Thread Links Date Links
Thread Prev Thread Next Thread Index Date Prev Date Next Date Index

RE: [EFM] OAM developing Geoff's observation.




All-

I would really like to get my name off of the title of this thread.
It has NOTHING to do with:
         What I believe is the proper scope of the group
         What I believe is a good idea

How about "the thread formerly known as..."

Geoff

At 07:12 PM 9/17/01 -0700, Harry Hvostov wrote:

>Faye,
>
>I was referring to the shared link data security requirements for P2MP, i.e.
>between the ONUs and the OLT.
>
>Harry
>
>-----Original Message-----
>From: Roy Bynum [mailto:rabynum@xxxxxxxxxxxxxx]
>Sent: Monday, September 17, 2001 5:42 PM
>To: Faye Ly; Harry Hvostov; mattsquire@xxxxxxx;
>"HHvostov\"@luminous.com;"@squid.squirehome.org;
>"malcolm.herring\"@btinternet.com"@squid.squirehome.org;
>stds-802-3-efm@ieee.org
>Subject: RE: [EFM] OAM developing Geoff's observation.
>
>
>Faye,
>
>The real question, since the encryption is at the aggregation "box" then
>how much of that would apply to EFM which is between the aggregation "box"
>and the CPE or does this issue even apply at all?
>
>Thank you,
>Roy Bynum
>
>
>At 05:28 PM 9/17/01 -0700, Faye Ly wrote:
> >Harry,
> >
> >Can you please clarify the network segment where encryption covers?
> >Judging from the PPPoE discussion we had, the encryption starts
> >at the subscriber termination point and it may very well be at the
> >aggregation box.  Not at the CPE.
> >
> >So the big question is "Is data segration alone satisfy the needs for
> >security for user data travelling from home/office to the subscriber
> >termination point?"
> >
> >-faye
> >
> >         -----Original Message-----
> >         From: Harry Hvostov
> >         Sent: Mon 9/17/2001 3:59 PM
> >         To: 'mattsquire@xxxxxxx';
> >"HHvostov\"@luminous.com;"@squid.squirehome.org;
> >"malcolm.herring\"@btinternet.com"@squid.squirehome.org;
> >stds-802-3-efm@ieee.org
> >         Cc:
> >         Subject: RE: [EFM] OAM developing Geoff's observation.
> >
> >
> >
> >
> >         Cable industry is deploying X.509 digital certificate and key
> >management
> >         protocol now. I believe the requirement to
> >         be quite realistic and a direct consequence of MSO's experience
> >with more
> >         relaxed authentication mechanisms.
> >
> >         I believe that the precedent for public access network
> >authentication has
> >         been set and its feasibility will be proven in the nearest
> >future, with real
> >         deployments.
> >
> >         Harry
> >
> >         -----Original Message-----
> >         From: Matt Squire [mailto:mattsquire@xxxxxxx]
> >         Sent: Monday, September 17, 2001 12:51 PM
> >         To: "HHvostov\"@luminous.com;"@squid.squirehome.org;
> >         "malcolm.herring\"@btinternet.com"@squid.squirehome.org;
> >         stds-802-3-efm@ieee.org
> >         Subject: RE: [EFM] OAM developing Geoff's observation.
> >
> >
> >
> >
> >         This seems like a new and unrealistic requirement.  Simple
> >password
> >         authentication has served users well for a long time.  Although
> >I
> >         understand the benefits of managed certificates, I've also had a
> >taste
> >         of their complexity and the interoperability problems that lay
> >in wait.
> >         Managed certificates for authentication cannot be a requirement
> >for EFM
> >         services.
> >
> >         - Matt
> >
> >         >
> >         > Malcolm,
> >         >
> >         > User authentication will likely require the use of digital
> >         > certificates and
> >         > key management. As such, this can be transported inside
> >conventional
> >         > Ethernet frames. There is no requirement for additional
> >         > concurrent protocol
> >         > such as PPP to accomplish this.
> >         >
> >         > Harry
> >         >
> >