I’ve taken a look at IMS lately and ways to access the IMS from non 3GPP networks such as Wifi hotspots and Wifi at home. Looks like 3GPP TS 23.234 and TS 33.234 contains everything required for the purpose. The first major building block of I-WLAN (Wireless Local Area Network interworking) is how the subscriber database of a 2G/3G network can be used to authenticate Wifi users that have a device with built in GSM/UMTS SIM card. For this purpose EAP/AKA or EAP/SIM is used. For EAP-SIM I’ve written a blog entry some time ago. The standard also foresees methods for the access point to deliver billing information to the 3GPP network.
What I didn’t realize at that time was that the second building block in those two documents is a method to establish an IPSec encryption tunnel between a mobile device and a gateway between an external network (e.g. the Internet) and the 3GPP core network which hosts an IMS. This gateway is called the Packet Data Gateway (PDG). The standard even says that the IPsec tunnel setup can be used without the above mentioned EAP-SIM authentication step. That’s good news as the EAP-SIM authentication requires support of the Wifi Access point while the tunnel establishment is transparent to the Wifi access point.
So let’s see maybe we’ll see 3G+/Wifi IMS devices with the ability to establish an IPSec tunnel over Wifi to the IMS of their wireless operator. Great stuff for mobile operators with DSL assets.