Tech-invite3GPPspecsSIPRFCs
Overview21222324252627282931323334353637384‑5x

Content for  TS 23.003  Word version:  16.3.0

Top   Top   Up   Prev   Next
1…   2…   2.8…   3…   4…   5…   6…   7…   8…   9…   10…   11   12…   13…   14…   15…   16…   17…   18…   19…   19.4…   19.5…   20…   21…   22…   23…   24…   25…   26…   27…   28…   28.4…   28.7…   29…   A…   B…   C…   D   E…

 

28.7  Network Access Identifier (NAI)Word‑p. 117

28.7.1  Introduction

This clause describes the NAI formats used in the 5G System.

28.7.2  NAI format for SUPI

The NAI for SUPI shall have the form username@realm as specified in clause 2.2 of IETF RFC 7542.
A SUPI containing a network specific identifier shall take the form of a Network Access Identifier (NAI). See clause 5.9.2 of TS 23.501 for the definition and use of the network specific identifier.
See clauses 28.15.2 and 28.16.2 for the NAI format for a SUPI containing a GCI or a GLI.
Up

28.7.3  NAI format for SUCI

When the SUPI is defined as a Network Specific Identifier, the SUCI shall take the form of a Network Access Identifier (NAI). In this case, the NAI format of the SUCI shall have the form username@realm as specified in clause 2.2 of IETF RFC 7542, where the realm part shall be identical to the realm part of the Network Specific Identifier.
When the SUPI is defined as an IMSI, the SUCI in NAI format shall have the form username without a realm part as specified in clause 2.2 of IETF RFC 7542.
The username part of the NAI shall take one of the following forms:
  1. for the null-scheme:
    type<supi type>.rid<routing indicator>.schid<protection scheme id>.userid<MSIN or Network Specific Identifier SUPI username>
  2. for the Scheme Output for Elliptic Curve Integrated Encryption Scheme Profile A and Profile B:
    type<supi type>.rid<routing indicator>.schid<protection scheme id>.hnkey<home network public key id>.ecckey<ECC ephemeral public key value>.cip<ciphertext value>.mac<MAC tag value>
  3. for HPLMN proprietary protection schemes:
    type<supi type>.rid<routing indicator>.schid<protection scheme id>.hnkey<home network public key id>. out<HPLMN defined scheme output>
    See clause 2.2B for the definition and format of the different fields of the SUCI.
Examples:
Assuming the IMSI 234150999999999, where MCC=234, MNC=15 and MSISN=0999999999, the Routing Indicator 678, and a Home Network Public Key Identifier of 27, the NAI format for the SUCI takes the form:
  • for the null-scheme:
    type0.rid678.schid0.userid0999999999
  • for the Profile <A> protection scheme:
    type0.rid678.schid1.hnkey27.ecckey<ECC ephemeral public key>.cip< encryption of 0999999999>.mac<MAC tag value>
Assuming the Network Specific Identifier user17@example.com, the Routing Indicator 678, and a Home Network Public Key Identifier of 27, the NAI format for the SUCI takes the form:
  • for the null-scheme:
    type1.rid678.schid0.useriduser17@example.com
  • for the Profile <A> protection scheme:
    type1.rid678.schid1.hnkey27.ecckey<ECC ephemeral public key>.cip< encryption of user17>.mac<MAC tag value>@example.com
See clauses 28.15.5 and 28.16.5 for the NAI format for a SUCI containing a GCI or a GLI.
Up

28.7.4  Emergency NAI for Limited Service StateWord‑p. 118
This clause describes the format of the UE identification when UE is performing an emergency registration and IMSI is not available or not authenticated.
The Emergency NAI for Limited Service State shall take the form of an NAI, and shall have the form username@realm as specified in clause 2.2 of IETF RFC 7542. The exact format shall be:
  • imei<IMEI>@sos.invalid
or if IMEI is not available,
  • mac<MAC>@sos.invalid
For example, if the IMEI is 219551288888888, the Emergency NAI for Limited Service State then takes the form of imei219551288888888@sos.invalid.
For example, if the MAC address is 44-45-53-54-00-AB, the Emergency NAI for Limited Service State then takes the form of mac4445535400AB@sos.invalid, where the MAC address is represented in hexadecimal format without separators.
Up

28.7.5  Alternative NAI

The Alternative NAI shall take the form of a NAI, i.e. 'any_username@realm' as specified of RFC 7542. The Alternative NAI shall not be routable from any AAA server.
The Alternative NAI shall contain a username part that is not a null string.
The realm part of the NAI shall be "unreachable.3gppnetwork.org".
The result shall be an NAI in the form of:
"<any_non_null_string>@unreachable.3gppnetwork.org".

