[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Seamoby] LWAPP

>>> No, it's does alot more than just configure APs. The information 
>>> provided in the protocol can provide many additional features, 
>>> include fast handoffs, creating a secure interface between the AP 
>>> and the AR, etc.
>> 
>> I don't see any fast handoffs information carried in the draft.
>> 
> A foobar on my part. There is a message between the AP and the AR that 
> is used to communicate a trigger. Used with the signal strength in the 
> message (which is already in the draft), it can be used by the AR to 
> determine a mobile's current point of attachment.
> 
> I put out the document rather hastily, but will follow up with another 
> version that includes this (and the formatting problems).

If you are talking about carrying L2 event notifications around, please see:

&amp;lt;a  href=&amp;quot;&lt;a  rel=&quot;nofollow&quot; href=&quot;<a  rel="nofollow" href="http://ietf.org/internet-drafts/draft-yegin-l2-triggers-00.txt&amp;quot&quot";>http://ietf.org/internet-drafts/draft-yegin-l2-triggers-00.txt&amp;quot&quot</a>;&gt;<a  rel="nofollow" href="http://ietf.org/internet-drafts/draft-yegin-l2-triggers-00.txt&amp;quot";>http://ietf.org/internet-drafts/draft-yegin-l2-triggers-00.txt&amp;quot</a>&lt;/a&gt;;&amp;gt;&lt;a  rel=&quot;nofollow&quot; href=&quot;<a  rel="nofollow" href="http://ietf.org/internet-drafts/draft-yegin-l2-triggers-00.txt&quot";>http://ietf.org/internet-drafts/draft-yegin-l2-triggers-00.txt&quot</a>;&gt;<a  rel="nofollow" href="http://ietf.org/internet-drafts/draft-yegin-l2-triggers-00.txt";>http://ietf.org/internet-drafts/draft-yegin-l2-triggers-00.txt</a>&lt;/a&gt;&amp;lt;/a&amp;gt;

How does what you have in mind compare/relate to the above draft?


&amp;amp;gt; 
&amp;amp;gt;&amp;amp;gt; I'm not sure
&amp;amp;gt;&amp;amp;gt; what exactly you mean by &amp;amp;quot;secure interface&amp;amp;quot;, but based on my reading 
&amp;amp;gt;&amp;amp;gt; of the draft the only security is for protecting this protocol's 
&amp;amp;gt;&amp;amp;gt; packets between the AP and the AR. And this is not an additional 
&amp;amp;gt;&amp;amp;gt; feature but a requirement on the protocol.
&amp;amp;gt; 
&amp;amp;gt; Correct - that is the secure interface I mentioned. It is assumed that 
&amp;amp;gt; the user will protect his/her own traffic... and that the AR will 
&amp;amp;gt; enforce whatever policy it has defined. LWAPP was not intended to 
&amp;amp;gt; replace end-to-end security, but securing that interface *is* a 
&amp;amp;gt; requirement, not an additional feature. A malicious AP can do very 
&amp;amp;gt; nasty things to an AR.
&amp;amp;gt; 
&amp;amp;gt;&amp;amp;gt;&amp;amp;gt; 
&amp;amp;gt;&amp;amp;gt;&amp;amp;gt; Further, the market has made it pretty clear that they no longer 
&amp;amp;gt;&amp;amp;gt;&amp;amp;gt; want smart APs that have to be managed individually. They want a 
&amp;amp;gt;&amp;amp;gt;&amp;amp;gt; central point of control, with remote interfaces. But this is a 
&amp;amp;gt;&amp;amp;gt;&amp;amp;gt; market issue, not a standards one.
&amp;amp;gt;&amp;amp;gt; 
&amp;amp;gt;&amp;amp;gt; This makes sense. But is there any difference between your proposed 
&amp;amp;gt;&amp;amp;gt; protocol and SNMP in this context?
&amp;amp;gt; 
&amp;amp;gt; Sure, let me explain.
&amp;amp;gt; 
&amp;amp;gt; What we've heard from our customers is that they are tired to managing 
&amp;amp;gt; APs scattered throughout their networks (oh, and it's clear the 
&amp;amp;gt; industry is moving in this direction, these are not just my own 
&amp;amp;gt; ramblings). The issue SNMP in the AP is that it does require the 
&amp;amp;gt; administrator to touch the device. People want a secure plug and play 
&amp;amp;gt; solution. If SNMP is on the box, you must configure the community 
&amp;amp;gt; string (and user in the case of v3), and this security relationship is 
&amp;amp;gt; one that must be administered over the course of the device's 
&amp;amp;gt; lifetime. The market is pretty clear in the fact that it wants an AP 
&amp;amp;gt; that can auto-discover ARs and establish a security relationship w/o 
&amp;amp;gt; any administrator involvement. The draft's use of certificates 
&amp;amp;gt; provides this feature, but I agree that a shared secret mechanism 
&amp;amp;gt; should probably  be defined as well.

