From ddbe43a36644e641e446781ccde95faefd9eb449 Mon Sep 17 00:00:00 2001
From: Harald Welte <laforge@osmocom.org>
Date: Wed, 4 Mar 2020 15:30:37 +0100
Subject: [PATCH] doc: Add WARNINGs about lack of security in protocols

Change-Id: I72c0b797fda220b9efcc86bd08717585063db591
---
 doc/manuals/chapters/remsim-server.adoc | 5 +++++
 doc/manuals/chapters/rspro.adoc         | 5 +++++
 2 files changed, 10 insertions(+)

diff --git a/doc/manuals/chapters/remsim-server.adoc b/doc/manuals/chapters/remsim-server.adoc
index e5c80c7..5215b54 100644
--- a/doc/manuals/chapters/remsim-server.adoc
+++ b/doc/manuals/chapters/remsim-server.adoc
@@ -26,6 +26,11 @@ and monitoring of the entire osmo-remsim system.
 
 The API currently has version 1, and the URL prefix is /api/backend/v1
 
+WARNING: The RESTful/JSON Web API operates in plain-text,
+There is no authentication or encryption built into the protocol.  It is
+assumed that the protocol is only spoken over trusted, controlled IP
+networks, such as inside a VPN or a closed / private corporate network.
+
 ==== /api/backend/v1/clients
 
 *GET* obtains a JSON list where each element represents one currently
diff --git a/doc/manuals/chapters/rspro.adoc b/doc/manuals/chapters/rspro.adoc
index 1ce511e..ce39b9d 100644
--- a/doc/manuals/chapters/rspro.adoc
+++ b/doc/manuals/chapters/rspro.adoc
@@ -8,6 +8,11 @@ It is specified in ASN.1 syntax (see `asn1/RSPRO.asn` in the
 `osmo-remsim` source code) and uses BER (Basic Encoding Rules) on the
 transport level.
 
+WARNING: RSPRO and its underlying transport layer both operate in plain-text,
+There is no authentication or encryption built into the protocol.  It is
+assumed that the protocol is only spoken over trusted, controlled IP
+networks, such as inside a VPN or a closed / private corporate network.
+
 === Underlying Transport Layer
 
 RSPRO uses TCP as an underlying transport protocol.  As TCP doesn't