ancp-2----Page:8
1 2 3 4 5 6 7 8 9 10
|
Clarification of AAA server in scope/out of scope issues (Section 7 in current draft) Out of scope: user's authentication process and how the user gets authenticated and how the AAA server gets the authorization data In scope: attacks concerning the communication between the NAS and the AAA server, once the AAA server gets the authentication data Attacks Against ANCP Defined Use Cases (Section 7 in the current draft) : re-organization and some revisions Major changes: Dynamic access loop attributes use case: downgrading caused by man-in-the-middle attack Removing network snooping from on-path and off-path passive attacks Access loop configuration use case: on-path passive attacks learning the configuration attributes Changes since last version 3/4 |