Title: Telecommunications security; Lawful Interception (LI); Handover interface for the lawful interception of telecommunications traffic
COMPILED RESULTS
YES
NO
ABSTAIN
TOTAL
Full members
ALL members
Full members
ALL members
Full members
ALL members
Full members
ALL members
Count
50
50
3
3
10
10
63
63
Percentage
79.37%
79.37%
4.76%
4.76%
15.87%
15.87%
100.00%
100.00%
Weighted Count(2)
792
792
120
120
143
143
1055
1055
Weighted Percentage(2)
75.07%
75.07%
11.37%
11.37%
13.55%
13.55%
100.00%
100.00%
Final Results(1) for Full members only
86.84%
APPROVED
Final Results(1) for all members
86.84%
APPROVED
(1)Final Results: ABSTAIN Votes are not taken into account. The formulation used is:
Sum of Weighted YES Votes / (Sum of Weighted YES Votes + Sum of Weighted NO Votes) For a vote to be approved, this number must be greater than 0.71 ( > 71.00 %)
(2) Weighted Count and Weighted Percentage are based on individual voting weights
DETAILED RESULTS
Date:
Time:
Organisation:
Country:
Voting Weight:
Choice:
Comments File:
Voter:
1
2001/08/20
09:00:28
Airdata AG
DE(E.U.)
1
Approved
No Comments
Mr. Martin Arndt
2
2001/07/09
09:48:43
ALCATEL S.A.
FR(E.U.)
45
Approved
No Comments
Mr. Alistair Urie
3
2001/08/31
15:52:02
ALCATEL SEL AG
DE(E.U.)
1
Approved
No Comments
Mr. Frank Rahe
4
2001/07/18
21:58:08
ANUIT
IT(E.U.)
1
Approved
No Comments
Mr. Nicola Colecchia
5
2001/08/27
11:30:17
ASCOM AG
CH
13
Approved
No Comments
Mr. Beat Luescher
Remarks: - Section 11.2 Security Mechanisms, second last paragraph:
It is true that the integrity of data can be achieved by using a hash
function. This can also be achieved by using an other checksum mechanism like a CRC (Cyclic Redundancy Checksum). Such schemes (including the hash function approach) are not useful for achieving data integrity from a security point of view. The reason is, that everybody who knows the data integrity algorithm can generate the fingerprint of the data. Therefore an attacker can change the data, recalculate the data integrity checksum and send this new data to the recipient. The recipient can successfully verify the fingerprint although the data integrity - from a security point of view - is not given anymore.
The text in the document is misleading and does not describe data
integrity in a security point of view. If the data integrity checksum is used standalone and not protected by any other cryptographic means (e.g. if it is used as a Message Authentication Code) then a secret, which is only know by the sender and the recipient must be applied during the calculation of the fingerprint. A possible solution would be to use a hash function which requires a key to calculate the fingerprint of its input data.
- Section 11.2 Security Mechanisms, last paragraph:
The text does not describe very well the authentication mechanism based on public key cryptography. The text seems to describe a mixture of data encryption and data authentication.
The public key of any user is normally not used in the authentication
process. Everybody (user X or an attacker) can encrypt something with the public key of user Y. User Y has no possibilities to find out who
encrypted this data. The operation in which the public key is used is
normally called 'data encryption'.
Data authentication is achieved when user X uses its own private key. Any user can verify the authenticity of the data by encrypting the data with the public key of user X. This process is normally called 'data signing/making a digital signature'.
6
2001/08/07
11:03:31
BELGACOM
BE(E.U.)
30
Abstain
No Comments
Mr. Jean Claude Raskinet
7
2001/07/06
14:36:08
BIPT
BE(E.U.)
18
Approved
No Comments
Mr. Freddy Baert
8
2001/08/23
10:59:38
BMWi
DE(E.U.)
45
Approved
No Comments
Mrs. Martina Welcher
9
2001/08/03
12:43:05
BT
GB(E.U.)
45
Approved
No Comments
Mr. Archie Smith
10
2001/08/17
19:03:38
CFI
FR(E.U.)
