draft-ietf-capwap-protocol-binding-ieee80211-09.txt   draft-ietf-capwap-protocol-binding-ieee80211-10.txt 
Network Working Group P. Calhoun, Editor Network Working Group P. Calhoun, Editor
Internet-Draft Cisco Systems, Inc. Internet-Draft Cisco Systems, Inc.
Intended status: Standards Track M. Montemurro, Editor Intended status: Standards Track M. Montemurro, Editor
Expires: March 23, 2009 Research In Motion Expires: March 23, 2009 Research In Motion
D. Stanley, Editor D. Stanley, Editor
Aruba Networks Aruba Networks
September 19, 2008 September 19, 2008
CAPWAP Protocol Binding for IEEE 802.11 CAPWAP Protocol Binding for IEEE 802.11
draft-ietf-capwap-protocol-binding-ieee80211-09 draft-ietf-capwap-protocol-binding-ieee80211-10
Status of this Memo Status of this Memo
By submitting this Internet-Draft, each author represents that any By submitting this Internet-Draft, each author represents that any
applicable patent or other IPR claims of which he or she is aware applicable patent or other IPR claims of which he or she is aware
have been or will be disclosed, and any of which he or she becomes have been or will be disclosed, and any of which he or she becomes
aware will be disclosed, in accordance with Section 6 of BCP 79. aware will be disclosed, in accordance with Section 6 of BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that
skipping to change at page 70, line 8 skipping to change at page 70, line 8
+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+
A: WTP supports AES-CCMP, as defined in [IEEE.802-11.2007]. A: WTP supports AES-CCMP, as defined in [IEEE.802-11.2007].
T: WTP supports TKIP and Michael, as defined in [IEEE.802-11.2007] T: WTP supports TKIP and Michael, as defined in [IEEE.802-11.2007]
and [WPA], respectively. and [WPA], respectively.
9. Security Considerations 9. Security Considerations
This section describes security considerations for using IEEE 802.11 This section describes security considerations for using IEEE 802.11
with the CAPWAP protocol. with the CAPWAP protocol. A complete threat analysis of the CAPWAP
protocol can also be found in [I-D.ietf-capwap-threat-analysis]
9.1. IEEE 802.11 Security 9.1. IEEE 802.11 Security
When used with an IEEE 802.11 infrastructure with WEP encryption, the When used with an IEEE 802.11 infrastructure with WEP encryption, the
CAPWAP protocol does not add any new vulnerabilities. Derived CAPWAP protocol does not add any new vulnerabilities. Derived
session keys between the STA and WTP can be compromised, resulting in session keys between the STA and WTP can be compromised, resulting in
many well-documented attacks. Implementers SHOULD discourage the use many well-documented attacks. Implementers SHOULD discourage the use
of WEP and encourage use of technically sound cryptographic solutions of WEP and encourage use of technically sound cryptographic solutions
such as those in an IEEE 802.11 RSN. such as those in an IEEE 802.11 RSN.
skipping to change at page 78, line 39 skipping to change at page 78, line 39
12.2. Informational References 12.2. Informational References
[RFC4017] Stanley, D., Walker, J., and B. Aboba, "Extensible [RFC4017] Stanley, D., Walker, J., and B. Aboba, "Extensible
Authentication Protocol (EAP) Method Requirements for Authentication Protocol (EAP) Method Requirements for
Wireless LANs", RFC 4017, March 2005. Wireless LANs", RFC 4017, March 2005.
[RFC4118] Yang, L., Zerfos, P., and E. Sadot, "Architecture Taxonomy [RFC4118] Yang, L., Zerfos, P., and E. Sadot, "Architecture Taxonomy
for Control and Provisioning of Wireless Access Points for Control and Provisioning of Wireless Access Points
(CAPWAP)", RFC 4118, June 2005. (CAPWAP)", RFC 4118, June 2005.
[I-D.ietf-capwap-threat-analysis]
Kelly, S. and C. Clancy, "CAPWAP Threat Analysis for IEEE
802.11 Deployments", draft-ietf-capwap-threat-analysis-04
(work in progress), September 2008.
[WPA] "Deploying Wi-Fi Protected Access (WPA) and WPA2 in the [WPA] "Deploying Wi-Fi Protected Access (WPA) and WPA2 in the
Enterprise", March 2005, <www.wi-fi.org>. Enterprise", March 2005, <www.wi-fi.org>.
[WMM] "Support for Multimedia Applications with Quality of [WMM] "Support for Multimedia Applications with Quality of
Service in WiFi Networks)", September 2004, <www.wi- Service in WiFi Networks)", September 2004, <www.wi-
fi.org>. fi.org>.
Editors' Addresses Editors' Addresses
Pat R. Calhoun Pat R. Calhoun
 End of changes. 3 change blocks. 
2 lines changed or deleted 8 lines changed or added

This html diff was produced by rfcdiff 1.35. The latest version is available from http://tools.ietf.org/tools/rfcdiff/