draft-ietf-paws-protocol-17.txt   draft-ietf-paws-protocol-18.txt 
PAWS V. Chen, Ed. PAWS V. Chen, Ed.
Internet-Draft Google Internet-Draft Google
Intended status: Standards Track S. Das Intended status: Standards Track S. Das
Expires: March 12, 2015 Applied Communication Sciences Expires: March 26, 2015 Applied Communication Sciences
L. Zhu L. Zhu
Huawei Huawei
J. Malyar J. Malyar
iconectiv iconectiv
P. McCann P. McCann
Huawei Huawei
September 8, 2014 September 22, 2014
Protocol to Access White-Space (PAWS) Databases Protocol to Access White-Space (PAWS) Databases
draft-ietf-paws-protocol-17 draft-ietf-paws-protocol-18
Abstract Abstract
Portions of the radio spectrum that are allocated to licensees are Portions of the radio spectrum that are allocated to licensees are
available for non-interfering use. This available spectrum is called available for non-interfering use. This available spectrum is called
"White Space." Allowing secondary users access to available spectrum "White Space." Allowing secondary users access to available spectrum
"unlocks" existing spectrum to maximize its utilization and to "unlocks" existing spectrum to maximize its utilization and to
provide opportunities for innovation, resulting in greater overall provide opportunities for innovation, resulting in greater overall
spectrum utilization. spectrum utilization.
skipping to change at page 1, line 48 skipping to change at page 1, line 48
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on March 12, 2015. This Internet-Draft will expire on March 26, 2015.
Copyright Notice Copyright Notice
Copyright (c) 2014 IETF Trust and the persons identified as the Copyright (c) 2014 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 3, line 43 skipping to change at page 3, line 43
9.1.1. Registration Template . . . . . . . . . . . . . . . . 64 9.1.1. Registration Template . . . . . . . . . . . . . . . . 64
9.1.2. Initial Registry Contents . . . . . . . . . . . . . . 66 9.1.2. Initial Registry Contents . . . . . . . . . . . . . . 66
9.2. PAWS Parameters Registry . . . . . . . . . . . . . . . . 72 9.2. PAWS Parameters Registry . . . . . . . . . . . . . . . . 72
9.2.1. Registration Template . . . . . . . . . . . . . . . . 72 9.2.1. Registration Template . . . . . . . . . . . . . . . . 72
9.2.2. Initial Registry Contents . . . . . . . . . . . . . . 72 9.2.2. Initial Registry Contents . . . . . . . . . . . . . . 72
9.3. PAWS Error Code Registry . . . . . . . . . . . . . . . . 74 9.3. PAWS Error Code Registry . . . . . . . . . . . . . . . . 74
9.3.1. Registration Template . . . . . . . . . . . . . . . . 75 9.3.1. Registration Template . . . . . . . . . . . . . . . . 75
9.3.2. Initial Registry Contents . . . . . . . . . . . . . . 75 9.3.2. Initial Registry Contents . . . . . . . . . . . . . . 75
10. Security Considerations . . . . . . . . . . . . . . . . . . . 75 10. Security Considerations . . . . . . . . . . . . . . . . . . . 75
10.1. Assurance of Proper Database . . . . . . . . . . . . . . 77 10.1. Assurance of Proper Database . . . . . . . . . . . . . . 77
10.2. Protection Against Modification . . . . . . . . . . . . 77 10.2. Protection Against Modification . . . . . . . . . . . . 78
10.3. Protection Against Eavesdropping . . . . . . . . . . . . 77 10.3. Protection Against Eavesdropping . . . . . . . . . . . . 78
10.4. Client Authentication Considerations . . . . . . . . . . 78 10.4. Client Authentication Considerations . . . . . . . . . . 78
11. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 78 11. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 79
12. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 79 12. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 79
13. References . . . . . . . . . . . . . . . . . . . . . . . . . 79 13. References . . . . . . . . . . . . . . . . . . . . . . . . . 79
13.1. Normative References . . . . . . . . . . . . . . . . . . 79 13.1. Normative References . . . . . . . . . . . . . . . . . . 79
13.2. Informative References . . . . . . . . . . . . . . . . . 80 13.2. Informative References . . . . . . . . . . . . . . . . . 80
Appendix A. Database Listing Server Support . . . . . . . . . . 81 Appendix A. Database Listing Server Support . . . . . . . . . . 81
Appendix B. Changes / Author Notes. . . . . . . . . . . . . . . 82 Appendix B. Changes / Author Notes. . . . . . . . . . . . . . . 82
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 90 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 90
1. Introduction 1. Introduction
skipping to change at page 77, line 21 skipping to change at page 77, line 21
o Assurance of Proper Database (Section 10.1) o Assurance of Proper Database (Section 10.1)
o Protection Against Modification (Section 10.2) o Protection Against Modification (Section 10.2)
o Protection Against Eavesdropping (Section 10.3) o Protection Against Eavesdropping (Section 10.3)
Any specification for an alternate transport MUST define mechanisms Any specification for an alternate transport MUST define mechanisms
that ensure each of these steps. that ensure each of these steps.
In addition to the privacy risks described above, information
provided in DeviceDescriptor (Section 5.2) and DeviceOwner
(Section 5.5), along with device location, may allow a Database
administrator to track the activity and location of a device and its
user over time. Risks of secondary use of such tracking information,
including sharing with third parties, require out-of-band mitigation,
such as public statements or contractual terms. Furthermore, while
it is understandable that regulators require DeviceOwner information
for higher-power fixed white space devices, for privacy concerns,
regulators should not require DeviceOwner information for mobile
devices.
10.1. Assurance of Proper Database 10.1. Assurance of Proper Database
This document assumes that the Database is contacted using a domain This document assumes that the Database is contacted using a domain
name or an IP address. Using HTTP over TLS, the Database name or an IP address. Using HTTP over TLS, the Database
authenticates its identity, either as a domain name or IP address, to authenticates its identity, either as a domain name or IP address, to
the Master Device by presenting a certificate containing that the Master Device by presenting a certificate containing that
identifier as a "subjectAltName" (i.e., as a dNSName or IP address). identifier as a "subjectAltName" (i.e., as a dNSName or IP address).
If the Master Device has external information as to the expected If the Master Device has external information as to the expected
identity or credentials of the proper database (e.g., a certificate identity or credentials of the proper database (e.g., a certificate
fingerprint), checks of the subjectAltName MAY be omitted. Note that fingerprint), checks of the subjectAltName MAY be omitted. Note that
 End of changes. 7 change blocks. 
7 lines changed or deleted 19 lines changed or added

This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/