{"draft":"draft-ietf-capwap-threat-analysis-04","doc_id":"RFC5418","title":"Control And Provisioning of Wireless Access Points (CAPWAP) Threat Analysis for IEEE 802.11 Deployments","authors":["S. Kelly","T. Clancy"],"format":["ASCII","HTML"],"page_count":"34","pub_status":"INFORMATIONAL","status":"INFORMATIONAL","source":"Control And Provisioning of Wireless Access Points","abstract":"Early Wireless Local Area Network (WLAN) deployments feature a \"fat\"\r\nAccess Point (AP), which serves as a \\%stand-alone interface between\r\nthe wired and wireless network segments.  However, this model raises\r\nscaling, mobility, and manageability issues, and the Control and\r\nProvisioning of Wireless Access Points (CAPWAP) protocol is meant to\r\naddress these issues.  CAPWAP effectively splits the fat AP\r\nfunctionality into two network elements, and the communication\r\nchannel between these components may traverse potentially hostile\r\nhops.  This document analyzes the security exposure resulting from\r\nthe introduction of CAPWAP and summarizes the associated security\r\nconsiderations for IEEE 802.11-based CAPWAP implementations and\r\ndeployments.  This memo provides information for the Internet community.","pub_date":"March 2009","keywords":["WLAN","security"],"obsoletes":[],"obsoleted_by":[],"updates":[],"updated_by":[],"see_also":[],"doi":"10.17487\/RFC5418","errata_url":null}