Thread Links			Date Links
Thread Prev	Thread Next	Thread Index	Date Prev	Date Next	Date Index

RE: [LinkSec] Notes from meeting 12/10/02

To: "Marcus Leech" <mleech@nortelnetworks.com>, "Russ Housley" <housley@vigilsec.com>
Subject: RE: [LinkSec] Notes from meeting 12/10/02
From: "Mani, Mahalingam (Mahalingam)" <mmani@avaya.com>
Date: Thu, 12 Dec 2002 09:25:10 -0700
Cc: "allyn romanow" <allyn@cisco.com>, <stds-802-linksec@ieee.org>
Sender: owner-stds-802-linksec@majordomo.ieee.org
Thread-Index: AcKh9V4XuaZjuajzQGOfES7lbzRBzgAA6Rng
Thread-Topic: [LinkSec] Notes from meeting 12/10/02


Without doubt - need to (at least integrity-)protect control/mgmt.
messages is a definite need - although this took a secondary priority in
802.11i.

However, this need will still be contingent upon the requirements
introduced by the threat model - which would be media-specific at MAC
layer and in some cases topology-specific above MAC layer.

This argument also leads once again to the realizing generalizable
generic requirements (based on threat modela) for 802 media and
topologies and specificities characteristic of each medium/topology.

-mani
> -----Original Message-----
> From: Marcus Leech [mailto:mleech@nortelnetworks.com]
> Sent: Thursday, December 12, 2002 7:44 AM
> To: Russ Housley
> Cc: allyn romanow; stds-802-linksec@ieee.org
> Subject: Re: [LinkSec] Notes from meeting 12/10/02
> 
> 
> Russ Housley wrote:
> >
> > Allyn:
> >
> > I would like to clarify one point for the final minutes.
> >
> > >Russ - protection of MAC control track is part of our work, don't
know
> > >if replay is important.  At the rate things are being added onto
MACs,
> > >if replay isn't important today it will be
> >
> > I do not know if protection of the MAC control traffic is important.
I
> > hope it can be put out of scope.  Otherwise a specific solution will
be
> > needed for each MAC.  However, it is clear that management protocols
> that
> > sit on top of the MAC are within scope.  Bridge-to-bridge traffic is
one
> > example.  Further, I do not know if replay protection is important,
but
> I
> > suspect that it is.  Even if we were to make study today of each of
the
> > protocols and we were to find that replay could not cause a problem,
> this
> > may not be meaningful.  Future changes could introduce a problem.
> >
> Shooting entirely from the hip here, it seems to me that including
MAC-
> layer
>   control traffic our security "perimeter" [cone of silence :-) ]
wouldn't
>   necessarily require a large amount of per-MAC engineering.
> 
> I suspect that a higher-layer key management scheme can be shared
across
> everything,
>   as in 802.10.  I *suspect* that the process of extruding SDE into
the
> individual
>   MAC layers will result in only minor tweakages about where the bits
> live,
>   with largely-similar or identical semantics, and a common set of
> mandatory
>   algorithms.
> 
> It seems to me that being able to hijack MAC-layer control traffic can
> have
>   as devastating consequences as being able to hijack user and
bridging-
> control
>   traffic, so if we don't protect it, we've only done half a job.
> 
> --
> ----------------------------------------------------------------------
> Marcus Leech                             Mail:   Dept 8M70, MS 012,
FITZ
> Advisor                                  Phone: (ESN) 393-9145  +1 613
763
> 9145
> Security Architecture and Planning       Fax:   (ESN) 393-9435  +1 613
763
> 9435
> Nortel Networks                          mleech@nortelnetworks.com
> -----------------Expressed opinions are my own, not my
employer's------

Prev by Date: Re: RE: [LinkSec] Requirements
Next by Date: RE: [LinkSec] Notes from meeting 12/10/02
Prev by thread: Re: [LinkSec] Notes from meeting 12/10/02
Next by thread: [LinkSec] Requirements
Index(es):
- Date
- Thread