This comment is a compound response to the "Security between the database and the white space radio". I have always believed that there is little reason to need to trust the radio - after all if it was going to do something malicious or illegal why would it even contact the database and request a channel list. In addition the impact of a single rouge radio is fairly limited. However the implications of a spoofed database that provides "all channels available everywhere" in response to channel queries could be catastrophic. I am finding it hard to evaluate this requirement, and the previous requirements in isolation. I think it would be better to consider the various threat levels and then decide how to provide reasonable protection against them in a comprehensive way.
On TueJan/17/12 Tue Jan 17, 6:14 PM, "[email protected]" <[email protected]> wrote: > >Gabor, > >On 1/12/12 8:26 PM, "ext [email protected]" <[email protected]> >wrote: > >>P.13: A master device MUST be capable of checking the validity of >> the WS Database certificate and whether it has been revoked >> or not. >> >>Note, P.13 requires support for OCSP (RFC2560) in the client, I am not >>sure if that is needed, please send your opinions. >> > > >If certificate based authentication is used by the protocol, then there >would be a need to mandate the above requirement. But at this time we have >no visibility about the authentication protocol to be used between the >master device and the WS database. So it is premature to specify the above >requirement. Hence I would favor dropping this requirement. > >-Raj > >_______________________________________________ >paws mailing list >[email protected] >https://www.ietf.org/mailman/listinfo/paws _______________________________________________ paws mailing list [email protected] https://www.ietf.org/mailman/listinfo/paws