28.7.6  NAI used for 5G registration via trusted non-3GPP access |R16|

While performing the EAP-authentication procedure when a UE attempts to register to 5GCN via a trusted non-3GPP access network (see clause 4.12a in TS 23.502), the UE shall use a NAI in the following format:
  • "<any_non_null_string>@nai.5gc.mnc<MNC>.mcc<MCC>.3gppnetwork.org"
Where:
  1. the username part <any_non_null_string> is any non null string; and
  2. the <MNC> and <MCC> identify the PLMN (either HPLMN or VPLMN) to which the UE attempts to connect via the trusted non-3GPP access as described in clause 6.3.12 of TS 23.501.
Up

28.7.7  NAI used by N5CW devices via trusted non-3GPP access |R16|Word‑p. 119
While performing the EAP authentication procedure when a non 5G capable over WLAN (N5CW) device attempts to register to 5GCN via a trusted non-3GPP access network (see clause 4.12b in TS 23.502), the N5CW device shall use a NAI in the following format:
  • "<5G_device_unique_identity>@nai.5gc-nn.mnc<MNC>.mcc<MCC>.3gppnetwork.org"
Where:
  1. the username part <5G_device_unique_identity> is to identify the N5CW device and contains either:
    • SUCI as defined as the username part of the NAI format in clause 28.7.3, if the UE is not registred to 5GCN via NG-RAN; or
    • 5G-GUTI as defined as the username part of the NAI format in clause 28.7.8, if the N5CW device is registred to 5GCN via NG-RAN; and
  2. the <MNC> and <MCC> identify the PLMN (either HPLMN or VPLMN) to which the N5CW device attempts to connect via the trusted non-3GPP access as described in clause 6.3.12 of TS 23.501.
  3. Editor's note: It is assumed that an N5CW device has a USIM. Whether the N5CW device has a USIM or not is FFS.
Up

28.7.8  NAI format for 5G-GUTI |R16|

The NAI format of the 5G-GUTI shall have the form username@realm as specified in clause 2.2 of IETF RFC 7542.
The username part of the NAI shall take the following form:
tmsi<5G-TMSI>.pt<AMF Pointer>.set<AMF Set Id>.region<AMF Region Id>
<5G-TMSI>, <AMF Pointer>, <AMF Set Id> and <AMF Region Id> are the hexadecimal strings of the 5G-TMSI, AMF Pointer, AMF Set ID and AMF Region ID. If there are less than 8 significant digits in <5G-TMSI>, "0" digit(s) shall be inserted at the left side to fill the 8 digits coding. If there are less than 2 significant digits in <AMF Pointer> or <AMF Region Id>, "0" digit(s) shall be inserted at the left side to fill the 2 digits coding of the AMF Pointer or AMF Region Id respectively. If there are less than 3 significant digits in <AMF Set Id>, "0" digit(s) shall be inserted at the left side to fill the 3 digits coding.
Example:
Assuming 5G-TMSI = 06666666 (hexadecimal), AMF Pointer=12 (hexadecimal), AMF Set = 001 (hexadecimal), AMF Region = 48 (hexadecimal), the username part of the NAI is encoded as:
  • "tmsi06666666.pt12.set001.region48"
The NAI for an N5CW device in a PLMN (either HPLMN or VPLMN) with MNC=012 and MCC=345, to which the N5CW device attempts to connect via the trusted non-3GPP access, according to clause 28.7.7 is:
    "tmsi06666666.pt12.set001.region48@nai.5gc-nn.mnc012.mcc345.3gppnetwork.org"
Up

28.8  Generic Public Subscription Identifier (GPSI)Word‑p. 120
The Generic Public Subscription Identifier (GPSI) is defined in clause 5.9.8 of TS 23.501.
The GPSI is defined as:
  • a GPSI type: in this release of the specification, it may indicate an MSISDN or an External Identifier; and
  • dependent on the value of the GPSI type:
Up

