On Sat, Oct 13, 2001 at 04:12:26AM +0900, Benjamin Kowarsch wrote:
<snip>
> It is very unlikely for any network to cancel any roaming agreements
> based on a complementary service being offered that only serves
> customers who have either no or a restricted roaming facility, i.e.
> customers that would otherwise be refused service or those who have
> actively opted-in.
Hopefully you're right. This would only work if most operators would refuse
to cooperate with those who broke ranks. If there are enough operators that
see ZEBRA as being in their interests, then it won't.
<snip>
> >> 2) ZEBRA includes an alternative authentication system called Secure
> >> Visitor Authentication (SVA) which is based on public key encryption
> >> and allows the visited network to authenticate the handset directly
> >> for the duration of the visit.
> >
> > Surely this still requires the home network to provide a public key to
> > the visited network on deman, and to identify the algorithms used?
>
> No, it is based on the SIM toolkit. VN and handset exchange public keys
> upon first sign-on.
I was assuming the use of ordinary SIMs. I didn't think the SIM toolkit
was widely deployed, but I may well be wrong.
> However, this is only an option and it requires an extra AuC in the VN.
> However, this also benefits the traditional roaming service in cases where
> networks want to cut down on bandwidth where today they reuse the triplets
> (not recommended but practised by some networks).
If I remember correctly what I read about the security weaknesses in GSM,
many operators re-challenge only every few days if the terminal remains in
communication with the same MSC.
We've gone somewhat off-topic here, so let's wrap this up.
[ Need archives? How to unsubscribe? http://www.appelsiini.net/keitai-l/ ]
Received on Fri Oct 12 23:36:50 2001