1
Abstain
No Comments
Mr. Serge Clauzel
11
2001/07/18
10:16:48
Copenhagen Fire Brigade
DK(E.U.)
1
Approved
No Comments
Mr. Kurt Christensen
12
2001/07/24
10:47:59
Czech Telecommunication Office
CZ
9
Approved
No Comments
Mr. Antonin Mareska
13
2001/08/31
07:33:33
DEPT. COMMUNICATIONS LATVIA
LV
1
Approved
No Comments
Ms. Inara Rudaka
14
2001/08/29
11:13:49
Deutsche Telekom AG
DE(E.U.)
45
Approved
No Comments
Ms. Claudia Schulz
15
2001/07/10
12:33:48
Deutsche Telekom MobilNet
DE(E.U.)
30
Approved
No Comments
Mr. Martin Buechter
16
2001/08/29
15:21:38
DIGITEL TELEKOM
BA
1
Approved
No Comments
Mr. Musa Suljevic
17
2001/08/28
10:33:36
DOLPHIN TELECOMMUNICATIONS LTD
GB(E.U.)
1
Approved
No Comments
Mr. Torben Themsen
18
2001/07/20
15:35:06
DTI
GB(E.U.)
45
Approved
No Comments
Mr. Oliver Wheaton
19
2001/07/30
18:28:27
FED. MINISTRY FOR TRANSPORT
AT(E.U.)
18
Approved
No Comments
Mr. Walter C. Marxt
20
2001/08/31
07:46:43
France Telecom
FR(E.U.)
45
Approved
No Comments
Mr. Paul Gonin
21
2001/08/28
10:26:38
INFINEON TECHNOLOGIES
DE(E.U.)
13
Approved
No Comments
Mrs. Michèle Brazda
22
2001/08/03
18:41:24
Inmarsat
GB(E.U.)
3
Approved
No Comments
Mr. Peter Dunning
23
2001/08/13
12:02:08
Institute of Telecommunication
PL
1
Approved
No Comments
Mr. Wlodzimierz Barjasz
24
2001/08/30
15:44:09
JSC Intellect Telecom
RU
1
Approved
No Comments
Mrs. Irina V. Kreinguel
25
2001/08/08
15:22:03
KPN
NL(E.U.)
45
NOT Approved
No Comments
Mrs. Willie Krapels
Remarks: Reviewed product
Title : Handover Interface for the Lawful Interception of telecommunication traffic Legenda
Code : ETSI ES 201 671 Categories (for detailed findings):
Version : final draft v2.1.1 1 Inadmissible, adjustment required
Date : 2000-07 2 Major, adjustment required
: 3 Minor, textual imperfection
Author(s) : ETSI TC Security WG Lawful Interception 4 Remark
:
Reviewers
Rev. # Name Company/department Date Time Spend
1 Peter van der Arend KPN OVN 7 August 2001
General recommendation
ES 201 671 is under ETSI Membership Voting.
The only way to get modifications into ES 201 671 is to vote against the publication of the present final draft v2.1.1.
There are no major objections against the specification, however the specification needs several modifications
as indicated below and the specification contains several clauses that are not completed in this version of the specification.
Detailed findings
Comment reviewers Feedback author
Nr. Paragraph Page Finding, comment and recommendation Cat.
Rev.
# Adapted
No / version
1 2 11 Reference [53] shall be "void".
TR 101 876 is not referenced and is similar to Annex F 3
2 6 19 "...are defined in the clauses below"
Which clauses are involved ? Clauses 6.1 to 6.2.2 ? 3
3 6.2 20 The Communication Identity Number (CIN) is indicated as Optional.
The CIN is mandatory for the IRI (as indicated in Clause 6.2.2).
The indication "optional" has to be removed (see also next issue). 2
4 6.2.2 21 The Communication Identity Number (CIN) is indicated as "Optional". It is also stated that the CIN is mandatory for the IRI in specific cases. This is conflicting and confusing.
The indication "optional" has to be removed.