28.9  Internal-Group Identifier

Internal-Group Identifier is a network internal globally unique ID which identifies a set of SUPIs (e.g. MTC devices) from a given network that are grouped together for one specific group related service (see TS 23.501, clause 5.9.7).
An Internal-Group Identifier shall be composed in the same way as IMSI-Group Identifier (see clause 19.9).
If a 5G subscriber's IMSI belongs to an IMSI-Group identified by a given IMSI-Group Identifier X, the IMSI shall also belong to the Internal-Group identified by the Internal-Group Identifier X.
Up

28.10  Presence Reporting Area Identifier (PRA ID)

The Presence Reporting Area Identifier (PRA ID) is used to identify a Presence Reporting Area (PRA).
PRAs can be used for reporting changes of UE presence in a PRA, e.g. for policy control or charging decisions. See TS 23.501 and TS 23.503.
A PRA is composed of a short list of TAs and/or NG-RAN nodes and/or cells identifiers in a PLMN.A PRA can be:
  • either a "UE-dedicated PRA", defined in the subscriber profile;
  • or a "Core Network predefined PRA", pre-configured in AMF.
PRA IDs used to identify "Core Network predefined PRAs" shall not be used for identifying "UE-dedicated PRAs".
The same PRA ID may be used for different UEs to identify different "UE-dedicated PRAs", i.e. PRA IDs may overlap between different UEs, while identifying different "UE-dedicated PRAs".
The PRA ID shall be formatted as an integer within the following ranges:
  • 0 .. 8 388 607 for UE-dedicated PRA
  • 8 388 608 to 16 777 215 for Core Network predefined PRA.
Up

28.11  CAG-Identifier |R16|

A Closed Access Group (CAG) within a PLMN is uniquely identified by a CAG-Identifier (see TS 23.501).
The CAG-Identifier shall be a fixed length 32 bit value.

28.12  NF Set Identifier (NF Set ID) |R16|Word‑p. 121
A NF Set Identifier is a globally unique identifier of a set of equivalent and interchangeable CP NFs from a given network that provide distribution, redundancy and scalability (see clause 5.21.3 of TS 23.501).
An NF Set Identifier shall be constructed from the MCC, MNC, NID (for SNPN), NF type and a Set ID.
A NF Set Identifier shall be formatted as the following string:
  • set<Set ID>.<nftype>set.5gc.mnc<MNC>.mcc<MCC> for a NF Set in a PLMN, or
  • set<Set ID>.<nftype>set.5gc.nid<NID>.mnc<MNC>.mcc<MCC> for a NF Set in a SNPN.
where:
  • the <MCC> and <MNC> shall identify the PLMN of the NF Set and shall be encoded as follows:
    • <MCC> = 3 digits
    • <MNC> = 3 digits
    If there are only 2 significant digits in the MNC, one "0" digit shall be inserted at the left side to fill the 3 digits coding of MNC.
  • the Network Identifier (NID) shall be encoded as hexadecimal digits as specified in clause 12.7.
  • the <NFType> shall identify the NF type of the NFs within the NF set and shall be encoded as a value of Table 6.1.6.3.3-1 of TS 29.510 but with lower case characters;
  • the Set ID shall be a NF type specific Set ID within the PLMN, chosen by the operator, that shall consist of alphabetic characters (A-Z and a-z), digits (0-9) and/or the hyphen (-) and that shall end with either an alphabetic character or a digit;
  • the case of alphabetic characters is not significant (i.e. two NF Set IDs with the same characters but using different lower and upper cases identify the same NF Set).
    For an AMF set, the Set ID shall be set to "<AMF Set ID>.region<AMF Region ID>", with the AMF Region ID and AMF Set ID encoded as defined in TS 29.571.
EXAMPLE 1:
setxyz.smfset.5gc.mnc012.mcc345
EXAMPLE 2:
set12.pcfset.5gc.mnc012.mcc345
EXAMPLE 3:
set1.region48.amfset.5gc.mnc012.mcc345 (for AMF Region 48 (hexadecimal) and AMF Set 1)
EXAMPLE 4:
setxyz.smfset.5gc.nid000007ed9d5.mnc012.mcc345 for a SNPN with the NID 000007ed9d5 (hexadecimal).
FQDN.
NF Instances of an NF Set are equivalent and share the same MCC, MNC, NID (for SNPN), NF type and NF Set ID.
Up

