other | Approval | Yes |
Yes
| merged | No | S3‑252990 | |||
S3‑252780 | New Key Issue for User Consent for UE Data Collection | CATT | other | Endorsement | Yes |
Yes
| merged | No | S3‑252990 | |||
S3‑253064 | Draft TR AIML Phase 2 | Vivo | other | Endorsement | No |
Yes
| email approval | No | ||||
6.1.8 | New SID on security aspects of Integrated Sensing and Communication (Xiaomi) | S3‑252868 | New SID on security and privacy aspects of Integrated Sensing and Communication | Xiaomi Technology | SID new | Approval | Yes |
Yes
| revised | No | S3‑252963 | |
S3‑252963 | New SID on security and privacy aspects of Integrated Sensing and Communication | Xiaomi Technology | SID new | Approval | Yes |
YesIt was requested to capture in the minutes: RAN scope should be captured in the TR.
| agreed | No | S3‑252868 | |||
S3‑252869 | Skeleton for ISAC Security TR | Xiaomi Technology | other | Endorsement | Yes |
Yes
| endorsed | No | ||||
S3‑252675 | Adding scope of Sensing | Huawei, HiSilicon | other | Approval | Yes |
Yes
| revised | No | S3‑253012 | |||
S3‑253012 | Adding scope of Sensing | Huawei, HiSilicon | other | Approval | Yes |
Yes
| endorsed | No | S3‑252675 | |||
S3‑252870 | Scope of ISAC Security TR | Xiaomi Technology | other | Endorsement | Yes |
Yes
| merged | No | S3‑253012 | |||
S3‑252693 | Add security assumptions for ISAC_sec_sid | China Telecommunications Corp. | other | Yes |
Yes
| endorsed | No | |||||
S3‑252622 | New key issue on authentication and authorization for sensing service | ZTE Corporation | other | Approval | Yes |
Yes
| merged | No | S3‑253013 | |||
S3‑252674 | New key issue on Security between network and Sensing service consumer | Huawei, HiSilicon | other | Approval | Yes |
Yes
| merged | No | S3‑253013 | |||
S3‑252858 | Key Issue on Security Aspects of Authorization for Sensing Service Invocation Revocation and Exposure | Xiaomi communications, InterDigital | other | Endorsement | Yes |
Yes
| revised | No | S3‑253013 | |||
S3‑253013 | Key Issue on Security Aspects of Authorization for Sensing Service Invocation Revocation and Exposure | Xiaomi communications, InterDigital | other | Endorsement | Yes |
Yes
| endorsed | No | S3‑252858 | |||
S3‑252881 | new KI on authorization of sensing service request | Nokia, Nokia Shanghai Bell | other | Approval | Yes |
Yes
| merged | No | S3‑253013 | |||
S3‑252568 | New KI: Authorization for sensing | vivo | other | Approval | Yes |
Yes
| merged | No | S3‑253013 | |||
S3‑252694 | New KI for ISAC_sec_sid | China Telecommunications Corp. | other | Yes |
Yes
| merged | No | S3‑253013 | ||||
S3‑252742 | New Key issue on authorization for sensing service | OPPO | other | Approval | Yes |
Yes
| merged | No | S3‑253013 | |||
S3‑252673 | New key issue on security between Sensing Function(s) and Sensing Entities | Huawei, HiSilicon | other | Approval | Yes |
Yes
| merged | No | S3‑253014 | |||
S3‑252743 | New Key issue on protection of sensing data transmission | OPPO | other | Approval | Yes |
Yes
| merged | No | S3‑253014 | |||
S3‑252859 | Key Issue on Security Protection for Sensing Service Operations | Xiaomi communications, InterDigital | other | Endorsement | Yes |
Yes
| revised | No | S3‑253014 | |||
S3‑253014 | Key Issue on Security Protection for Sensing Service Operations | Xiaomi communications, InterDigital | other | Endorsement | Yes |
Yes
| endorsed | No | S3‑252859 | |||
S3‑252623 | New key issue on privacy aspect of sensing result exposure | ZTE Corporation | other | Approval | Yes |
Yes
| merged | No | S3‑253013 | |||
S3‑252624 | New key issue on user consent for sensing service | ZTE Corporation | other | Approval | Yes |
YesHuawei: postpone and wait for SA2 progress. Qualcomm supported this.
| noted | No | ||||
S3‑252764 | pCR Privacy requirements for sensing | NTT DOCOMO INC. | other | Approval | Yes |
Yes
| not treated | No | ||||
S3‑252860 | Key Issue on Privacy Protection for Sensing Services | Xiaomi communications, InterDigital | other | Endorsement | Yes |
YesNokia supported the issue, although some rewording was needed. Privacy is always linked t to the human user.