If I'm understanding this right, the problem is that SNMP does not know how to use certificates for authentication.... I don't know how hard it is to solve this if it is needed as you described....

alper


&amp;amp;gt; 
&amp;amp;gt; PatC
&amp;amp;gt; 
&amp;amp;gt; _______________________________________________
&amp;amp;gt; Seamoby mailing list
&amp;amp;gt; Seamoby@ietf.org &amp;lt;a  href=&amp;quot;&lt;a  rel=&quot;nofollow&quot; href=&quot;<a  rel="nofollow" href="https://www1.ietf.org/mailman/listinfo/seamoby&amp;quot&quot";>https://www1.ietf.org/mailman/listinfo/seamoby&amp;quot&quot</a>;&gt;<a  rel="nofollow" href="https://www1.ietf.org/mailman/listinfo/seamoby&amp;quot";>https://www1.ietf.org/mailman/listinfo/seamoby&amp;quot</a>&lt;/a&gt;;&amp;gt;&lt;a  rel=&quot;nofollow&quot; href=&quot;<a  rel="nofollow" href="https://www1.ietf.org/mailman/listinfo/seamoby&quot";>https://www1.ietf.org/mailman/listinfo/seamoby&quot</a>;&gt;<a  rel="nofollow" href="https://www1.ietf.org/mailman/listinfo/seamoby";>https://www1.ietf.org/mailman/listinfo/seamoby</a>&lt;/a&gt;&amp;lt;/a&amp;gt;
&amp;amp;gt; 

_______________________________________________
Seamoby mailing list
Seamoby@ietf.org
&amp;lt;a  href=&amp;quot;&lt;a  rel=&quot;nofollow&quot; href=&quot;<a  rel="nofollow" href="https://www1.ietf.org/mailman/listinfo/seamoby&amp;quot&quot";>https://www1.ietf.org/mailman/listinfo/seamoby&amp;quot&quot</a>;&gt;<a  rel="nofollow" href="https://www1.ietf.org/mailman/listinfo/seamoby&amp;quot";>https://www1.ietf.org/mailman/listinfo/seamoby&amp;quot</a>&lt;/a&gt;;&amp;gt;&lt;a  rel=&quot;nofollow&quot; href=&quot;<a  rel="nofollow" href="https://www1.ietf.org/mailman/listinfo/seamoby&quot";>https://www1.ietf.org/mailman/listinfo/seamoby&quot</a>;&gt;<a  rel="nofollow" href="https://www1.ietf.org/mailman/listinfo/seamoby";>https://www1.ietf.org/mailman/listinfo/seamoby</a>&lt;/a&gt;&amp;lt;/a&amp;gt;
_______________________________________________
Seamoby mailing list
Seamoby@ietf.org
&amp;lt;a  href=&amp;quot;&lt;a  rel=&quot;nofollow&quot; href=&quot;<a  rel="nofollow" href="https://www1.ietf.org/mailman/listinfo/seamoby&amp;quot&quot";>https://www1.ietf.org/mailman/listinfo/seamoby&amp;quot&quot</a>;&gt;<a  rel="nofollow" href="https://www1.ietf.org/mailman/listinfo/seamoby&amp;quot";>https://www1.ietf.org/mailman/listinfo/seamoby&amp;quot</a>&lt;/a&gt;;&amp;gt;&lt;a  rel=&quot;nofollow&quot; href=&quot;<a  rel="nofollow" href="https://www1.ietf.org/mailman/listinfo/seamoby&quot";>https://www1.ietf.org/mailman/listinfo/seamoby&quot</a>;&gt;<a  rel="nofollow" href="https://www1.ietf.org/mailman/listinfo/seamoby";>https://www1.ietf.org/mailman/listinfo/seamoby</a>&lt;/a&gt;&amp;lt;/a&amp;gt;



