@misc{rfc5418,
    series =    {Request for Comments},
    number =    5418,
    howpublished =  {RFC 5418},
    publisher = {RFC Editor},
    doi =       {10.17487/RFC5418},
    url =       {https://www.rfc-editor.org/info/rfc5418},
    author =    {Charles Clancy and Scott G. Kelly},
    title =     {{Control And Provisioning of Wireless Access Points (CAPWAP) Threat Analysis for IEEE 802.11 Deployments}},
    pagetotal = 34,
    year =      2009,
    month =     mar,
    abstract =  {Early Wireless Local Area Network (WLAN) deployments feature a "fat" Access Point (AP), which serves as a \textbackslash{}\%stand-alone interface between the wired and wireless network segments. However, this model raises scaling, mobility, and manageability issues, and the Control and Provisioning of Wireless Access Points (CAPWAP) protocol is meant to address these issues. CAPWAP effectively splits the fat AP functionality into two network elements, and the communication channel between these components may traverse potentially hostile hops. This document analyzes the security exposure resulting from the introduction of CAPWAP and summarizes the associated security considerations for IEEE 802.11-based CAPWAP implementations and deployments. This memo provides information for the Internet community.},
}