CMCC and Vivo didn’t agree with this.
It was proposed to postpone the issue and wait for RAN progress.
| noted | No | ||||
S3‑253011 | Draft TR for ISAC Security | Xiaomi | other | Endorsement | No |
Yes
| email approval | No | ||||
6.1.9 | New SID on 5G Security Assurance Specification (SCAS) for the Container-based Products (Ericsson) | S3‑252710 | Scope for SCAS for Container-based Products | BSI (DE) | other | Approval | Yes |
Yes
| endorsed | No | ||
S3‑252711 | References for SCAS for Container-based Products | BSI (DE) | other | Approval | Yes |
Yes
| not treated | No | ||||
S3‑252712 | Defintions for SCAS for Container-based Products | BSI (DE) | other | Approval | Yes |
Yes
| not treated | No | ||||
S3‑252713 | Assumptions for SCAS for Container-based Products | BSI (DE) | other | Approval | Yes |
Yes
| not treated | No | ||||
S3‑252714 | Assets and Threats for SCAS for Container-based Products | BSI (DE) | other | Approval | Yes |
Yes
| not treated | No | ||||
S3‑252715 | Test Cases for SCAS for Container-based Products | BSI (DE) | other | Approval | Yes |
Yes
| not treated | No | ||||
S3‑252890 | TR skeleton for Security Assurance Specification (SCAS) for the Container-based Product | Ericsson | other | Approval | Yes |
Yes
| endorsed | No | ||||
S3‑253038 | Draft TR SCAS for Container-based Products | Ericsson | other | Endorsement | No |
Yes
| email approval | No | ||||
6.1.10 | New SID on Security Aspects of 5G Satellite Access Phase 4 (CATT) | S3‑252745 | New SID on Security Aspects of 5G Satellite Access Phase 4 | CATT | SID new | Approval | Yes |
Yes
| revised | No | S3‑252965 | |
S3‑252965 | New SID on Security Aspects of 5G Satellite Access Phase 4 | CATT | SID new | Approval | Yes |
Yes
| agreed | No | S3‑252745 | |||
S3‑252768 | Discussion on security of UE-Satellite-UE in IMS | Huawei, HiSilicon | discussion | Discussion | Yes |
Yes
| noted | No | ||||
S3‑252770 | Revised SID on Security Aspects of 5G Satellite Access Phase 4 | Huawei, HiSilicon | other | Approval | Yes |
Yes
| noted | No | ||||
S3‑252746 | Skeleton of TR Satellite Phase 4 | CATT | other | Approval | Yes |
Yes
| endorsed | No | ||||
S3‑252721 | Add security assumptions for SAT_ph4_Sec sid | China Telecommunications Corp. | other | Yes |
Yes
| revised | No | S3‑253039 | ||||
S3‑253039 | Add security assumptions for SAT_ph4_Sec sid | China Telecommunications Corp. | other | - | Yes |
Yes
| endorsed | No | S3‑252721 | |||
S3‑252625 | New key issue on UE security context synchronization in S&F Satellite operation | ZTE Corporation | other | Approval | Yes |
Yes
| merged | No | S3‑253041 | |||
S3‑252744 | New Key issue on security protection in split MME architecture | OPPO | other | Approval | Yes |
Yes
| merged | No | S3‑253041 | |||
S3‑252748 | New KI for TR Satellite Phase 4 | CATT, Sateliot, Novamint | other | Approval | Yes |
Yes
| revised | No | S3‑253041 | |||
S3‑253041 | New KI for TR Satellite Phase 4 | CATT, Sateliot, Novamint | other | Approval | Yes |
Yes
| endorsed | No | S3‑252748 | |||
S3‑252776 | New Key Issue on Security protection for Multi-Satellites Store and Forward Operation in Split MME Architecture | Huawei, HiSilicon | other | Approval | Yes |
Yes
| merged | No | S3‑253041 | |||
S3‑253040 | Draft TR SAT_ph4_Sec | CATT | other | Endorsement | No |
Yes
| email approval | No | ||||
6.2 | New 5G-Advance SIDs/WIDs | S3‑252531 | Study on Security aspects of CAPIF Phase 4 | Nokia | SID new | Yes |
Yes
| revised | No | S3‑252966 | ||
S3‑252966 | Study on Security aspects of CAPIF Phase 4 | Nokia | SID new | - | Yes |
Yes
| agreed | No | S3‑252531 | |||
S3‑252574 | Discussion of security aspects of SNPN cellular hotspots | Cisco Systems Belgium | discussion | Discussion | Yes |
Yes
| noted | No | ||||
S3‑252575 | Study on security aspects of SNPN cellular hotspots | Cisco Systems Belgium | SID new | Approval | Yes |
YesORANGE: business model not clear, we need more information from SA1 and SA2.
