RE: ISATAP and admin/IP domains [RE: 3gpp-analysis: Recommendatio n on tunneling in the UE]

["Karim El-Malki (HF/EAB)" <karim.el-malki@ericsson.com>]

 > On Tue, 18 Nov 2003, Karim El-Malki (HF/EAB) wrote:
 > >  > The 3GPP operator cannot trust the UE or the user.  They
 > >  > must be treated 
 > >  > as "hostile".  This is very, very different from e.g. most 
 > >  > enterprise 
 > >  > networks where ISATAP was originally more or less 
 > envisioned for.
 > > 
 > > They are not considered hostile since they have authenticated to
 > > the home network using the SIM card. The 3gpp operator's network
 > > relies on this security.
 > 
 > Even if 3GPP network would rely on it, we at the IETF know better ;-)
 > 
 > Seriously, SIM identification means nothing.  They sell anonymous,
 > pre-paid SIM cards at kiosks around here which are untraceable.  That
 > should be pretty commonplace.  There is nothing in the SIM
 > "authentication" which makes the operator trust the user 
 > more.  It's just
 > a way of getting the billing right (AFAIK).

I think it is out of scope for us to start discussing changes to 3gpp
architecture. Using the SIM a user can roam to another network and send
packets back to its home network. So from the 3gpp point of view the user
can access basic "home" services (e.g. ISATAP) in the same way while
roaming as if the user was actually at home. That fits the ISATAP scenario.

/Karim