[LinkSec] IETF PANA
Hi Folks,
I sat down with the IETF PANA lead, Alper Yegin as well as Yoshihiro Ohba
and John Vollbrecht to discuss PANA. There is some possibility that we can
learn from each other and possibly find some places where our models/layers
could exchange infomation. At the very least, we should be able to share
some problem definitions (probably best done by watching each other's email
lists -- see below for details).
A very fast and simplistic synopsis of the meeting is:
What are the differences between 802.1X and PANA?
PANA runs over IP and 802.1X runs over ethernet.
PANA will work for the operators who have a link layer that is not ethernet.
This means that PANA passes its keying material on to IPSEC (while 802.1X
passes its on to 802.11i and perhaps 802.3 in the future).
This means that PANA blocks at layer 3 -- blocking all but PANA packets
(while 802.1X blocks at layer 2 all but eapol packets).
For those who are textually challenged and prefer pictures:
EAP
+----------------+---------------------+
| |
802.1X PANA
| |
ethernet IP
The IEEE LinkSec info has been posted to the PANA site.
Please see the IETF PANA group information below:
To get on the IETF PANA email list:
To Subscribe: pana-request@research.telcordia.com
In Body: (un)subscribe
Archive:
ftp://ftp.research.telcordia.com/pub/Group.archive/pana/archive
Let me know if you have any problems.
The IETF PANA home page is at:
http://www.ietf.org/html.charters/pana-charter.html
If you have trouble accessing it pleast let me know.
Sincerely,
Jim B.