IT was agreed to send an LS to SA1, SA2 and SA for clarification.
| revised | No | S3‑253048 | |||
S3‑253048 | Study on security aspects of SNPN cellular hotspots | Cisco Systems Belgium | SID new | Approval | Yes |
Yes
| noted | No | S3‑252575 | |||
S3‑252589 | New WID on PRINS Refinement | CableLabs, Nokia, Charter Communications, China Telecom, Deutsche Telekom, Comcast Communications | WID new | Agreement | Yes |
Yes
| revised | No | S3‑252967 | |||
S3‑252967 | New WID on PRINS Refinement | CableLabs, Nokia, Charter Communications, China Telecom, Deutsche Telekom, Comcast Communications | WID new | Agreement | Yes |
Yes
| agreed | No | S3‑252589 | |||
S3‑252590 | PRINS Refinement | CableLabs, Nokia, Charter Communications, China Telecom, Deutsche Telekom, Comcast Communications | draftCR | Discussion | Yes |
Yes
| noted | No | ||||
S3‑252668 | DP Study on best security practice for SBA | Huawei, HiSilicon | discussion | Approval | Yes |
Yes
| noted | No | ||||
S3‑252669 | SID Study on best security practice for SBA | Huawei, HiSilicon | SID new | Approval | Yes |
Yes
| revised | No | S3‑253052 | |||
S3‑253052 | SID Study on best security practice for SBA | Huawei, HiSilicon | SID new | Approval | Yes |
Yes
| agreed | No | S3‑252669 | |||
S3‑252687 | MPQUIC SID | Huawei, HiSilicon | SID new | Approval | Yes |
Yes
| revised | No | S3‑252961 | |||
S3‑252961 | New SID on providing PSK for MPQUIC/TLS | Huawei, HiSilicon | SID new | Approval | Yes |
Yes
| agreed | No | S3‑252687 | |||
S3‑252813 | Study on Security Aspect of Ambient IoT Services in 5G phase 2 | Qualcomm Incorporated | SID new | Agreement | Yes |
Yes
| merged | No | S3‑252968 | |||
S3‑252875 | New SID on Security of application user consent architecture | Ericsson | SID new | Agreement | Yes |
Yes
| noted | No | ||||
S3‑252879 | New SID on Security Assurance Specification (SCAS) for Container-based Products | Ericsson, Nokia, Nokia Shanghai Bell, BSI | SID new | Agreement | Yes |
Yes
| revised | No | S3‑252964 | |||
S3‑252964 | New SID on Security Assurance Specification (SCAS) for Container-based Products | Ericsson, Nokia, Nokia Shanghai Bell, BSI | SID new | Agreement | Yes |
Yes
| agreed | No | S3‑252879 | |||
S3‑252882 | New WID on SCAS for NR Femto | China Mobile, CAICT, ZTE, CATT | WID new | Approval | Yes |
Yes
| revised | No | S3‑252970 | |||
S3‑252970 | New WID on SCAS for NR Femto | China Mobile, CAICT, ZTE, CATT | WID new | Approval | Yes |
Yes
| agreed | No | S3‑252882 | |||
S3‑252883 | New WID on SCAS for NR Femto SeGW | China Mobile, CAICT, ZTE, CATT | WID new | Approval | Yes |
Yes
| revised | No | S3‑252971 | |||
S3‑252971 | New WID on SCAS for NR Femto SeGW | China Mobile, CAICT, ZTE, CATT | WID new | Approval | Yes |
Yes
| agreed | No | S3‑252883 | |||
S3‑252884 | New SID on enhanced security management service about security policy provisioning | China Mobile, ZTE, CATT, Johns Hopkins University APL, CAICT, CableLabs, Nokia, China Unicom, China Telecom | SID new | Approval | Yes |
