Why a new document? Why not just include this as security considerations? Hmmm… in which document? The current documents define a base protocol and 802.11 binding Threat analysis, security requirements span these two There will be extensions, probably new bindings, and these may bring new security requirements of their own CAPWAP threat analysis is complex There are numerous deployment models Each has unique threat scenarios Some considerations specific to base protocol deployment, some specific to 802.11 binding, some relate to both Clearest approach: discuss this all in one place |