Capwap Mailing List: RE: Response to LWAPP Security Review

[Pat Calhoun (pcalhoun]

Title: Re: [Capwap] Response to LWAPP Security Review

Actually, I agree, and the issues raised in the review state that the specification needs to have clarifying text to ensure that other implementations do things right. As I mentioned below, we will be adding such text to ensure that the document is very clear, minimizing the possibility of 3rd party implementors being vulnerable to the issues mentioned.

 

Your voice is heard.

Pat Calhoun
CTO, Wireless Networking Business Unit
Cisco Systems

 

---

From: capwap-admin [at] frascone.com [mailto:capwap-admin [at] frascone.com] On Behalf Of Agcaoili, Philip
Sent: Friday, May 13, 2005 4:34 PM
To: 'capwap [at] frascone.com'
Subject: Re: [Capwap] Response to LWAPP Security Review

So to summarize, you appear to be saying that LWAPP security depends from implementation to implementation of the draft.

I'd like to be the voice of reason here and ask as a customer that the IETF specification is explicit enough to reasonably ensure that every implementation of the spec is secure.

Thanks,

Philip Agcaoili
Chief Security Architect
Enterprise Information Protection
Scientific-Atlanta, Inc.

- - - - - - - Appended by Scientific-Atlanta, Inc. - - - - - - -
This e-mail and any attachments may contain information which is confidential, proprietary, privileged or otherwise protected by law. The information is solely intended for the named addressee (or a person responsible for delivering it to the addressee). If you are not the intended recipient of this message, you are not authorized to read, print, retain, copy or disseminate this message or any part of it. If you have received this e-mail in error, please notify the sender immediately by return e-mail and delete it from your computer.