Yes
| revised | No | S3‑252972 | |||
S3‑252972 | New SID on enhanced security management service about security policy provisioning | China Mobile, ZTE, CATT, Johns Hopkins University APL, CAICT, CableLabs, Nokia, China Unicom, China Telecom | SID new | Approval | Yes |
Yes
| noted | No | S3‑252884 | |||
S3‑252897 | New SID on the security support for the Next Generation Real Time Communication services Phase 3 | Ericsson | SID new | Agreement | Yes |
Yes
| noted | No | ||||
S3‑252903 | Discussion on Early Detection Framework Based on O&M Logs for Abnormal Access to HSSUDM | NTT DOCOMO INC.. | discussion | Yes |
Yes
| noted | No | |||||
S3‑252910 | R20 Amabient IoT SID | OPPO, Huawei | SID new | Agreement | Yes |
Yes
| revised | No | S3‑252968 | |||
S3‑252968 | R20 Amabient IoT SID | OPPO, Huawei | SID new | Agreement | Yes |
YesNokia asked to be minuted: the study item is heavily underestimated in time units.
| agreed | No | S3‑252910 | |||
S3‑252902 | Discussion on Early Detection Framework Based on O&M Logs for Abnormal Access to HSSUDM | NTT DOCOMO INC.. | discussion | Yes |
Yes
| withdrawn | Yes | |||||
S3‑253046 | LS on business model and architecture for SNPN cellular hotspots | Cisco | LS out | Approval | Yes |
Yes
| approved | No | ||||
6.3 | New 6G SIDs/WIDs | S3‑252576 | draft 6G Security SID | Nokia | SID new | Agreement | Yes |
YesNTT-Docomo. ORANGE, Thales: too much detail.
NTT-Docomo: some things here read like key issues, work tasks are too specific.
It was requested to minute: It was agreed by SA3 that the Study will incorporate high level work tasks (not too detailed or sub-bullets). Apple comsidered that only the two first work tasks were necessary.They found that the work task structure was clear or necessary.
The Chair asked for a show of hands.
In favour of keeping WT3 and WT4: Cisco, Interdigital, IDEMIA,Nokia, CATT,IDC,CableLabs, DT,Thales,ORANGE, NIST,Ericsson. Qualcomm, Sectra, OTD, China Telecom, China Mobile, SK, Verizon, OPPO, Lenovo, Vivo,Samsung, AT&T, T-Mobile.
Apple and Xiaomi opposed to having WT3 and WT4 in the SID.
| revised | No | S3‑252973 | |
S3‑252973 | draft 6G Security SID | Nokia | SID new | Agreement | Yes |
YesHuawei didn’t find this SID in shape to start working in October. There were many issues about the structure, way of working, etc that needed to be figured out before. This was taken onffline.
It was queried how to proceeed with the work.
The Chair pointed out the two options:
Agreeing the SID: official rapporteur taking the lead.
Endorsing the SID: having a moderator like it was done in 5GA.
Huawei: too open ended, there is no rush. Not clear what SA3 is going to do without a 6G architecture?
NTT-Docomo: we don’t want to agree on a SID but start the work anyway spending TUs? Agree on this now and start the work in October or November.
The Chair asked for a show of hands to see the opinion of the group.
Agreeing to something this meeting?