&amp;lt;/pre&amp;gt;

&amp;lt;!--X-Body-of-Message-End--&amp;gt;
&amp;lt;!--X-MsgBody-End--&amp;gt;
&amp;lt;!--X-Follow-Ups--&amp;gt;
&amp;lt;hr&amp;gt;
&amp;lt;ul&amp;gt;&amp;lt;li&amp;gt;&amp;lt;strong&amp;gt;Follow-Ups&amp;lt;/strong&amp;gt;:
&amp;lt;ul&amp;gt;
&amp;lt;li&amp;gt;&amp;lt;strong&amp;gt;&amp;lt;a name=&amp;quot;01938&amp;quot; href=&amp;quot;msg01938.html&amp;quot;&amp;gt;RE: [Seamoby] LWAPP&amp;lt;/a&amp;gt;&amp;lt;/strong&amp;gt;
&amp;lt;ul&amp;gt;&amp;lt;li&amp;gt;&amp;lt;em&amp;gt;From:&amp;lt;/em&amp;gt; Pat Calhoun &amp;amp;lt;pcalhoun@bstormnetworks.com&amp;amp;gt;&amp;lt;/li&amp;gt;&amp;lt;/ul&amp;gt;&amp;lt;/li&amp;gt;
&amp;lt;li&amp;gt;&amp;lt;strong&amp;gt;&amp;lt;a name=&amp;quot;01936&amp;quot; href=&amp;quot;msg01936.html&amp;quot;&amp;gt;Re: [Seamoby] LWAPP&amp;lt;/a&amp;gt;&amp;lt;/strong&amp;gt;
&amp;lt;ul&amp;gt;&amp;lt;li&amp;gt;&amp;lt;em&amp;gt;From:&amp;lt;/em&amp;gt; &amp;amp;quot;Raymond J. Jayabal&amp;amp;quot; &amp;amp;lt;jraymond@icr.a-star.edu.sg&amp;amp;gt;&amp;lt;/li&amp;gt;&amp;lt;/ul&amp;gt;&amp;lt;/li&amp;gt;
&amp;lt;/ul&amp;gt;&amp;lt;/li&amp;gt;&amp;lt;/ul&amp;gt;
&amp;lt;!--X-Follow-Ups-End--&amp;gt;
&amp;lt;!--X-References--&amp;gt;
&amp;lt;!--X-References-End--&amp;gt;
&amp;lt;!--X-BotPNI--&amp;gt;
&amp;lt;ul&amp;gt;
&amp;lt;li&amp;gt;Prev by Date:
&amp;lt;strong&amp;gt;&amp;lt;a href=&amp;quot;msg01933.html&amp;quot;&amp;gt;Re: [Seamoby] LWAPP&amp;lt;/a&amp;gt;&amp;lt;/strong&amp;gt;
&amp;lt;/li&amp;gt;
&amp;lt;li&amp;gt;Next by Date:
&amp;lt;strong&amp;gt;&amp;lt;a href=&amp;quot;msg01935.html&amp;quot;&amp;gt;[Seamoby] CFP IEEE/IFIP Intern. Conference on Management of Multimedia Networks &amp;amp;amp; Services 2003&amp;lt;/a&amp;gt;&amp;lt;/strong&amp;gt;
&amp;lt;/li&amp;gt;
&amp;lt;li&amp;gt;Previous by thread:
&amp;lt;strong&amp;gt;&amp;lt;a href=&amp;quot;msg01932.html&amp;quot;&amp;gt;RE: [Seamoby] LWAPP&amp;lt;/a&amp;gt;&amp;lt;/strong&amp;gt;
&amp;lt;/li&amp;gt;
&amp;lt;li&amp;gt;Next by thread:
&amp;lt;strong&amp;gt;&amp;lt;a href=&amp;quot;msg01936.html&amp;quot;&amp;gt;Re: [Seamoby] LWAPP&amp;lt;/a&amp;gt;&amp;lt;/strong&amp;gt;
&amp;lt;/li&amp;gt;
&amp;lt;li&amp;gt;Index(es):
&amp;lt;ul&amp;gt;
&amp;lt;li&amp;gt;&amp;lt;a href=&amp;quot;maillist.html#01934&amp;quot;&amp;gt;&amp;lt;strong&amp;gt;Date&amp;lt;/strong&amp;gt;&amp;lt;/a&amp;gt;&amp;lt;/li&amp;gt;
&amp;lt;li&amp;gt;&amp;lt;a href=&amp;quot;thrd2.html#01934&amp;quot;&amp;gt;&amp;lt;strong&amp;gt;Thread&amp;lt;/strong&amp;gt;&amp;lt;/a&amp;gt;&amp;lt;/li&amp;gt;
&amp;lt;/ul&amp;gt;
&amp;lt;/li&amp;gt;
&amp;lt;/ul&amp;gt;

