Content for TS 24.109 Word version: 18.0.0
A Signalling flows of bootstrapping procedure
A1 Signalling flows of GBA Push procedure
B Signalling flows for HTTP Digest Authentication with bootstrapped security association
C XML Schema Definition
D Signalling flows for Authentication Proxy
E Signalling flows for PKI portal
F Signalling flows for PSK TLS with bootstrapped security association
G 3GPP specific extension-headers for HTTP entity-header fields
H 2G GBA
I GBA_Digest
J Realization of GBA Push delivery
K TLS with AKMA profiles
K.1 General
K.2 Shared key-based UE authentication with certificate-based AF authentication
K.3 Shared key-based mutual authentication between UE and AF
$ Change history
A Signalling flows of bootstrapping procedure p. 29
A.1 Scope of signalling flows p. 29
A.2 Introduction p. 29
A.3 Signalling flows demonstrating a successful bootstrapping procedure p. 29
A.4 Signalling flows demonstrating a synchronization failure in the bootstrapping procedure p. 33
A1 Signalling flows of GBA Push procedure |R8| p. 36
A1.1 Scope of signalling flows p. 36
A1.2 Introduction p. 36
A1.3 Signalling flows demonstrating a successful GBA Push procedure p. 36
B Signalling flows for HTTP Digest Authentication with bootstrapped security association p. 39
B.1 Scope of signalling flows p. 39
B.2 Introduction p. 39
B.3 Signalling flows demonstrating a successful authentication procedure p. 39
C (Normative) XML Schema Definition p. 44
C.1 Introduction p. 44
D Signalling flows for Authentication Proxy p. 45
D.1 Scope of signalling flows p. 45
D.2 Introduction p. 45
D.3 Signalling flow demonstrating a successful authentication procedure p. 45
E Signalling flows for PKI portal p. 51
E.1 Scope of signalling flows p. 51
E.2 Introduction p. 51
E.3 Signalling flows demonstrating a successful subscriber certificate enrolment p. 51
E.3.1 Simple subscriber certificate enrolment p. 51
E.3.2 Subscriber certificate enrolment with WIM authentication codes p. 55
E.4 Signalling flows demonstrating a failure in subscriber certificate enrolment p. 62
E.5 Signalling flows demonstrating a successful CA certificate delivery p. 62
E.6 Signalling flows demonstrating a failure in CA certificate delivery p. 66
F Signalling flows for PSK TLS with bootstrapped security association p. 67
F.1 Scope of signalling flows p. 67
F.2 Introduction p. 67
F.3 Signalling flow demonstrating a successful PSK TLS authentication procedure p. 68
G (Normative) 3GPP specific extension-headers for HTTP entity-header fields p. 70
G.1 General p. 70
G.2 X-3GPP-Intended-Identity extension-header p. 70
G.3 X-3GPP-Asserted-Identity extension-header p. 71
G.4 X-3GPP-Authorization-Flags extension-header p. 71
H (Normative) 2G GBA |R7| p. 71
H.1 Introduction p. 71
H.2 2G GBA bootstrapping procedure p. 71
H.3 User authentication failure p. 73
H.4 Network authentication failure p. 73
I (Normative) GBA_Digest |R11| p. 74
I.1 Introduction p. 74
I.2 GBA_Digest bootstrapping procedure p. 74
I.3 User authentication failure p. 75
I.4 Network authentication failure p. 75
J (Normative) Realization of GBA Push delivery |R11| p. 75
J.1 Introduction p. 75
J.2 GPI delivery using WAP Push p. 75
J.3 PDUs and parameters specific to the present document p. 77
J.3.1 GPI envelope p. 77
J.3.1.1 General p. 77
J.3.1.2 Structure p. 77
J.3.1.3 GPI envelope short code values p. 77
J.3.1.4 IANA registration template p. 78
K (Normative) TLS with AKMA profiles |R17| p. 79
K.1 General p. 79
K.2 Shared key-based UE authentication with certificate-based AF authentication p. 79
K.3 Shared key-based mutual authentication between UE and AF p. 80
$ Change history p. 82
