Re: [OPSAWG] Simplified Alternative to CAPWAP

"Cao,Zhen" <zehn.cao@gmail.com> Tue, 25 February 2014 08:27 UTC

Return-Path: <zehn.cao@gmail.com>
X-Original-To: opsawg@ietfa.amsl.com
Delivered-To: opsawg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9C9EE1A0444 for <opsawg@ietfa.amsl.com>; Tue, 25 Feb 2014 00:27:28 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.7
X-Spam-Level:
X-Spam-Status: No, score=-1.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, MIME_8BIT_HEADER=0.3, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4gOIphtkPSdV for <opsawg@ietfa.amsl.com>; Tue, 25 Feb 2014 00:27:27 -0800 (PST)
Received: from mail-qa0-x232.google.com (mail-qa0-x232.google.com [IPv6:2607:f8b0:400d:c00::232]) by ietfa.amsl.com (Postfix) with ESMTP id 78DFF1A032B for <opsawg@ietf.org>; Tue, 25 Feb 2014 00:27:27 -0800 (PST)
Received: by mail-qa0-f50.google.com with SMTP id cm18so52095qab.23 for <opsawg@ietf.org>; Tue, 25 Feb 2014 00:27:26 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=cd6+uSeYl3sXE7wlLP4FmecBWDq66C425vvqZ/IdGUQ=; b=w7q4t2pssQJKFtiqd7r6utC9wcOF2aqaRelBM/js4mYjR2FdXnq5xU22XercEnSlwG fkz0m47GegFFqjscZM3B9opKHe4WesuWPYnV1Q7QhLxw49sS5AmP/AXUF/PMgy2mytzb UITXu+VrpkdF7X4UiKHPcYaXESSzV2YQWoy92w7ThucnqxgSoZmqCekEInaMYK/dy4b4 mN4amN5uKqo8q1AEFaSuZ4Qt75kb2j5LyY0F8S0srWWy0/8lg0HUTd+dzIX1AzLa7bcr rX8Up0jKwPiA65dm6hjrzC2Dzbz6LUc8FQgRWBxn9WepUlEJPemL9FiIpH27e+v0njaZ Ru0g==
MIME-Version: 1.0
X-Received: by 10.140.91.12 with SMTP id y12mr34043970qgd.26.1393316844965; Tue, 25 Feb 2014 00:27:24 -0800 (PST)
Received: by 10.96.58.106 with HTTP; Tue, 25 Feb 2014 00:27:24 -0800 (PST)
In-Reply-To: <CAO_acpvjJOjqRD8xc3Kf4T19RjA3XossrwwiNKrzFUrU+aa-Fg@mail.gmail.com>
References: <CAO_acptCXNzu09qH1sxig+qbjJXX0KMUmbA35LOo6KoRrG8vPg@mail.gmail.com> <4ED2E36A22261145861BAB2C24088B4320F5D75F@xmb-aln-x09.cisco.com> <CAO_acpvjJOjqRD8xc3Kf4T19RjA3XossrwwiNKrzFUrU+aa-Fg@mail.gmail.com>
Date: Tue, 25 Feb 2014 16:27:24 +0800
Message-ID: <CAProHAQvrVgkDtQN-CRyPj-zHGFomcZB0pd0VmCQGnYUQ7rY=g@mail.gmail.com>
From: "Cao,Zhen" <zehn.cao@gmail.com>
To: =?ISO-8859-1?Q?Bj=F6rn_Smedman?= <bjorn.smedman@anyfinetworks.com>
Content-Type: text/plain; charset=ISO-8859-1
Archived-At: http://mailarchive.ietf.org/arch/msg/opsawg/x7dtFOXMTqGGQlQQFoHrA13Z8Y4
Cc: "opsawg@ietf.org" <opsawg@ietf.org>
Subject: Re: [OPSAWG] Simplified Alternative to CAPWAP
X-BeenThere: opsawg@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OPSA Working Group Mail List <opsawg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/opsawg>, <mailto:opsawg-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/opsawg/>
List-Post: <mailto:opsawg@ietf.org>
List-Help: <mailto:opsawg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsawg>, <mailto:opsawg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 25 Feb 2014 08:27:28 -0000

Hello, Bjorn,

Appreciate your analysis.

> True, in CAPWAP it's a border case that 802.1X key exchange and 802.11
> encryption protects the user data plane all the way from the mobile
> STA to the AC. But I think there are strong reasons to make this the
> default:

But I do not agree here. The 802.11 key only protect the data from STA
to WTP, NOT the AC, both in local MAC and also one option in the split
model.  http://tools.ietf.org/html/rfc5416#section-2.2.2

-Zhen