It could be added that the CIN is optional for inclusion of the CC (if that is the intention). 2
5 8 22 Last sentence of the 1st paragraph is indicating "e.g. if an other party is not available it need not to be requested.......".
This example is not clear and can be removed from the text. 2
6 8.2 23 2) The IRI-END record is generated at the end of a communication or communication attempt. The present statement is only indication the communication attempt.
3) Same for the IRI-CONTINUE record. 2
7 8.2 23 The 3rd paragraph and 6th paragraph: "For some packet oriented data ...." is purely related to GPRS and has be removed to the Packet related Annex B. 3
8 A 27 "64 k based" must be "64 kbit/s based" 3
9 A.2 27 The statement for the HI1 interface port should be the same as in clause B.2: "No additions according to clause 7." 1
10 A.3.2.1 28 Table A.3.1 indicates the ASN.1 name of the "Version indication".
Only "Version1" is indicated. It can also be "Version2’. 2
11 A.5.3 40 There is no underlining or any other indication in Table A.5.1 as indication for the served user as stated in the 1st paragraph. 3
12 A.7 49 The statement that this ES is not covering fixed network technologies suggests the impression that LI for the fixed network is not covered at all.
However the whole ES including clauses A.1 to A.6 is covering LI of ISDN networks.
Please add a text explaining the intention of this Clause. 1
13 B.1 53 If "in addition to clause 6 at present no Specific identifiers for Packet switched network are defined" then that could be stated, in stead of not covered. 2
26
2001/07/17
10:28:19
LATVIAN MOBILE TELEPHONE
LV
2
Approved
No Comments
Mr. Gunars Danbergs
27
2001/08/21
14:10:01
LITHUANIAN STANDARDS BOARD
LT
1
Approved
No Comments
Mr. Brunonas Sickus
28
2001/07/26
15:58:34
MANNESMANN Mobilfunk GmbH
DE(E.U.)
30
Approved
No Comments
Mr. Gerd-Hinrich Grotelüschen
29
2001/08/10
15:57:52
MARCONI COMMUNICATIONS
GB(E.U.)
30
Approved
No Comments
Mr. Gerry Lawrence
30
2001/08/13
08:34:16
Marconi Communications GmbH
DE(E.U.)
3
Approved
No Comments
Mr. Wolfgang Nobis
31
2001/08/30
14:30:42
MAX.MOBIL. TELEKOM.
AT(E.U.)
9
Abstain
No Comments
Mr. Werner Holzmayer
32
2001/07/04
20:28:56
MICROCELL CONNEXIONS INC.
CA
1
Abstain
No Comments
Mr. Venkatesh Sampath
33
2001/08/08
13:19:24
MINISTERIO DE CIENCIA
ES(E.U.)
37
Approved
No Comments
Mr. Antonio Fernandez Paniagua
34
2001/08/30
08:35:48
MINISTERO DELLE COMUNICAZIONI
IT(E.U.)
45
Approved
No Comments
Mr. Giuseppe Fedeli
35
2001/07/16
11:44:03
Ministry of Transport and Comm
BG
1
Approved
No Comments
Mr. Emilian Pipanov
36
2001/08/02
15:08:32
MOBILTEL AD
BG
3
Approved
No Comments
Mr. Valentin Radev
37
2001/07/04
15:44:09
MOBITEL d.d.
SI
1
Approved
No Comments
Mr. Marko Smolic
38
2001/08/30
14:58:22
MOTOROLA S.A.
FR(E.U.)
18
Abstain
No Comments
Mr. Christian Ollivry
39
2001/08/28
09:06:33
NATIONAL TELECOM AGENCY
DK(E.U.)
18
Abstain
No Comments
Mr. Lang J. Nielsen
40
2001/08/27
09:11:49
NOKIA Corporation
FI(E.U.)
45
NOT Approved
No Comments
Mr. Kari Lang
Remarks: Nokia comments have been forwarded to TC SEC LI.
Article 12.2 of the ETSI Rules of Procedures : "... there is no required minimum number of votes cast." Thus there are no quorum requirements for ES/EG Approval.