Thread Links | Date Links | ||||
---|---|---|---|---|---|
Thread Prev | Thread Next | Thread Index | Date Prev | Date Next | Date Index |
Here are my notes from the P2MP call today concerning Security. (1) There is agreement
within P2MP that security (encryption, authentication) needs to be defined for EFM
market acceptance and interoperability. This is most acute in EPON which is a
shared network. (2) We are still
looking for the right standards body in which to attack this solution, but it
is starting to be narrowed down.
The choices still under discussion are: 802.10
reactivation, an 802.3 security transport mechanism, or a supplier alliance/agreement. (3) Paul N.
offered guidance for the 802.10 reactivation approach, which was very helpful. What is of most interest here is that a
new PAR for 802.10, can be a *focused*
effort on P2MP fiber security. That
means we do not have to be bounded by the existing 802.10 architecture. The steps would be to identify the
technical activity to be worked on, bringing in security experts as well as 802.3 knowledge, with a core team of (say) ~20 people, and submit
a PAR request. A focused PAR would need
to go through the 802 process, but could move quickly if the scope is narrowed
to a specific requirement. (4) The concerns
voiced about 802.10 were the time period required to go through an 802 process
(it would likely be a March PAR approval), and also uncertainty about the
ability to be flexible to handle below MAC layer encryption if that was decided
that was the best approach. (5) To continue
to explore this path, I will invite a former 802.10 Chair on one of the
upcoming P2MP calls. (6) An opinion
to leave some bits in the LLID field undefined so as not to limit future options
was expressed. (7) Regardless
of the document host, we need continued discussion on the security threats,
existing standards, and the most appropriate security mechanism. (8) I’d
like to solicit a volunteer to lead the security effort for EPON to make sure
it happens quickly. It is possible
that this will become an independent effort, although strongly tied to EFM
P2MP. Did I capture this right? My personal opinion is that the
802.10 reactivation, if, and only if, it can be a PAR focused on P2MP Fiber and
not bounded by current 802.10 definitions – is now a more attractive
option. And if that is true, then
the challenge becomes moving faster than the 802 process, and this can be done
by working now in the P2MP group and external alliance meetings to reach consensus
and setup the work. I’d
appreciate feedback from others who were on the call. Gerry Pesavento |