[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: CAPWAP BOF follow up: nmrg - CAPWAP
In message <E19grvf-0009RZ-Vw@ran.psg.com>, Randy Bush writes:
>> The bottom line was that the WG did not care about security, and
>> therefore treated the required security measures (e.g. Diameter
>> CMS) necessary to make proxies safe largely as measures designed
>> to satisfy the IESG, rather than a real cost. Once forced to
>> either take the security requirements imposed by proxies
>> seriously or abandon proxies, the WG chose to abandon proxies.
>> However, that was 3+ years and many hundreds of man years later
>> -- and the protocol had gained huge amounts of (largely
>> unnecessary) complexity in the process.
>
>so, our culture now accepts security procedural stone walls, but
>not architectural ones only one step removed? in the anti-proxy
>arguments, we did make it quite clear that security would be the
>killer.
That's why I'm pushing for an early security architecture review in
many cases. But I think that that will annoy the usual suspects even
more.
--Steve Bellovin, http://www.research.att.com/~smb