Re: [LinkSec] Notes from meeting 12/10/02
Russ Housley wrote:
>
> Allyn:
>
> I would like to clarify one point for the final minutes.
>
> >Russ - protection of MAC control track is part of our work, don't know
> >if replay is important. At the rate things are being added onto MACs,
> >if replay isn't important today it will be
>
> I do not know if protection of the MAC control traffic is important. I
> hope it can be put out of scope. Otherwise a specific solution will be
> needed for each MAC. However, it is clear that management protocols that
> sit on top of the MAC are within scope. Bridge-to-bridge traffic is one
> example. Further, I do not know if replay protection is important, but I
> suspect that it is. Even if we were to make study today of each of the
> protocols and we were to find that replay could not cause a problem, this
> may not be meaningful. Future changes could introduce a problem.
>
Shooting entirely from the hip here, it seems to me that including MAC-layer
control traffic our security "perimeter" [cone of silence :-) ] wouldn't
necessarily require a large amount of per-MAC engineering.
I suspect that a higher-layer key management scheme can be shared across everything,
as in 802.10. I *suspect* that the process of extruding SDE into the individual
MAC layers will result in only minor tweakages about where the bits live,
with largely-similar or identical semantics, and a common set of mandatory
algorithms.
It seems to me that being able to hijack MAC-layer control traffic can have
as devastating consequences as being able to hijack user and bridging-control
traffic, so if we don't protect it, we've only done half a job.
--
----------------------------------------------------------------------
Marcus Leech Mail: Dept 8M70, MS 012, FITZ
Advisor Phone: (ESN) 393-9145 +1 613 763 9145
Security Architecture and Planning Fax: (ESN) 393-9435 +1 613 763 9435
Nortel Networks mleech@nortelnetworks.com
-----------------Expressed opinions are my own, not my employer's------