Message612

Issues
Show Unassigned
Show All
Search

Login




Register
Lost your login?

Help
Roundup docs

Author pcalhoun
Recipients
Date 2008-10-09.21:27:59
Content
>> Discuss:
>> I believe this document needs to acknowledge a lying endpoint 
>> problem,
> especially with respect to firmware update.  Specifically:
>>
>> The firmware update aspects of the CAPWAP protocol specification 
>> place
> a great deal of faith in the WTP.  Specifically, the AC is trusting 
> the WTP to assert the current firmware update, and to indicate whether 
> the update has been installed.  (This is consistent with efforts in 
> NEA where we specifically excluded the lying endpoint problem, but I 
> recall that it was somewhat controversial.)
>>
>> However, there is nothing in the CAPWAP protocol specification to
> indicate this level of trust in the WTP.  I believe that a discussion 
> of the trust model, and its limitations, should appear in this 
> document.  I would suggest introducing this concept in section 9, and 
> expanding it in the security considerations.
>
> OK - we can add such language to cover the concern you raise:
>
> <proposed text>
> 9.  Device Management Operations
>
>    This section defines CAPWAP operations responsible for debugging,
>    gathering statistics, logging, and firmware management.  The
>    management operations defined in this section are used by the AC to
>    either push/pull information to/from the WTP, or request that the 
> WTP
>    reboot.  This section does not deal with the management of the AC 
> per
>    se, and assumes that the AC is operational and configured.
>
> 12.9.  WTP Firmware
>
>    The CAPWAP protocol defines a mechanism by which the AC downloads 
> new
>    firmware to the WTP.  During the session establishment process, the
>    WTP provides information about its current firmware to the AC.  The
>    AC then decides whether the WTP's firmware needs to be updated.  It
>    is important to note that the CAPWAP specification makes the 
> explicit
>    assumption that the WTP is providing the correct firmware version 
> to
>    the AC, and is therefore not lying.  Further, during the firmware
>    download process, the CAPWAP protocol does not provide any 
> mechanisms
>    to recognize whether the WTP is actually storing the firmware for
>    future use.
> </proposed text>
History
Date User Action Args
2008-10-09 21:27:59pcalhounlinkissue220 messages
2008-10-09 21:27:59pcalhouncreate