This is merely a historical archive of years 2008-2021, before the migration to mailman3.
A maintained and still updated list archive can be found at https://lists.osmocom.org/hyperkitty/list/OpenBSC@lists.osmocom.org/.
Harald Welte laforge at gnumonks.orgHi Lennart, On Tue, Oct 18, 2011 at 08:18:24AM +0200, Lennart Müller wrote: > we own a frequency usage licence from the Bundesnetzagentur and ran our > network with auth policy token. So every new phone trying to attach to our > network will receive a SMS with information how to register and a token. > Thereafter, the phone is kicked out and will no longer be able to register > again. > Now there was a problem with some phones from Cupertino which, as I heard, > registered to our network, received the SMS, were kicked out again but did not > try to re-register with their home network. So some "nice" guys threaten to > call the Bundesnetzagentur if we will not shut down the network immediately. we have only used the "Auth Token" mechanism in the Netherlands, where the regulatory authority didn't make any complaint. However, I remember some people with the (then not all-omnipresent) iPhone reporting some issues. In order to be on the safe side, we started issuing our own sim cards at CCC Congress and related events. This means that people have to obtain such a card before being able to acces the network. I believe legally, this is the better situation anyway, as the "real operator" SIM card in their device belongs to their "real operator", and we don't know the details of the agreement they have with their operator. They could have some fine print that that SIM is only permitted to be used with roaming partners of the "real operator". So by not accepting foreign SIM cards, we make sure nobody is violating such terms. Furthermore, we can of course use A3/A8 and as a result also A5/1, if we want. > My question is: Are there really legal problems when using the "Auth Token" > policy? The fact that we have the auth-token (or any other) functionality in our software doesn't mean that it is safe to run it, or that you will hve legal guarantees about regulatory approval in any jurisdiction! Regards, Harald -- - Harald Welte <laforge at gnumonks.org> http://laforge.gnumonks.org/ ============================================================================ "Privacy in residential applications is a desirable marketing option." (ETSI EN 300 175-7 Ch. A6)