Title: SV8 - SSO Counter Initialisation PDR Reference: M2090005 Originator Reference: SB3W0615 SE-8 SARPs Document Reference: Sub-Volume VIII 8.6.3 CAMAL Document Reference: Part V, Chapter 4, 4.7.3.7 P/OICS Document Reference - Status: ACCEPTED Impact: C PDR Revision Date: 23 Sep 2002 (Accepted) 16 Sep 2002 (SUBMITTED) Submitting State/Organization: CIVAL Consulting Ltd Submitting Author Name: A J Kerr Submitting Author E-mail Address: tony.kerr@cival.co.uk Submitting Author Supplemental Contact Information: Tel: +44 (0)1252 724386 SARPs Date: Doc 9705 Ed 3 (Jul 02) P/OICS Date: - SARPs Language: English Summary of Defect: The Counter for air to ground exchanges is checked during CM-Logon indication processing in SSO-SignCheck *before* it is initialised. Both Counters are subsequently explicitly initialised in SSO-SessionKey during CM-Logon response processing. If we assume that the Counters are implicitly initialised at power-on (this should be stated in SV8), then the re-initialisation is redundant. The initialisation of Message Counters is not well specified. The description of Session Key in the Security Guidance Material (Doc 9739 Second Edition Part V, Chapter 4) 4.7.3.7 does not quite match the SARPs. The statement that "message counters are initialised whenever a session key is created" is not quite true; the SARPs (in SSO-SessionKey) state that the Counters are initialised to zero if not already initialised. This is open to interpretation. Assigned SME: Sub-Volume VIII SME Initial SME comment: I believe 8.6.3.5.4 Note 2 clarifies the intent. However, I believe the problem is with the word "initialise". We should use something like: "create with an initial value of zero if it doesn't exist" and add a note that says the values aren't modified if it does exist. Proposed SARPs amendment: Impact on interoperability: PDR Validation Status: SME Recommendation to CCB: CCB Decision: