IEEE 802.11-20/1770r1 Responses Summary

November 2020 doc.: IEEE 802.11-20/1770r1 RCM and EDP PAR and CSD comment responses Date: 2020-11-03 Authors: Name Stephen McCann Affiliations Huawei Address Southampton, UK Phone email smccann.mccann@ieee.com Submission Slide 1 Stephen McCann, Huawei

November 2020 doc.: IEEE 802.11-20/1770r1 Abstract This document is a composite of all IEEE 802 WG comments and IEEE 802.11 RCM SG responses on the RCM (802.11bh) and EDP (802.11bi) PARs and CSDs. Submission Slide 2 Stephen McCann, Huawei

November 2020 doc.: IEEE 802.11-20/1770r1 IEEE 802.1 & 802.3 Submission Slide 3 Stephen McCann, Huawei

November 2020 doc.: IEEE 802.11-20/1770r1 802.1 comments on PARs and CSDs Prelude to P802.11bh and P802.11bi comments 802.1 appreciates the clear intent (as captured in the Scope and Need of the PARs for both proposed projects) to facilitate improvements in user privacy. 802.1 also appreciates the clear indication of the difficulties (already discussed) that both projects will face in improving user privacy, and in particular the possibility of unacceptable service disruption or limitation when an STA s MAC address is changed. Response: Thanks to 802.1 for the comments Submission Slide 4 Stephen McCann, Huawei

November 2020 doc.: IEEE 802.11-20/1770r1 802.1 comments on PARs and CSDs Both P802.11bh and P802.11bi CSDs CSD Templates The CSD templates used appear to be out of date, as they refer to Balanced costs (infrastructure versus attached stations) . Use the current CSD template that can be retrieved from https://www.ieee802.org/devdocs.shtml. Response: The most recent template will be used. Therefore the CSD documents will be updated. Submission Slide 5 Stephen McCann, Huawei

November 2020 doc.: IEEE 802.11-20/1770r1 802.1 comments on PARs and CSDs P802.11bh PAR 2.1 Project Title: The project title indicates a change in MAC address would be only by randomization. The scope discusses changing addresses. Additionally, this amendment does not enhance the service, but rather preserves the service while addressing privacy concerns with MAC addresses. Change the title of the amendment to, IEEE Standard for Information technology Telecommunications and information exchange between systems Local and metropolitan area networks Specific requirements Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications Amendment: Service preservation with randomized or changing MAC addresses TBD: Response: The title should be changed to preservation of services in operations with Enhancements for randomized or changing MAC addresses , Device identification in the presence of randomization .. Submission Slide 6 Stephen McCann, Huawei

November 2020 doc.: IEEE 802.11-20/1770r1 802.1 comments on PARs and CSDs Both P802.11bh and P802.11bi CSDs Titles The association between each CSD and its PAR is not entirely clear. One CSD is entitled CSD Draft for Privacy Amendment of RCM Study Group and the other RCM SG Proposed CSD Draft for 802.11 RCM Project . The association between a CSD and a PAR needs to be clear now and 5 years hence when the CSD is being confirmed for project progression to SA Ballot and RevCom . After 5 years many will have forgotten subtle distinctions that accompanied the initial discussion and might not even be sure that a CSD belongs to either project. Include the project designation P802.11bi/P802.11bh and amendment title in the CSD. Response: xxx Submission Slide 7 Stephen McCann, Huawei

November 2020 doc.: IEEE 802.11-20/1770r1 802.3 comments on PARs and CSDs P802.11bh and P802.11bi General Neither the PARs nor CSDs clearly distinguish the need for two similar projects. Scopes overlap, and distinct identity is not established between proposed P802.11bh and proposed P802.11bi. We appreciate the submittal is a .pdf, but the file name being a docx extension caused some problems in opening. Response: xxx Submission Slide 8 Stephen McCann, Huawei

November 2020 doc.: IEEE 802.11-20/1770r1 802.3 comments on PARs and CSDs P802.11bi PAR General Neither the PARs nor CSDs clearly distinguish the need for two similar projects. Scopes overlap, and distinct identity is not established between proposed P802.11bh and proposed P802.11bi. We really can t understand what this PAR is proposed to do. A better Project Scope or more detail in Need could help with this. 2.1, Title Capitalization is inconsistent (not title case nor consistent with IEEE style). Recommend Enhanced service with data privacy protection . Response: xxx Submission Slide 9 Stephen McCann, Huawei

