| RE: Response to LWAPP Security Review | <– Date –> <– Thread –> |
From: Agcaoili, Philip (Philip.Agcaoili sciatl.com)
|
|
| Date: Sun, 15 May 2005 16:13:51 -0400 (EDT) | |
This is great to hear.
It also seems like we're adding complexity to this working group by reinventing the wheel. Why bother fixing something that's been solved many times already? This working group should reusing other standards-based, well understood, and battle-proven methods such as IKE with IPSec or TLS with certificates?
Thanks,
Philip Agcaoili
Chief Security Architect
Enterprise Information Protection
Scientific-Atlanta, Inc.
-----Original Message-----
From: Pat Calhoun
To: 'Agcaoili, Philip'; capwap [at] frascone.com
Sent: 5/14/2005 12:12 AM
Subject: RE: [Capwap] Response to LWAPP Security Review
Actually, I agree, and the issues raised in the review state that the
specification needs to have clarifying text to ensure that other
implementations do things right. As I mentioned below, we will be adding
such text to ensure that the document is very clear, minimizing the
possibility of 3rd party implementors being vulnerable to the issues
mentioned.
Your voice is heard.
Pat Calhoun
CTO, Wireless Networking Business Unit
Cisco Systems
_____
From: capwap-admin [at] frascone.com [mailto:capwap-admin [at] frascone.com] On
Behalf Of Agcaoili, Philip
Sent: Friday, May 13, 2005 4:34 PM
To: 'capwap [at] frascone.com'
Subject: Re: [Capwap] Response to LWAPP Security Review
So to summarize, you appear to be saying that LWAPP security depends
from implementation to implementation of the draft.
I'd like to be the voice of reason here and ask as a customer that the
IETF specification is explicit enough to reasonably ensure that every
implementation of the spec is secure.
Thanks,
Philip Agcaoili
Chief Security Architect
Enterprise Information Protection
Scientific-Atlanta, Inc.
- - - - - - - Appended by Scientific-Atlanta, Inc. - - - - - - -
This e-mail and any attachments may contain information which is
confidential, proprietary, privileged or otherwise protected by law. The
information is solely intended for the named addressee (or a person
responsible for delivering it to the addressee). If you are not the
intended recipient of this message, you are not authorized to read,
print, retain, copy or disseminate this message or any part of it. If
you have received this e-mail in error, please notify the sender
immediately by return e-mail and delete it from your computer.
-
Response to LWAPP Security Review Pat Calhoun, May 13 2005
-
Re: Response to LWAPP Security Review Agcaoili, Philip, May 13 2005
- Re: Response to LWAPP Security Review Charles Clancy, May 13 2005
- RE: Response to LWAPP Security Review Pat Calhoun, May 13 2005
- RE: Response to LWAPP Security Review Agcaoili, Philip, May 15 2005
- RE: Response to LWAPP Security Review Charles Clancy, May 16 2005
-
Re: Response to LWAPP Security Review Agcaoili, Philip, May 13 2005
- RE: Response to LWAPP Security Review Darren Loher, May 16 2005
Results generated by Tiger Technologies using MHonArc.