Last Call Review of draft-ietf-capwap-802dot11-mib-
I reviewed this document as part of the security directorate's ongoing
effort to review all IETF documents being processed by the IESG. These
comments were written primarily for the benefit of the security area
directors. Document editors and WG chairs should treat these comments
just like any other last call comments.
This document provides a MIB for CAPWAP.
Section 3 defines terminology, but appears to have a number of
statements about requirements. While not security related, it would be
good to move requirement statements out of the terminology section.
Section 5.1 contains suggestions for binding WLAN profiles to the
access controller (AC). It also contains suggestions for how WLAN IDs
can be assigned. These suggestions appear to be related to operation of
the AC, and not directly affecting the MIB.
Section 7 is a little unclear, but there appears to be no security
Section 8 has some English issues:
Suppose the WTP's base MAC address is '00:01:01:01:01:00'. Creates a
WTP profile for it ...
It's not clear what the second sentence means.
There are a few sentences like " The operator could query ...". This
should perhaps be " The operator can query ..."
The Security Considerations section seems to have adequate text about
The IANA considerations section needs a statement to update the MIB,
which contains a reference to "RFC xxx"