Thread Links			Date Links
Thread Prev	Thread Next	Thread Index	Date Prev	Date Next	Date Index

Re: [LinkSec] Proposal on link layer security

To: "Sai Dattathrani" <saidatta@in.ibm.com>, "stds-802-1@ieee.org" <stds-802-1@ieee.org>, "stds-802-linksec@ieee.org" <stds-802-linksec@ieee.org>
Subject: Re: [LinkSec] Proposal on link layer security
From: Robert Moskowitz <rgm@trusecure.com>
Date: Fri, 27 Jun 2003 12:49:12 -0400
In-Reply-To: <OF6E161F02.4C4AE4D5-ON65256D52.0015C661@in.ibm.com>
Sender: owner-stds-802-linksec@majordomo.ieee.org

At 09:39 AM 6/27/2003 +0530, Sai Dattathrani wrote:
>Hi,
>  I have a proposal to avoid ARP spoofing by providing additional security
>checks at the MAC sub-layer. I would like to initiate a discussion on the
>proposal and take it forward. I am attaching the proposal. Kindly initiate
>the discussion on the same.

If the device is on a shared media, one thing we want to provide is 
pair-wise SAs to all other devices on the media.  This will automagically 
protect ARPs and any other MAC frames.

A specific solution to ARP is a mis-application of our resources.

A linksec solution that does not provide protection for ARPs has to be 
questioned as to its completeness.

Robert Moskowitz
Senior Technical Director
ICSA Labs, a division of TruSecure Corp.
	(248) 968-9809
Fax:	(248) 968-2824
rgm@icaslabs.com

There's no limit to what can be accomplished
if it doesn't matter who gets the credit

Follow-Ups:
- [802.1] Re: [LinkSec] Proposal on link layer security
  - From: Robert Moskowitz <rgm@trusecure.com>
- Re: [802.1] Re: [LinkSec] Proposal on link layer security
  - From: Norman Finn <nfinn@cisco.com>

References:
- [LinkSec] Proposal on link layer security
  - From: "Sai Dattathrani" <saidatta@in.ibm.com>

Prev by Date: Re: [802.1] Re: [LinkSec] Proposal on link layer security
Next by Date: [LinkSec] White paper on authentication
Prev by thread: [LinkSec] Proposal on link layer security
Next by thread: Re: [802.1] Re: [LinkSec] Proposal on link layer security
Index(es):
- Date
- Thread