Re: [paws] FW: New Version Notification for draft-wu-paws-secutity-01.txt
Cuiyang <cuiyang@huawei.com> Thu, 25 October 2012 03:26 UTC
Return-Path: <cuiyang@huawei.com>
X-Original-To: paws@ietfa.amsl.com
Delivered-To: paws@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9AB7621E8022 for <paws@ietfa.amsl.com>; Wed, 24 Oct 2012 20:26:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.338
X-Spam-Level:
X-Spam-Status: No, score=-5.338 tagged_above=-999 required=5 tests=[AWL=1.261, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UWc9oZ4zgvRY for <paws@ietfa.amsl.com>; Wed, 24 Oct 2012 20:26:17 -0700 (PDT)
Received: from lhrrgout.huawei.com (lhrrgout.huawei.com [194.213.3.17]) by ietfa.amsl.com (Postfix) with ESMTP id 6B69F11E80A2 for <paws@ietf.org>; Wed, 24 Oct 2012 20:26:16 -0700 (PDT)
Received: from 172.18.7.190 (EHLO lhreml204-edg.china.huawei.com) ([172.18.7.190]) by lhrrg02-dlp.huawei.com (MOS 4.3.5-GA FastPath queued) with ESMTP id AKX59581; Thu, 25 Oct 2012 03:26:13 +0000 (GMT)
Received: from LHREML405-HUB.china.huawei.com (10.201.5.242) by lhreml204-edg.china.huawei.com (172.18.7.223) with Microsoft SMTP Server (TLS) id 14.1.323.3; Thu, 25 Oct 2012 04:24:58 +0100
Received: from SZXEML428-HUB.china.huawei.com (10.72.61.36) by lhreml405-hub.china.huawei.com (10.201.5.242) with Microsoft SMTP Server (TLS) id 14.1.323.3; Thu, 25 Oct 2012 04:25:08 +0100
Received: from SZXEML508-MBX.china.huawei.com ([169.254.5.236]) by szxeml428-hub.china.huawei.com ([10.72.61.36]) with mapi id 14.01.0323.003; Thu, 25 Oct 2012 11:25:05 +0800
From: Cuiyang <cuiyang@huawei.com>
To: Paul Lambert <paul@marvell.com>, "paws@ietf.org" <paws@ietf.org>
Thread-Topic: [paws] FW: New Version Notification for draft-wu-paws-secutity-01.txt
Thread-Index: AQHNsi3yaCzHoaxNiUe9S4/l4Mz8SJfJU4RA
Date: Thu, 25 Oct 2012 03:25:05 +0000
Message-ID: <8CC0CB0BCAE52F46882E17828A9AE21636871AA9@SZXEML508-MBX.china.huawei.com>
References: <8CC0CB0BCAE52F46882E17828A9AE216368716ED@SZXEML508-MBX.china.huawei.com> <7BAC95F5A7E67643AAFB2C31BEE662D015E4ADCB72@SC-VEXCH2.marvell.com>
In-Reply-To: <7BAC95F5A7E67643AAFB2C31BEE662D015E4ADCB72@SC-VEXCH2.marvell.com>
Accept-Language: zh-CN, en-US
Content-Language: zh-CN
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.111.48.135]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-CFilter-Loop: Reflected
Subject: Re: [paws] FW: New Version Notification for draft-wu-paws-secutity-01.txt
X-BeenThere: paws@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Protocol to Access White Space database \(PAWS\)" <paws.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/paws>, <mailto:paws-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/paws>
List-Post: <mailto:paws@ietf.org>
List-Help: <mailto:paws-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/paws>, <mailto:paws-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Oct 2012 03:26:17 -0000
Hi, Paul Please see inline. ================== Yang Cui, Ph.D. Huawei Technologies cuiyang@huawei.com > -----邮件原件----- > 发件人: Paul Lambert [mailto:paul@marvell.com] > 发送时间: 2012年10月25日 5:10 > 收件人: Cuiyang; paws@ietf.org > 主题: RE: [paws] FW: New Version Notification for > draft-wu-paws-secutity-01.txt > > > I do not understand the purpose of this submission. > > The requirements for security are already agreed upon and documented in: > draft-ietf-paws-problem-stmt-usecases-rqmts-08 > > This new document varies from the prior requirements and does not explain > why they are being rearticulated in a