&amp;lt;!--X-BotPNI-End--&amp;gt;
&amp;lt;!--X-User-Footer--&amp;gt;
&amp;lt;!--X-User-Footer-End--&amp;gt;
&amp;lt;/body&amp;gt;
&amp;lt;/html&amp;gt;
&lt;/pre&gt;
&lt;!--X-Body-of-Message-End--&gt;
&lt;!--X-MsgBody-End--&gt;
&lt;!--X-Follow-Ups--&gt;
&lt;hr&gt;
&lt;!--X-Follow-Ups-End--&gt;
&lt;!--X-References--&gt;
&lt;!--X-References-End--&gt;
&lt;!--X-BotPNI--&gt;
&lt;ul&gt;
&lt;li&gt;Prev by Date:
&lt;strong&gt;&lt;a href=&quot;msg01931.html&quot;&gt;[no subject]&lt;/a&gt;&lt;/strong&gt;
&lt;/li&gt;
&lt;li&gt;Next by Date:
&lt;strong&gt;&lt;a href=&quot;msg01933.html&quot;&gt;[no subject]&lt;/a&gt;&lt;/strong&gt;
&lt;/li&gt;
&lt;li&gt;Previous by thread:
&lt;strong&gt;&lt;a href=&quot;msg01931.html&quot;&gt;[no subject]&lt;/a&gt;&lt;/strong&gt;
&lt;/li&gt;
&lt;li&gt;Next by thread:
&lt;strong&gt;&lt;a href=&quot;msg01933.html&quot;&gt;[no subject]&lt;/a&gt;&lt;/strong&gt;
&lt;/li&gt;
&lt;li&gt;Index(es):
&lt;ul&gt;
&lt;li&gt;&lt;a href=&quot;maillist.html#01932&quot;&gt;&lt;strong&gt;Date&lt;/strong&gt;&lt;/a&gt;&lt;/li&gt;
&lt;li&gt;&lt;a href=&quot;threads.html#01932&quot;&gt;&lt;strong&gt;Thread&lt;/strong&gt;&lt;/a&gt;&lt;/li&gt;
&lt;/ul&gt;
&lt;/li&gt;
&lt;/ul&gt;

&lt;!--X-BotPNI-End--&gt;
&lt;!--X-User-Footer--&gt;
&lt;!--X-User-Footer-End--&gt;
&lt;/body&gt;
&lt;/html&gt;
</pre>
<!--X-Body-of-Message-End-->
<!--X-MsgBody-End-->
<!--X-Follow-Ups-->
<hr>
<!--X-Follow-Ups-End-->
<!--X-References-->
<!--X-References-End-->
<!--X-BotPNI-->
<ul>
<li>Prev by Date:
<strong><a href="msg01931.html">[no subject]</a></strong>
</li>
<li>Next by Date:
<strong><a href="msg01933.html">[no subject]</a></strong>
</li>
<li>Previous by thread:
<strong><a href="msg01931.html">[no subject]</a></strong>
</li>
<li>Next by thread:
<strong><a href="msg01933.html">[no subject]</a></strong>
</li>
<li>Index(es):
<ul>
<li><a href="maillist.html#01932"><strong>Date</strong></a></li>
<li><a href="threads.html#01932"><strong>Thread</strong></a></li>
</ul>
</li>
</ul>

<!--X-BotPNI-End-->
<!--X-User-Footer-->
<!--X-User-Footer-End-->
</body>
</html>