FW: [LinkSec] Requirements
Well it doesn't work with end systems that don't implement it.
That sounds trite, but isn't. What I mean to say (and this is the bridge
point again) that if part of the newtork is believed physically secured and
frames are transmiteed in the clear, then 802.10 does not support
encrypt/decrypt/protect etc. by the intervening bridges to carry the traffic
over part of the network deemed exposed. Setting up a tunnel for the frames
is really nnot a solution here.
This is why I've set mmyself the task, which i won't make much more progress
on for another few weeks, of writing down a 1X or 1X like architecture which
has link by link protection between access points (where one of the methods
of protection is simply knowing the network can not be attacked at
reasonable cost on that link).
Mick
> -----Original Message-----
> From: owner-stds-802-linksec@majordomo.ieee.org
> [mailto:owner-stds-802-linksec@majordomo.ieee.org]On Behalf Of Walker,
> Jesse
> Sent: Thursday, December 12, 2002 9:17 AM
> To: 'stds-802-linksec@ieee.org'
> Subject: RE: [LinkSec] Requirements
>
>
>
> I guess I should be much blunter with my question. Can folks enumerate
> perceived problems with 802.10? What prevents its adoption?
> For EPON, for
> instance, what feature does 802.10 lack, or what negative
> features in its
> architecture, that make it undesirable as a solution in that space?
>
> So far the only response is from Mick Seaman: it is not perceived that
> 802.10 works with bridges, because 802.10 is end-to-end and
> bridges have to
> muck with packet internals that this disallows.
>
> Is there anything else? It is absolutely critical that the SG
> understands
> what is thought to be wrong with what is an already existing
> standard in
> exactly in its space.
>
> -- Jesse
>