Re: [LinkSec] teleconf notes 4/15/03

[Norman Finn <nfinn@cisco.com>]

I have no objection to tunneling other than the time it would
take to define it and the hardware it would take to implement it.
There also exist any number of L2-over-L3 tunneling solutions
which are known to work.  I don't think that L2-over-L2 tunneling
is an essential part of LinkSec's workload, other than the obvious
case that a customer must be able to have a customer-bridge-to-
customer-bridge security association carried transparently through
a network of Provider Bridges.

-- Norm

Mats Näslund wrote:
> 
> > I have no opinion, yet, on whether the first documents produced by
> > the group should or should not be required to accommodate intermediate
> > untrusted bridges.  Remember that another possibility is to treat the
> > untrusted bridge and all the links to it as being down, and relying
> > on other paths, which presumably will be present, to carry the data.
> 
> Yes, though there might be cases were there is a bridge that we
> for some reason MUST pass through. The threat that we have seen
> is e.g. a WLAN access point in a public place: it could be that
> its the only way to get connectivity. If it stops forwarding
> packets for us, it's likely detectable, but if it eavesdrops or
> modifies, we may not notice until it's too late...