RE: Resend: Re: [LinkSec] Proposed Scope for LinkSec PAR
Mick:
>If the secured frame format does not use an Ethertype instead of a SAP then
>some company or companies will have to band together to produce an SFF which
>does use an Ethertype (the only sensible way to cope with overlength
>frames). This SFF will then be usable for frames that satisfy the proper
>size limits, so will simply be the only one deployed.
I am not objecting to use of an EtherType. In fact, when I worked on an
Ethernet encryption device at Xerox, we used an EtherType. However, this
approach was not acceptable to IEEE 802 at the time that SDE was
developed. I am glad to see that EtherType is no longer in disfavor.
>By chosing a new Ethertype we will be able to remove any traces of
>historical baggage, and will not have to allow as optional items that need
>to be mandatory. Options are an invitation to lack of testing and lack of
>interoperability, and should be avoided if at all possible.
In general I agree. Options lead to complexity. Complexity leads to
implementation errors. Implementation errors in a security protocol lead
to insecurity.
Russ