28.13  NF Service Set Identifier (NF Service Set ID) |R16|

A NF Service Set Identifier is a globally unique identifier of a set of equivalent and interchangeable CP NF service instances within a NF instance from a given network that provide distribution, redundancy and scalability (see clause 5.21.3 of TS 23.501).
An NF Service Set Identifier shall be constructed from the MCC, MNC, NID (for SNPN), NF instance Identifier, service name and a Set ID.
A NF Service Set Identifier shall be formatted as the following string:
  • set<Set ID>.sn<Service Name>.nfi<NF Instance ID>.5gc.mnc<MNC>.mcc<MCC> for a NF Service Set in a PLMN, or
  • set<Set ID>.sn<Service Name>.nfi<NF Instance ID>.5gc.nid<NID>.mnc<MNC>.mcc<MCC> for a NF Service Set in a SNPN.
where:
  • the <MCC> and <MNC> shall identify the PLMN of the NF Service Set and shall be encoded as follows:
    • <MCC> = 3 digits
    • <MNC> = 3 digits
    If there are only 2 significant digits in the MNC, one "0" digit shall be inserted at the left side to fill the 3 digits coding of MNC.
  • the Network Identifier (NID) shall be encoded as hexadecimal digits as specified in clause 12.7.
  • the NFInstanceID shall identify the NF instance of the NF Service set, as defined by TS 23.501 and TS 29.510;
  • the ServiceName shall identify the NF service of the NF Service set, as defined by TS 29.510;
  • the Set ID shall be a service specific Set ID within the NF instance, chosen by the operator that shall consist of alphabetic characters (A-Z and a-z), digits (0-9) and/or the hyphen (-) and that shall end with either an alphabetic character or a digit;
  • the case of alphabetic characters is not significant (i.e. two NF Service Set IDs with the same characters but using different lower and upper cases identify the same NF Service Set).
EXAMPLE 1:
setxyz.snnsmf-pdusession.nfi54804518-4191-46b3-955c-ac631f953ed8.5gc.mnc012.mcc345
EXAMPLE 2:
set2.snnpcf-smpolicycontrol.nfi54804518-4191-46b3-955c-ac631f953ed8.5gc.mnc012.mcc345
EXAMPLE 3:
setxyz.snnsmf-pdusession.nfi54804518-4191-46b3-955c-ac631f953ed8.5gc.nid000007ed9d5.mnc012.mcc345 for a SNPN with the NID 000007ed9d5 (hexadecimal).
NF service instances from different NF instances are equivalent NF service instances if they share the same MCC, MNC, NID (for SNPN), ServiceName and Set ID.
NF Service Sets belonging to different NF Instances are said to be equivalent, if they share the same MCC, MNC, NID (for SNPN), ServiceName and Set ID.
Up

28.14  Data Network Access Identifier (DNAI) |R16|Word‑p. 122
A Data Network Access Identifier (DNAI) is an operator defined identifier of a user plane access to one or more DN(s) where applications are deployed (see clauses 3.1 and 5.6.7 in TS 23.501). The same DN may also be referred to by multiple DNAIs.
DNAI is represented as an operator specific string (see clause A.2 in TS 29.571. The format of the DNAI is defined by the operator and is not standardized.
Up

28.15  Global Cable Identifier (GCI) |R16|Word‑p. 123

28.15.1  Introduction

This clause describes the GCI formats used in the 5G System.

28.15.2  NAI format for SUPI containing a GCI

A SUPI containing a GCI shall take the form of a Network Access Identifier (NAI).
The NAI for SUPI shall have the form username@realm as specified in clause 2.2 of IETF RFC 7542, where:
  • the username part shall be the GCI, as defined in clause 28.15.4;
  • the realm part shall identify the operator owning the subscription; if the operator owns a PLMN ID, the realm part should be in the form:
    "5gc.mnc<MNC>.mcc<MCC>.3gppnetwork.org"
EXAMPLE 1:
00-00-5E-00-53-00@5gc.mnc012.mcc345.3gppnetwork.org
EXAMPLE 2:
00-00-5E-00-53-00@operator.com
Up

28.15.3  User Location Information for RG accessing the 5GC via W-5GCAN (HFC Node ID)

The User Location information for a 5G-CRG/FN-CRG accessing the 5GC via a Wireline 5G Cable Access network (W-5GCAN) shall take the form of an HFC Node ID. The HFC Node ID consists of a string of up to six characters as specified in CableLabs WR-TR-5WWC-ARCH [134].

