The IESG has approved the following document: - 'CAPWAP Threat Analysis for IEEE 802.11 Deployments ' <draft-ietf-capwap-threat-analysis-04.txt> as an Informational RFC This document is the product of the Control And Provisioning of Wireless Access Points Working Group. The IESG contact persons are Dan Romascanu and Ron Bonica. A URL of this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-capwap-threat-analysis-04.txt Technical Summary Early Wireless Local Area Network (WLAN) deployments feature a "fat" Access Point (AP) which serves as a stand-alone interface between the wired and wireless network segments. However, this model raises scaling, mobility, and manageability issues, and the Control and Provisioning for Wireless Access Points (CAPWAP) protocol is meant to address these issues. CAPWAP effectively splits the fat AP functionality into two network elements, and the communication channel between these components may traverse potentially hostile hops. This document analyzes the security exposure resulting from the introduction of CAPWAP, and summarizes the associated security considerations for IEEE 802.11-based CAPWAP implementations and Working Group Summary This document represents a very strong consensus of the WG. Many analyses and concerns raised in the WG by the Security Advisors for WG have been painstakingly addressed in the CAPWAP base & binding protocol drafts. This document reflects well the state of the security model of the resulting CAPWAP protocol. Document Quality This document has been very well-reviewed. The draft itself is authored by both the Security Advisors to the WG. In addition to a lot of review within the WG rhe doument got an early secdir review (Joe Salowey) and received considerable ananlysis and feedback including the Security AD as well as the IETF chair. Gonzalo Camarillo performed the GenART review and Dan Romascanu the OPS AD review. All issues raised during the course of these reviews were carefully tracked in an issue tracker and fully addressed. Personnel Mahalingam Mani is the document shepherd and Dan Romascanu is the responsible Area Director. RFC Editor Note 1. Add to Section 1 the following: 1.2 Notations The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119. 2. Add RFC2119 to the Normative References. 3. Expand CAPWAP in the document title. 4. Remove [RC4017] from the Informative References list. 5. In Section 13: OLD: This document outlines a threat analysis for CAPWAP NEW: This document outlines a threat analysis for CAPWAP, in the context of IEEE 802.11 deployments _______________________________________________ IETF-Announce@ietf.org https://www.ietf.org/mailman/listinfo/ietf-announce