Ericsson, AT&T, Samsung, NTT-Docomo, T-Mobile, Charter, CMCC, Philips, Verizon, Vivo, OPPO, ZTE, Telecom Italia, Qualcomm, NIST, ORANGE, Thales, Ericsson, CAbleLbas, IDC, DT, Nokia, IDEMIA, CATT, Cisco, John Hopkins, Xiamoi, NTIU,Sectra
Endorsing to something this meeting?
Huawei, China Telecom
Huawei:: we can endorse this and note that potential clarifications and additions are needed to the work tasks.
Huawei: SA2 hasn’t decided the timeline of the study yet. There is no clear architecture.
Huawei: work tasks too generic, too high level. We don’t even mention authentication in the work tasks.
ORANGE: we can discuss some basic security assumptions, TR structure and not to dig into key issues.
AT&T: SA2 SID is not very different from this one, and it was agreed.
Huawei had a sustained objection on this SID to be agreed.
The Chair commented that if endorsed, companies could still bring contributions to the Plenary.
ORANGE proposed to send an LS to SA to give the news.
| endorsed | No | S3‑252576 | |||
S3‑252577 | Add WT for Study on Security for the 6G System Enhancements | Johns Hopkins University APL | SID new | Approval | Yes |
Yes
| merged | No | S3‑252973 | |||
S3‑252578 | Updates to SA3 Moderator 6G SID | Charter Communications, Inc | SID new | Agreement | Yes |
Yes
| merged | No | S3‑252973 | |||
S3‑252600 | CableLabs revision of SA3 Moderator 6G SID | CableLabs | SID new | Discussion | Yes |
Yes
| merged | No | S3‑252973 | |||
S3‑252626 | ZTE views on draft 6G security SID | ZTE Corporation | other | Approval | Yes |
Yes
| merged | No | S3‑252973 | |||
S3‑252695 | Pseudo-CR on update to 6G general SID | China Telecommunications Corp. | other | Approval | Yes |
Yes
| merged | No | S3‑252973 | |||
S3‑252733 | Revision of draft_6G Security SID v1 | vivo | SID new | Approval | Yes |
Yes
| merged | No | S3‑252973 | |||
S3‑252757 | Updates to draft 6G SID v1 | Samsung | other | Approval | Yes |
Yes
| merged | No | S3‑252973 | |||
S3‑252790 | Revision of draft 6G Security SID for updating WT description | CATT | SID new | Approval | Yes |
Yes
| merged | No | S3‑252973 | |||
S3‑252794 | Revision suggestion on Study on Security for the 6G System Enhancements | China Mobile | discussion | Discussion | Yes |
Yes
| noted | No | ||||
S3‑252850 | Update to SA3 6G SID | Apple | SID new | Yes |
Yes
| merged | No | S3‑252973 | ||||
S3‑252873 | Update to draft 6G Security SID | Xiaomi Technology | discussion | Endorsement | Yes |
Yes
| noted | No | ||||
S3‑252901 | OPPO’s update for draft 6G security SID | Guangdong OPPO Mobile Telecom. | other | Approval | Yes |
Yes
| merged | No | S3‑252973 | |||
S3‑252912 | Cisco revision of draft 6G Security SID | Cisco Systems | SID new | Discussion | Yes |
Yes
| merged | No | S3‑252973 | |||
S3‑252916 | Draft 6G SID change proposal | Ericsson Hungary Ltd | SID new | Agreement | Yes |
Yes
| merged | No | S3‑252973 | |||
S3‑252643 | Discussion on update of 6G SID to avoid false base station attack | SK Telecom | discussion | Approval | Yes |
Yes
| noted | No | ||||
S3‑252690 | Discussion on Security of 6G System | Huawei, HiSilicon | discussion | Discussion | Yes |
Yes
| noted | No | ||||
S3‑252732 | Gathering Security Requirements from Other Working Group | vivo | discussion | Information | Yes |
Yes
| noted | No | ||||
S3‑252874 | Study about PLS for Sensing Cases in 6G | OPPO | discussion | Discussion | Yes |
Yes
| noted | No | ||||
S3‑252898 | WT proposal on Threat Analysis for 6G | Ericsson | discussion | Endorsement | Yes |
Yes
| noted | No | ||||
S3‑252899 | Example of a Threat Analysis for 6G | Ericsson | discussion | Information | Yes |
Yes
| noted | No | ||||
S3‑252908 | Discussion on Security of MAC CE and Lower Layers | OPPO, Xidian University | discussion | Endorsement | Yes |
Yes
| noted | No | ||||
S3‑252546 | New Study on DNS Security for 6G Core Network | Johns Hopkins University APL | SID new | Approval | Yes |
YesHuawei: we will deal with DNS security if a key issue about it is found, but we don’t think we should start a whole SID about this.