28.15.4  GCI

The GCI uniquely identifies the line connecting the 5G-CRG or FN-CRG to the 5GS.
The GCI is a variable length opaque identifier, encoded as specified in CableLabs WR-TR-5WWC-ARCH [134] and CableLabs DOCSIS MULPI [135]. It shall comply with the syntax specified in clause 2.2 of IETF RFC 7542 for the username part of a NAI.
EXAMPLE:
00-00-5E-00-53-00
Up

28.15.5  NAI format for SUCI containing a GCI

The SUCI containing a GCI shall take the form of a Network Access Identifier (NAI).
The NAI format of the SUCI shall have the form username@realm as specified in clause 2.2 of IETF RFC 7542, where the realm part shall be identical to the realm part of the SUPI (see clause 28.15.2).
The username part of the NAI shall be encoded as specified for the null-scheme in clause 28.7.3, i.e. it shall take the following form:
type3.rid0.schid0.userid<username>
where the username shall be encoded as the username part of the SUPI (see clause 28.15.2).
EXAMPLE 1:
type3.rid0.schid0.userid00-00-5E-00-53-00@5gc.mnc012.mcc345.3gppnetwork.org
EXAMPLE 2:
type3.rid0.schid0.userid00-00-5E-00-53-00@operator.com
Up

28.16  Global Line Identifier (GLI) |R16|Word‑p. 124

28.16.1  Introduction

This clause describes the GLI formats used in the 5G System.

28.16.2  NAI format for SUPI containing a GLI

A SUPI containing a GLI shall take the form of a Network Access Identifier (NAI).
The NAI for SUPI shall have the form username@realm as specified in clause 2.2 of IETF RFC 7542, where:
  • the username part shall be the GLI, as defined in clause 28.16.4;
  • the realm part shall identify the operator owning the subscription; if the operator owns a PLMN ID, the realm part should be in the form:
    • "5gc.mnc<MNC>.mcc<MCC>.3gppnetwork.org"
Up

28.16.3  User Location Information for RG accessing the 5GC via W-5GBAN

The User Location information for a 5G-BRG/FN-BRG accessing the 5GC via a Wireline BBF Access Network (W-5GBAN) shall take the form of a GLI as defined in clause 28.16.4.

28.16.4  GLI

The GLI uniquely identifies the line connecting the 5G-BRG or FN-BRG to the 5GS.
The GLI is a variable length opaque identifier, consisting of a string of up to 200 base64-encoded characters, representing the GLI value (up to 150 bytes) encoded as specified in BBF WT-470 [133].

28.16.5  NAI format for SUCI containing a GLI

The SUCI containing a GLI shall take the form of a Network Access Identifier (NAI).
The NAI format of the SUCI shall have the form username@realm as specified in clause 2.2 of IETF RFC 7542, where the realm part shall be identical to the realm part of the SUPI (see clause 28.16.2).
The username part of the NAI shall be encoded as specified for the null-scheme in clause 28.7.3, i.e. it shall take the following form:
type2.rid0.schid0.userid<username>
Up

28.17  DNS subdomain for operator usage in 5GC

The 5GC nodes DNS subdomain (DNS zone) shall be derived from the MNC and MCC by adding the label "node" to the beginning of the Home Network Domain for 5GC (see clause 28.2) and shall be constructed as:
node.5gc.mnc<MNC>.mcc<MCC>.3gppnetwork.org
This DNS subdomain is formally placed into the operator's control. 3GPP shall never take this DNS subdomain back or any zone cut/subdomain within it for any purpose. As a result the operator can safely provision any DNS records it chooses under this subdomain without concern about future 3GPP standards encroaching on the DNS names within this zone.
Up

Up   Top   ToC