摘要 |
In one exemplary and non-limiting aspect thereof this invention provides a method to execute a bootstrapping procedure between a node, such as a MN, and a wireless network (WN). The method includes sending the WN a first message that contains a list of authentication mechanisms supported by the MN; determining in the WN an authentication mechanism to be used for bootstrapping, based at least on the list received from the MN, and including in a first response message to the MN information pertaining to the determined authentication mechanism; and sending a second message to the WN that is at least partially integrity, the second message containing the list of authentication mechanisms that the MN supports in an integrity protected form. If authentication is successful, and if the list received in the second message matches the list received in the first message, the method further includes responding to the MN with a second response message that is at least partially integrity protected, where the second response message contains an indication of the selected authentication mechanism in an integrity protected form; and receiving the successful response message and verifying that the authentication mechanism used by the MN matches the authentication mechanism selected by the WN.
|