Capwap Mailing List: Re: Response to LWAPP Security Review

[Charles Clancy (clancy]

In the current draft, there is some ambiguity on how 802.11 roaming should 
be implemented with respect to the 11i TSK.  The draft defines all the 
messages to be passed back and forth, but not how these affect the policy 
and state on the WTP and AC as they interact with 802.11i.  The most 
direct way to implement the protocol could yield a system vunerable to 
denial of service attacks.

As the Pat stated, they plan to address this problem by adding text 
clarifying this process.

[ t. charles clancy ]--[ tcc [at] umd.edu ]--[ www.cs.umd.edu/~clancy ]
[ computer science ]-----[ university of maryland | college park ]


On Fri, 13 May 2005, Agcaoili, Philip wrote:

> So to summarize, you appear to be saying that LWAPP security depends from
> implementation to implementation of the draft.
>
> I'd like to be the voice of reason here and ask as a customer that the IETF
> specification is explicit enough to reasonably ensure that every
> implementation of the spec is secure.
>
> Thanks,
>
> Philip Agcaoili
> Chief Security Architect
> Enterprise Information Protection
> Scientific-Atlanta, Inc.
>
>
>     - - - - - - -  Appended by Scientific-Atlanta, Inc.  - - - - - - -
> This e-mail and any attachments may contain information which is confidential, 
> proprietary, privileged or otherwise protected by law. The information is 
> solely intended for the named addressee (or a person responsible for delivering 
> it to the addressee). If you are not the intended recipient of this message, 
> you are not authorized to read, print, retain, copy or disseminate this message 
> or any part of it. If you have received this e-mail in error, please notify the 
> sender immediately by return e-mail and delete it from your computer.