November 2020 doc.: IEEE 802.11-20/1770r1 802.1 comments on PARs and CSDs P802.11bh PARs 5.2.b. Scope of the project: 802.1 s interpretation of the Scope of both PARs is that incorporation of additional information elements in 802.11 that could further diminish user privacy (to, for example, facilitate continued user identification in the absence of a permanent STA to MAC address association) is Out of Scope. Please amend the Scope to state explicitly what new user tracking capabilities are within or excluded from the Scope of the PAR. TBD Response: device tracking capabilities for 11bh, limited to the authorised network and is conditional on the non-AP user. Mention in section 8: Short term focussed project. What the scope of 11bh is not doing. Add a note about 5.2.b, that the intention is to maintain the 11aq requirements regarding changing a MAC address, e.g. not during an ESS connection. Submission Slide 10 Stephen McCann, Huawei

November 2020 doc.: IEEE 802.11-20/1770r1 802.1 comments on PARs and CSDs P802.11bi PAR 5.2.b. Scope of the project: 802.1 s interpretation of the Scope of both PARs is that incorporation of additional information elements in 802.11 that could further diminish user privacy (to, for example, facilitate continued user identification in the absence of a permanent STA to MAC address association) is Out of Scope. Please amend the Scope to state explicitly what new user tracking capabilities are within or excluded from the Scope of the PAR. TBD Response: No changes to 11bi. Mention in section 8: Longer term project Submission Slide 11 Stephen McCann, Huawei

November 2020 doc.: IEEE 802.11-20/1770r1 802.1 comments on PARs and CSDs Both P802.11bh and P802.11bi PARs 5.2.b. Scope of the project 5.5 Need for the Project: 802.1 is concerned that both Scope and Need of P802.11bh appear to explicitly limit consideration of disruption, and the need for session continuity, to 802.11 mechanisms. Important 802.1Q TSN capabilities, such as bandwidth allocation, depend on flow identification that span both the wired and wireless networks. [Our comments on the CSDs point out that Technical Feasibility appears to be based, at least in part, on erroneous information about the scope of 802.1 in general and 802.1Q in particular]. Please amend the Scope to explicitly indicate that the mechanisms to enable session continuity recognize the fact that sessions extend to the LAN beyond the medium supported by 802.11. TBD Response: Add a note about 5.2.b, that the intention is to maintain the 11aq requirements regarding changing a MAC address, e.g. not during an ESS connection. Submission Slide 12 Stephen McCann, Huawei

November 2020 doc.: IEEE 802.11-20/1770r1 802.1 comments on PARs and CSDs P802.11bh PAR 5.2.b. Scope of the project: The use of 802.11 technology is expected to play an important and increasing role in environments that are tightly controlled, e.g., in flexible factories https://mentor.ieee.org/802.1/dcn/20/1-20-0026-00-ICne-ieee-802-nendica-report-flexible- factory-iot-use-cases-and-communication-requirements-for-wired-and-wireless-bridged- networks.pdf. 802.1 is concerned that P802.11bh could restrict the use of some 802.11 devices in these environments, and thus reduce the use of low latency and prioritization capabilities discussed in the context of 802.11be with TSN. Please amend the Scope to indicate that a conformant 802.11 device should be configurable to operate without address randomization. TBD Response: Possibly outside the scope of the 11bh standard. Add to section 8: REVmd allows configuration of whether a STA randomizes or not the MAC address. Submission Slide 13 Stephen McCann, Huawei

November 2020 doc.: IEEE 802.11-20/1770r1 802.3 comments on PARs and CSDs P802.11bh PAR 6.1.2, Registration activity The PAR does not make it clear that work will only use randomization and changing of MAC addresses within the local address space. Without that restriction, this question should be answered yes. Because the current myProject PAR code only allows an explanation here if answered yes, either the answer could be changed to yes here citing previous RAC interest in MAC address randomization, or an explanation of the restriction could be added to 8.1. TBD Response: Change the answer to Yes. [See the REVme PAR document 1682 and do the same for 11bi PAR] 6.1.2. Is the Standards Committee aware of possible registration activity related to this project?: Yes Explanation: The RAC may want to review for correct and consistent usage of registry terms Section 5.5 states that the project scope is reacting to MAC address changes currently allowed by the 802.11 standard. Submission Slide 14 Stephen McCann, Huawei

