Thread Links			Date Links
Thread Prev	Thread Next	Thread Index	Date Prev	Date Next	Date Index

MAC address auth NOT -> was, RE: [LinkSec] Requirements

To: "Russ Housley" <housley@vigilsec.com>
Subject: MAC address auth NOT -> was, RE: [LinkSec] Requirements
From: "Paul Lambert" <PaulLambert@AirgoNetworks.Com>
Date: Sun, 15 Dec 2002 23:07:06 -0800
Cc: <stds-802-linksec@ieee.org>
Sender: owner-stds-802-linksec@majordomo.ieee.org
thread-index: AcKhRim2FnC1ph9hRXacJARXLt+VKADixADQ
Thread-Topic: [LinkSec] Requirements



> Paul:
> 
> At this layer, the MAC address is the identity that should be 
> authenticated.  An authorization decision may require 
> authentication of a 
> higher-layer identity.
> 

No.  For unicast, pair-wise keys provide adiquate identification of the end-point.  For group keys (assuming nothing fancy like signatures per packet), the granularity is just to the multicast group.  MAC address identificaqtion is not useful or required and can be limiting.  It's only handy becaue it's usually unique.

>

Prev by Date: DOCSIS -> wasRE: [LinkSec] Requirements
Next by Date: MAC Layer Verus Link, why protect control messages -> was RE: [LinkSec] Notes from meeting 12/10/02
Prev by thread: DOCSIS -> wasRE: [LinkSec] Requirements
Next by thread: MAC Layer Verus Link, why protect control messages -> was RE: [LinkSec] Notes from meeting 12/10/02
Index(es):
- Date
- Thread