Thread Links			Date Links
Thread Prev	Thread Next	Thread Index	Date Prev	Date Next	Date Index

RE: [LinkSec] Notes from meeting 12/10/02

To: "'Marcus Leech'" <mleech@nortelnetworks.com>, Russ Housley <housley@vigilsec.com>
Subject: RE: [LinkSec] Notes from meeting 12/10/02
From: "Walker, Jesse" <jesse.walker@intel.com>
Date: Thu, 12 Dec 2002 08:06:21 -0800
Cc: allyn romanow <allyn@cisco.com>, stds-802-linksec@ieee.org
Sender: owner-stds-802-linksec@majordomo.ieee.org


Marcus:

> > I do not know if protection of the MAC control traffic is 
> important.  I
> > hope it can be put out of scope.  Otherwise a specific 
> solution will be
> > needed for each MAC.  However, it is clear that management 
> protocols that
> > sit on top of the MAC are within scope.  Bridge-to-bridge 
> traffic is one
> > example.  Further, I do not know if replay protection is 
> important, but I
> > suspect that it is.  Even if we were to make study today of 
> each of the
> > protocols and we were to find that replay could not cause a 
> problem, this
> > may not be meaningful.  Future changes could introduce a problem.
> > 
> Shooting entirely from the hip here, it seems to me that 
> including MAC-layer
>   control traffic our security "perimeter" [cone of silence 
> :-) ] wouldn't
>   necessarily require a large amount of per-MAC engineering.

I don't understand this, so could you ellaborate, please? I'm thinking of
802.11, so perhaps I'm using the wrong model. Protecting the 802.11 control
messages would very greatly expand the security perimeter as best I can
tell. Thanks.

-- Jesse

Follow-Ups:
- Re: [LinkSec] Notes from meeting 12/10/02
  - From: "Marcus Leech" <mleech@nortelnetworks.com>

Prev by Date: RE: [LinkSec] Notes from meeting 12/10/02
Next by Date: RE: [LinkSec] Requirements
Prev by thread: Re: [LinkSec] Notes from meeting 12/10/02
Next by thread: Re: [LinkSec] Notes from meeting 12/10/02
Index(es):
- Date
- Thread