November 2020 doc.: IEEE 802.11-20/1770r1 802.1 comments on PARs and CSDs Both P802.11bh and P802.11bi CSDs 1.2.2 Compatibility: Both CSDs claim compliance with 802.1Q, without qualification. However, this appears to be based on an incomplete understanding of the scope of 802.1Q. The referenced presentation (19 0851 00, P802.1CQ MAC Address Assignment Requirements) states: P802.1CQ is currently the only 802.1 project dealing with end station behavior Formerly, protocols for end stations were out of scope for 802.1 . This is not the case and has not been the case for many years. 802.1Q includes end station requirements for participation in the MMRP, MVRP, MSRP, CFM, and other protocols. These protocols are important in Time Sensitive Networking environments requiring reliable and timely frame delivery (such as industrial and professional audio networks) and in service provider networks. The reference to 19-0851-00 is misleading. A more complete analysis of the interaction of 802.1 protocols is in an informative annex (following IEEE Std 802E recommendations) Privacy in Bridged Networks to P802.1AEdk/D0.5 (also in first task group ballot). Remove the 19-0851-00 presentation from the list of CSD references. A more detailed response to the 802.1Q compliance question is required. Use of a fixed STA/MAC relationship needs to remain possible throughout the duration of an association. Response: xxx Submission Slide 15 Stephen McCann, Huawei

November 2020 doc.: IEEE 802.11-20/1770r1 802.3 comments on PARs and CSDs P802.11bh CSD 1.2.2, Compatibility Once approved an amendment becomes part of the base standard, therefore, IEEE Std 802c is part of IEEE Std 802 and should be addressed for this project. Unless a method for restricting the range for random local MAC addresses is specified, randomization is incompatible with the optional SLAP capabilities of Std 802c. This should be addressed here. 1.2.3, Distinct identity See comments on proposed P802.11bi. There is insufficient information discriminating the work on this project and proposed P802.11bi. Response: xxx Submission Slide 16 Stephen McCann, Huawei

November 2020 doc.: IEEE 802.11-20/1770r1 802.3 comments on PARs and CSDs P802.11bi CSD 1.2.3, Distinct identity There is insufficient information discriminating the work on this project and proposed P802.11bh. P802.11bh seems to be a subset of what this project would allow to be done. Response: xxx Submission Slide 17 Stephen McCann, Huawei

November 2020 doc.: IEEE 802.11-20/1770r1 802.1 comments on PARs and CSDs P802.11bi CSD 1.2.4 Technical Feasibility The P802.11bi CSD (20/1346r2) states under 1.2.4 Technical Feasibility that: The IEEE 802.11 Wireless Next Generation (WNG) Standing Committee (SC) and RCM Topic Interest Group (TIG)/Study Group (SG) have reviewed many presentations indicating that enhancements are technically feasible. These contributions outlined techniques related to privacy to enhance current use cases and enable new ones. However, none of these presentations appear to be referenced in the CSD, and we have not identified them in the RCM study group files on Mentor. The CSD references evaluations of the difficulties faced in improving user privacy (19/588r2, 19/1313r2, 19/1314r2). It is not at present clear that it will be possible to materially improve privacy in the face of a determined attacker who is prepared to correlate information from multiple information elements and other characteristics of device behavior. It is not clear that these improvements will outweigh attendant difficulties in service provision. 802.1 understands that some proprietary attempts to improve privacy related behavior have been beta tested and withdrawn. 802.1 does appreciate that the technical challenges faced in demonstrating feasibility in large scale deployment might not be reasonably addressed within the limited lifetime of a Study Group. However, that is no reason to overstate Technical Feasibility in the CSD. Provide credible references and demonstrate Technical Feasibility. The current set of references do not meet that criteria. TBD Response: Add some sentences about the technical feasibility. The comment is basically correct. Submission Slide 18 Stephen McCann, Huawei

November 2020 doc.: IEEE 802.11-20/1770r1 802.1 comments on PARs and CSDs Both P802.11bh and P802.11bi CSDs References: It is unclear why the presentations 19-0884-00, 19-1027-01, 19-1320-00 are in either, much less both CSDs. P802.11bi concerns privacy exposures beyond the use of persistent source MAC Address, and these presentations are very much focused on MAC Address assignment. The presentations reflect the different and contested views on 802.11aq and 802c on the extent of the randomly chosen MAC address space, but their bearing on the feasibility or otherwise of the proposed PARs is nowhere made clear. Since they promote opposing views it is not clear what conclusion the reader of the CSDs is meant to draw. Remove these three presentations from the references list of both CSDs. Response: xxx Submission Slide 19 Stephen McCann, Huawei