NTT-Docomo: too early for 6G. If for 5GA, it’s another discussion.
| noted | No | ||||
S3‑252554 | New SID on supporting AEAD algorithms | KDDI Corporation (TTC) | SID new | Approval | Yes |
YesThales asked to add a note on the WID: Key hierarchy includes the full key hierarchy and also the long term key.
| revised | No | S3‑253050 | S3‑252362 | ||
S3‑253050 | New SID on supporting AEAD algorithms | KDDI Corporation (TTC) | SID new | Approval | Yes |
Yes
| agreed | No | S3‑252554 | |||
S3‑252689 | New SID on Multi-Party Trust Model for 6G System | Huawei, HiSilicon | SID new | Approval | Yes |
Yes
| noted | No | ||||
S3‑252822 | New Study on feasibility of decentralized trust enablement for 6G | China Mobile, Johns Hopkins University, Deutsche Telekom | SID new | Approval | Yes |
YesWill wait for progress from GSMA and the 6G study.
| noted | No | ||||
S3‑252555 | AEAD TR skeleton | KDDI Corporation (TTC) | discussion | Information | Yes |
Yes
| noted | No | ||||
S3‑252556 | Pseudo-CR on AEAD TR | KDDI Corporation (TTC) | discussion | Yes |
Yes
| noted | No | |||||
S3‑252795 | New Study on feasibility of decentralized trust enablement for 6G | China Mobile | SID new | No |
Yes
| withdrawn | Yes | |||||
S3‑253061 | Ls on progress of the 6G security Study | ORANGE | LS out | Approval | Yes |
Yes
| approved | No | ||||
6.4 | SIDs/WIDs Prioritization | S3‑252911 | Rel-20 SA3 Work Planning | SA WG3 Chair | other | Information | Yes |
Yes
| revised | No | S3‑252956 | |
S3‑252956 | Rel-20 SA3 Work Planning | SA WG3 Chair | other | Information | No |
Yes
| noted | No | S3‑252911 | |||
S3‑252570 | Discussion Paper on Prorization of 5GA SIDs | vivo | discussion | Discussion | Yes |
Yes
| noted | No | ||||
S3‑252900 | Some considerations about 6G task prioritization | Ericsson | discussion | Discussion | Yes |
Yes
| noted | No | ||||
7 | CVD and research | S3‑252509 | CVD-2025-0101 - Four critical vulnerabilities in the access control mechanism of the 5G core Network | GSMA | LS in | Yes |
Yes
| postponed | No | |||
S3‑252537 | LS on ProducerSnssaiList conditions and content | Nokia | LS out | Yes |
Yes
| merged | No | S3‑253054 | ||||
S3‑252538 | ProducerSnssaiList conditions and content | Nokia | CR | Yes |
Yes
| merged | No | S3‑253053 | ||||
S3‑252629 | Reply LS to GSMA on CVD-2025-0101 | Huawei, HiSilicon | LS out | Approval | Yes |
Yes
| noted | No | S3‑253054 | |||
S3‑253054 | Reply LS to GSMA on CVD-2025-0101 | Huawei, HiSilicon | LS out | Approval | No |
Yes
| withdrawn | Yes | ||||
S3‑252630 | Clarification on access token with respect to a list of S-NSSAIs | Huawei, HiSilicon | CR | Agreement | Yes |
Yes
| revised | No | S3‑253053 | |||
S3‑253053 | Clarification on access token with respect to a list of S-NSSAIs | Huawei, HiSilicon | CR | Agreement | No |
Yes
| not pursued | No | S3‑252630 | |||
8 | Any Other Business | S3‑252504 | SA3 meeting calendar | SA WG3 Chair, MCC | other | No |
Yes
| withdrawn | Yes |