RE: [EFM] OAM developing Geoff's observation.
All-
I would really like to get my name off of the title of this thread.
It has NOTHING to do with:
What I believe is the proper scope of the group
What I believe is a good idea
How about "the thread formerly known as..."
Geoff
At 07:12 PM 9/17/01 -0700, Harry Hvostov wrote:
>Faye,
>
>I was referring to the shared link data security requirements for P2MP, i.e.
>between the ONUs and the OLT.
>
>Harry
>
>-----Original Message-----
>From: Roy Bynum [mailto:rabynum@xxxxxxxxxxxxxx]
>Sent: Monday, September 17, 2001 5:42 PM
>To: Faye Ly; Harry Hvostov; mattsquire@xxxxxxx;
>"HHvostov\"@luminous.com;"@squid.squirehome.org;
>"malcolm.herring\"@btinternet.com"@squid.squirehome.org;
>stds-802-3-efm@ieee.org
>Subject: RE: [EFM] OAM developing Geoff's observation.
>
>
>Faye,
>
>The real question, since the encryption is at the aggregation "box" then
>how much of that would apply to EFM which is between the aggregation "box"
>and the CPE or does this issue even apply at all?
>
>Thank you,
>Roy Bynum
>
>
>At 05:28 PM 9/17/01 -0700, Faye Ly wrote:
> >Harry,
> >
> >Can you please clarify the network segment where encryption covers?
> >Judging from the PPPoE discussion we had, the encryption starts
> >at the subscriber termination point and it may very well be at the
> >aggregation box. Not at the CPE.
> >
> >So the big question is "Is data segration alone satisfy the needs for
> >security for user data travelling from home/office to the subscriber
> >termination point?"
> >
> >-faye
> >
> > -----Original Message-----
> > From: Harry Hvostov
> > Sent: Mon 9/17/2001 3:59 PM
> > To: 'mattsquire@xxxxxxx';
> >"HHvostov\"@luminous.com;"@squid.squirehome.org;
> >"malcolm.herring\"@btinternet.com"@squid.squirehome.org;
> >stds-802-3-efm@ieee.org
> > Cc:
> > Subject: RE: [EFM] OAM developing Geoff's observation.
> >
> >
> >
> >
> > Cable industry is deploying X.509 digital certificate and key
> >management
> > protocol now. I believe the requirement to
> > be quite realistic and a direct consequence of MSO's experience
> >with more
> > relaxed authentication mechanisms.
> >
> > I believe that the precedent for public access network
> >authentication has
> > been set and its feasibility will be proven in the nearest
> >future, with real
> > deployments.
> >
> > Harry
> >
> > -----Original Message-----
> > From: Matt Squire [mailto:mattsquire@xxxxxxx]
> > Sent: Monday, September 17, 2001 12:51 PM
> > To: "HHvostov\"@luminous.com;"@squid.squirehome.org;
> > "malcolm.herring\"@btinternet.com"@squid.squirehome.org;
> > stds-802-3-efm@ieee.org
> > Subject: RE: [EFM] OAM developing Geoff's observation.
> >
> >
> >
> >
> > This seems like a new and unrealistic requirement. Simple
> >password
> > authentication has served users well for a long time. Although
> >I
> > understand the benefits of managed certificates, I've also had a
> >taste
> > of their complexity and the interoperability problems that lay
> >in wait.
> > Managed certificates for authentication cannot be a requirement
> >for EFM
> > services.
> >
> > - Matt
> >
> > >
> > > Malcolm,
> > >
> > > User authentication will likely require the use of digital
> > > certificates and
> > > key management. As such, this can be transported inside
> >conventional
> > > Ethernet frames. There is no requirement for additional
> > > concurrent protocol
> > > such as PPP to accomplish this.
> > >
> > > Harry
> > >
> >