Skip to main content

Extensible Authentication Protocol Method for Global System for Mobile Communications (GSM) Subscriber Identity Modules (EAP-SIM)
draft-haverinen-pppext-eap-sim-16

Approval announcement
Draft of message to be sent after approval:

Announcement

From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Cc: Internet Architecture Board <iab@iab.org>,
    RFC Editor <rfc-editor@rfc-editor.org>
Subject: Document Action: 'Extensible Authentication Protocol 
         Method for GSM Subscriber Identity Modules (EAP-SIM)' to 
         Informational RFC 

The IESG has approved the following document:

- 'Extensible Authentication Protocol Method for GSM Subscriber Identity 
   Modules (EAP-SIM) '
   <draft-haverinen-pppext-eap-sim-17.txt> as an Informational RFC

This document has been reviewed in the IETF but is not the product of an
IETF Working Group. 

The IESG contact person is Thomas Narten.

A URL of this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-haverinen-pppext-eap-sim-17.txt

Ballot Text

Technical Summary

This document specifies an Extensible Authentication Protocol (EAP)
mechanism for authentication and session key distribution using the
Global System for Mobile Communications (GSM) Subscriber Identity
Module (SIM).  GSM is a second generation mobile network standard.
The EAP-SIM mechanism specifies enhancements to GSM authentication and
key agreement whereby multiple authentication triplets can be combined
to create authentication responses and session keys of greater
strength than the individual GSM triplets.  The mechanism also
includes network authentication, user anonymity support, result
indications, and a fast re-authentication procedure.
 
 
Working Group Summary
 
This document is not the product of an IETF WG; it has been submitted
to the RFC editor as an independent submission. However, 3GPP also
lists this document as one of their dependencies, and they expect some
IETF review of the document.  Per discussions with Stephen Hayes (3GPP
Liaison to IETF), this document has been reviewed by EAP WG for
conformance with EAP, but security properties have not been reviewed.
 
Protocol Quality
 
This spec has been reviewed for the IESG by Thomas Narten. It has also
been reviewed by the EAP WG for conformance with existing EAP
standards.

RFC Editor Note:

Please add the following sentence to the end of the IESG note:

   The IETF has also not reviewed the security of the cryptographic
   algorithms.

New section (with additional sentence added):

   The EAP-SIM protocol was developed by 3GPP.  The documentation of
   EAP-SIM is provided as information to the Internet community.
   While the EAP WG has verified that EAP-SIM is compatible with EAP
   as defined in RFC 3748, no other review has been done, including
   validation of the security claims.  The IETF has also not reviewed
   the security of the cryptographic algorithms.

RFC Editor Note