Thread Links			Date Links
Thread Prev	Thread Next	Thread Index	Date Prev	Date Next	Date Index

RE: [LinkSec] IETF PANA

To: "'Jim Burns'" <jeb@mtghouse.com>, stds-802-1@ieee.org, stds-802-linksec@ieee.org
Subject: RE: [LinkSec] IETF PANA
From: "CONGDON,PAUL (HP-Roseville,ex1)" <paul.congdon@hp.com>
Date: Thu, 24 Jul 2003 15:20:26 -0400
Cc: Alper Yegin <alper@docomolabs-usa.com>, Yoshihiro Ohba <yohba@tari.toshiba.com>
Sender: owner-stds-802-linksec@majordomo.ieee.org



While 802.1X is designed to run over 802 media, I would argue it could be
used on other media that supports either the Ethernet or SNAP encapsulation
and can create the same point-to-point type model we expect.

I believe the PANA conversation is terminated at the first router and it is
ok for PANA packets to be flooded everywhere on the local LAN segments
between the node and the router.

Paul

> -----Original Message-----
> From: Jim Burns [mailto:jeb@mtghouse.com] 
> Sent: Thursday, July 17, 2003 4:09 AM
> To: stds-802-1@ieee.org; stds-802-linksec@ieee.org
> Cc: Alper Yegin; Yoshihiro Ohba
> Subject: [LinkSec] IETF PANA
> 
> 
> 
> Hi Folks,
> I sat down with the IETF PANA lead, Alper Yegin as well as 
> Yoshihiro Ohba and John Vollbrecht to discuss PANA.  There is 
> some possibility that we can learn from each other and 
> possibly find some places where our models/layers could 
> exchange infomation.  At the very least, we should be able to 
> share some problem definitions (probably best done by 
> watching each other's email lists -- see below for details).
> 
> A very fast and simplistic synopsis of the meeting is:
> What are the differences between 802.1X and PANA?
> PANA runs over IP and 802.1X runs over ethernet.
> PANA will work for the operators who have a link layer that 
> is not ethernet. This means that PANA passes its keying 
> material on to IPSEC (while 802.1X passes its on to 802.11i 
> and perhaps 802.3 in the future). This means that PANA blocks 
> at layer 3 -- blocking all but PANA packets (while 802.1X 
> blocks at layer 2 all but eapol packets).
> 
> For those who are textually challenged and prefer pictures:
>                   EAP
>   +----------------+---------------------+
>   |                                      |
> 802.1X                                 PANA
>   |                                      |
> ethernet                                IP
> 
> 
> The IEEE LinkSec info has been posted to the PANA site.
> 
> Please see the IETF PANA group information below:
>     To get on the IETF PANA email list:
>       To Subscribe: pana-request@research.telcordia.com
>       In Body: (un)subscribe
>       Archive: 
> ftp://ftp.research.telcordia.com/pub/Group.archive/pana/archiv
e
    Let me know if you have any problems.
    The IETF PANA home page is at:
      http://www.ietf.org/html.charters/pana-charter.html
    If you have trouble accessing it pleast let me know.

Sincerely,
Jim B.

Follow-Ups:
- Re: [LinkSec] IETF PANA
  - From: Yoshihiro Ohba <yohba@tari.toshiba.com>

Prev by Date: [LinkSec] Documents
Next by Date: [LinkSec] Fw: T1M1 to IEEE 802.3ah Liaison
Prev by thread: [LinkSec] Documents
Next by thread: Re: [LinkSec] IETF PANA
Index(es):
- Date
- Thread