%% You should probably cite draft-ietf-capwap-threat-analysis instead of this I-D.
@techreport{kelly-capwap-threat-analysis-00,
    number =    {draft-kelly-capwap-threat-analysis-00},
    type =      {Internet-Draft},
    institution =   {Internet Engineering Task Force},
    publisher = {Internet Engineering Task Force},
    note =      {Work in Progress},
    url =       {https://datatracker.ietf.org/doc/draft-kelly-capwap-threat-analysis/00/},
    author =    {Scott G. Kelly and Charles Clancy},
    title =     {{CAPWAP Threat Analysis for 802.11 Deployments}},
    pagetotal = 28,
    year =      2006,
    month =     oct,
    day =       17,
    abstract =  {Early Wireless LAN (WLAN) deployments feature a "fat" Access Point (AP) which serves as a standalone interface between the wired and wireless network segments. However, this model raises scaling, mobility, and manageability issues, and the CAPWAP protocol {[}CAPWAP{]} is being developed in reponse. CAPWAP effectively splits the fat AP functionality into two network elements, and the communication channel between these components may traverse potentially hostile hops. This document analyzes the security exposure resulting from the introduction of CAPWAP, and summarizes the associated security considerations for CAPWAP implementations and deployments.},
}