different manner leaving out > significant requirements from the agreed document. > [Cui Yang] Security requirements are following the general requirements in the WG doc, draft-ietf-paws-problem-stmt-usecases-rqmts-08, from a implementation point of view. And emphasize on some typical scenario, such as MitM attack, discussed a lot on the list. If we missed some important points, please let us know. > The recommendations in the document are very unclear. It suggests > the use of certificates, pre-shared keys TLS and IPsec. This > is a viable laundry list of solutions, but is unclear in > intend of what is the proposed PAWs mechanism. > [Cui Yang] Sorry for that! Our draft is aimed to discuss the security issues in implementation, and provide an informational note for varieties of security solutions. IMO, TLS (both cert and PSK) can work well, but the problems are key provisioning and cert revocation, authorization model. It seems to me that the above needs to be investigated and provided, for different use cases of PAWS. > Perhaps a short summary statement or bulleted list to describe > the actual proposal would help my confused state. > [Cui Yang] We will provide in the update. Thanks for your comment! > Thanks, > > Paul > > > > > > -----Original Message----- > > From: paws-bounces@ietf.org [mailto:paws-bounces@ietf.org] On Behalf > Of > > Cuiyang > > Sent: Tuesday, October 23, 2012 7:01 PM > > To: paws@ietf.org > > Subject: [paws] FW: New Version Notification for draft-wu-paws- > > secutity-01.txt > > > > PAWS WG, > > > > The following is our update to draft-wu-paws-secutity-00, which is > > focused on the security requirements and possible solutions. > > And we plan to include more details of client auth using certificate > > and PSK, respectively. > > > > Comments are welcome, thanks in advance. > > > > Regards, > > Yang > > ================== > > Yang Cui, Ph.D. > > Huawei Technologies > > cuiyang@huawei.com > > > > > > -----邮件原件----- > > 发件人: internet-drafts@ietf.org [mailto:internet-drafts@ietf.org] > > 发送时间: 2012年10月22日 20:08 > > 收件人: Wuyizhuang > > 抄送: Cuiyang > > 主题: New Version Notification for draft-wu-paws-secutity-01.txt > > > > > > A new version of I-D, draft-wu-paws-secutity-01.txt > > has been successfully submitted by Yizhuang Wu and posted to the > > IETF repository. > > > > Filename: draft-wu-paws-secutity > > Revision: 01 > > Title: Protocol to Access White Space Database:Security > > Considerations > > Creation date: 2012-10-22 > > WG ID: Individual Submission > > Number of pages: 13 > > URL: http://www.ietf.org/internet-drafts/draft-wu-paws- > > secutity-01.txt > > Status: http://datatracker.ietf.org/doc/draft-wu-paws-secutity > > Htmlized: http://tools.ietf.org/html/draft-wu-paws-secutity-01 > > Diff: http://www.ietf.org/rfcdiff?url2=draft-wu-paws- > > secutity-01 > > > > Abstract: > > This document analyses common security threats of the Protocol to > > Access White Space database (PAWS), and describes their potential > > impacts on message exchanges between master device and white space > > database when implementing PAWS. Meanwhile, the corresponding > > countermeasures are also introduced in this document. The PAWS is > > used for retrieving the available white space information at a given > > location and time from a white space database. > > > > > > > > > > The IETF Secretariat > > > > _______________________________________________ > > paws mailing list > > paws@ietf.org > > https://www.ietf.org/mailman/listinfo/paws