[rfc-dist] RFC 5418 on Control And Provisioning of Wireless Access Points (CAPWAP) Threat Analysis for IEEE 802.11 Deployments
rfc-editor at rfc-editor.org
Thu Mar 5 16:55:45 PST 2009
A new Request for Comments is now available in online RFC libraries.
Title: Control And Provisioning of Wireless
Access Points (CAPWAP) Threat Analysis for
IEEE 802.11 Deployments
Author: S. Kelly, T. Clancy
Date: March 2009
Mailbox: scott at hyperthought.com,
clancy at LTSnet.net
I-D Tag: draft-ietf-capwap-threat-analysis-04.txt
Early Wireless Local Area Network (WLAN) deployments feature a "fat"
Access Point (AP), which serves as a %stand-alone interface between
the wired and wireless network segments. However, this model raises
scaling, mobility, and manageability issues, and the Control and
Provisioning of Wireless Access Points (CAPWAP) protocol is meant to
address these issues. CAPWAP effectively splits the fat AP
functionality into two network elements, and the communication
channel between these components may traverse potentially hostile
hops. This document analyzes the security exposure resulting from
the introduction of CAPWAP and summarizes the associated security
considerations for IEEE 802.11-based CAPWAP implementations and
deployments. This memo provides information for the Internet community.
This document is a product of the Control And Provisioning of Wireless Access Points Working Group of the IETF.
INFORMATIONAL: This memo provides information for the Internet community.
It does not specify an Internet standard of any kind. Distribution of
this memo is unlimited.
This announcement is sent to the IETF-Announce and rfc-dist lists.
To subscribe or unsubscribe, see
For searching the RFC series, see http://www.rfc-editor.org/rfcsearch.html.
For downloading RFCs, see http://www.rfc-editor.org/rfc.html.
Requests for special distribution should be addressed to either the
author of the RFC in question, or to rfc-editor at rfc-editor.org. Unless
specifically noted otherwise on the RFC itself, all RFCs are for
The RFC Editor Team
USC/Information Sciences Institute
More information about the rfc-dist