Yes, an example of what I was talking about. The credentials to access the database in this case are the master's.
Brian On Apr 18, 2012, at 11:10 AM, Don Joslyn wrote: > See response below... > > -----Original Message----- > From: [email protected] [mailto:[email protected]] On Behalf Of > Rosen, Brian > Sent: Wednesday, April 18, 2012 10:42 AM > To: Peter McCann > Cc: [email protected] > Subject: Re: [paws] Database Discovery Question > > Doesn't the slave get it's database access through the master? > If that's true, the problem you are worried about doesn't exist. > > [Don - In the US, if the slave device is a personal/portable Mode I device, > the master device provides a channel list to the slave device, but the master > device must validate the slave device (FCCID) first via the Whitespace > database.] > > Brian > > On Apr 18, 2012, at 10:37 AM, Peter McCann wrote: > >> I agree with Brian that LoST could be a good model for discovering the >> appropriate database for the region you're in. A nation may decide to >> subdivide their territory into provinces or states, each of which >> maintains its own database. >> >> I think it would be a mistake to assume that there is a single, >> pre-defined relationship for one device with just one database. >> In particular, I think there is a thorny issue that will arise with >> management of secure credentials on whitespace devices, illustrated by >> the first use case in Section 4.2.1 of >> draft-ietf-paws-problem-stmt-usecases-rqmts-03. Step 9 of that use >> case says: >> >> 9. Once the master/AP has met all regulatory domain requirements >> (e.g. validating the Device ID with the trusted database, etc) >> the master provides the list of channels locally available to >> the slave/user device. >> >> My question is, what if the master device has a relationship with one >> database, but the slave device has a relationship with another? >> How is the master's database supposed to validate the credentials of >> the slave device, if we don't have some sort of common trust anchor? >> Or will this "validation" be simply an insecure check of an ID against >> a whitelist/blacklist? Who will allocate Device IDs? >> Will they be specific to a particular database operator, or do we need >> some common top-level allocation format? >> >> -Pete >> > > _______________________________________________ > paws mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/paws _______________________________________________ paws mailing list [email protected] https://www.ietf.org/mailman/listinfo/paws
