Ken,
The study group has requested to join 802.1. So,
the real question or discussion is why not. This has been a well evaluated
decision after two years process. I have not heart a clear reason on why it
will not work. So please focus on this.
I think experience has thought us that an isolated
security effort is not the best scenario to have. ACTIVE participation is what
matters to target and focus towards the right direction. And it is crucial also
to maintain this participation along the process to keep the group in touch on
the initial objectives. We need to guarantee an environment that facilitates
this participation. Not only for now but also for the future maintenance and
follow up projects related to this effort. So a WG with ACTIVE participation
with a charter that covers all MACs is an appropriate place to get the work
done. Other reasons that justifies the decision to put it to 802.1 have already
been described.
Do you have any more information on how many
of 802.10 security experts are committed to participate in this effort?
Your previous SEC email correspondence indicated that there is no guarantees yet
from any of them.
We have the experts ready to work in this working
group and the current environment set up. So please let's facilitate the process
to them to get the work done.
Thanks,
Dolors
----- Original Message -----
Sent: Thursday, March 13, 2003 3:42
PM
Subject: RE: [LinkSec] LinkSec Security
Issues & 802.10
Tony-
My comments are in blue and follow your
points.
Working on/correcting deficiencies in the 802.10 standards does not
necessarily mean that the 802.10 working group has to be resurrected to do the
work. There are several existing examples in 802 where 802.X has raised PARs
to contribute to/modify standards owned by 802.Y - the MAC Bridge standards
are prime examples where this has happened in the past.
I suspect that the owning working group that allowed
another working group to raise a PAR against its Standard, was a result of
either the owning working group having too much on its plate, or greater
expertise existed in the non-owning working group in the particular
subject area. Neither is the case here. .10 has nothing on its
plate except the .10 Standards and has significant security expertise to do
the work.
My primary concern is to ensure that the work doesn't
get fragmented across different working groups. This can work, but life will
be much simpler if the work is done in one place. Russ Housely has indicated
to me that the enhancements he considers necessary to the 802.10 standards are
relatively minor; given that, I would propose that it would be a much more
efficient solution for all concerned to make any changes to 802.10 under a PAR
raised in 802.1, rather than resurrecting 802.10 and thereby fragmenting the!
effort in 802.
I do not expect fragmentation of either effort -- to
the contrary, I expect both efforts to be enhanced, since .10 members will
attend SG meetings in addition to simultaneously working on our revisions to
SDE. We will have the benefit of hearing any new issues/requirements
raised in the SG, and the SG will have the benefit of knowing the exact state
of the SDE revisions and any new issues that may arise from those
revisions. By doing these efforts in parallel (but with close
coordination), a solution will be available more quickly than waiting
for the SG effort to complete (which is unbounded timewise) before
the implementation effort begins.
Sincerely,
Ken
Do you Yahoo!?
Yahoo!
Web Hosting - establish your business online