Hi, Paul Please see inline.
================== Yang Cui, Ph.D. Huawei Technologies [email protected] > -----邮件原件----- > 发件人: Paul Lambert [mailto:[email protected]] > 发送时间: 2012年10月25日 5:10 > 收件人: Cuiyang; [email protected] > 主题: RE: [paws] FW: New Version Notification for > draft-wu-paws-secutity-01.txt > > > I do not understand the purpose of this submission. > > The requirements for security are already agreed upon and documented in: > draft-ietf-paws-problem-stmt-usecases-rqmts-08 > > This new document varies from the prior requirements and does not explain > why they are being rearticulated in a different manner leaving out > significant requirements from the agreed document. > [Cui Yang] Security requirements are following the general requirements in the WG doc, draft-ietf-paws-problem-stmt-usecases-rqmts-08, from a implementation point of view. And emphasize on some typical scenario, such as MitM attack, discussed a lot on the list. If we missed some important points, please let us know. > The recommendations in the document are very unclear. It suggests > the use of certificates, pre-shared keys TLS and IPsec. This > is a viable laundry list of solutions, but is unclear in > intend of what is the proposed PAWs mechanism. > [Cui Yang] Sorry for that! Our draft is aimed to discuss the security issues in implementation, and provide an informational note for varieties of security solutions. IMO, TLS (both cert and PSK) can work well, but the problems are key provisioning and cert revocation, authorization model. It seems to me that the above needs to be investigated and provided, for different use cases of PAWS. > Perhaps a short summary statement or bulleted list to describe > the actual proposal would help my confused state. > [Cui Yang] We will provide in the update. Thanks for your comment! > Thanks, > > Paul > > > > > > -----Original Message----- > > From: [email protected] [mailto:[email protected]] On Behalf > Of > > Cuiyang > > Sent: Tuesday, October 23, 2012 7:01 PM > > To: [email protected] > > Subject: [paws] FW: New Version Notification for draft-wu-paws- > > secutity-01.txt > > > > PAWS WG, > > > > The following is our update to draft-wu-paws-secutity-00, which is > > focused on the security requirements and possible solutions. > > And we plan to include more details of client auth using certificate > > and PSK, respectively. > > > > Comments are welcome, thanks in advance. > > > > Regards, > > Yang > > ================== > > Yang Cui, Ph.D. > > Huawei Technologies > > [email protected] > > > > > > -----邮件原件----- > > 发件人: [email protected] [mailto:[email protected]] > > 发送时间: 2012年10月22日 20:08 > > 收件人: Wuyizhuang > > 抄送: Cuiyang > > 主题: New Version Notification for draft-wu-paws-secutity-01.txt > > > > > > A new version of I-D, draft-wu-paws-secutity-01.txt > > has been successfully submitted by Yizhuang Wu and posted to the > > IETF repository. > > > > Filename: draft-wu-paws-secutity > > Revision: 01 > > Title: Protocol to Access White Space Database:Security > > Considerations > > Creation date: 2012-10-22 > > WG ID: Individual Submission > > Number of pages: 13 > > URL: http://www.ietf.org/internet-drafts/draft-wu-paws- > > secutity-01.txt > > Status: http://datatracker.ietf.org/doc/draft-wu-paws-secutity > > Htmlized: http://tools.ietf.org/html/draft-wu-paws-secutity-01 > > Diff: http://www.ietf.org/rfcdiff?url2=draft-wu-paws- > > secutity-01 > > > > Abstract: > > This document analyses common security threats of the Protocol to > > Access White Space database (PAWS), and describes their potential > > impacts on message exchanges between master device and white space > > database when implementing PAWS. Meanwhile, the corresponding > > countermeasures are also introduced in this document. The PAWS is > > used for retrieving the available white space information at a given > > location and time from a white space database. > > > > > > > > > > The IETF Secretariat > > > > _______________________________________________ > > paws mailing list > > [email protected] > > https://www.ietf.org/mailman/listinfo/paws _______________________________________________ paws mailing list [email protected] https://www.ietf.org/mailman/listinfo/paws
