Thread Links			Date Links
Thread Prev	Thread Next	Thread Index	Date Prev	Date Next	Date Index

Re: [EFM] OAM developing Geoff's observation.

To: Harry Hvostov <HHvostov@xxxxxxxxxxxx>
Subject: Re: [EFM] OAM developing Geoff's observation.
From: Matt Squire <mattsquire@xxxxxxx>
Date: Mon, 17 Sep 2001 23:52:47 -0400
CC: HHvostov@luminous.com, malcolm.herring@btinternet.com, stds-802-3-efm@ieee.org
References: <C804C9B0865A38469A661E72CAF7C3A559BBC9@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
Reply-To: mattsquire@xxxxxxx
Sender: owner-stds-802-3-efm@majordomo.ieee.org

I guess I have a couple of quick comments on this.  I recognize that the
cable industry is starting to use X.509, but that doesn't make it a
requirement for this or any other group.  Many other protocols and
access technologies have found that that simpler authentication
technologies to be more than sufficient.  

And as you say, the feasibility of this approach has yet to be proven. 
To adopt a technology that has yet to be proven in similar deployment
scenarios seems very unwise.  

And besides, I still think such discussions, however interesting and
applicable to the broad picture of EFM deployment, are outside this
group's responsibilities.  

- Matt

Harry Hvostov wrote:
> 
> Cable industry is deploying X.509 digital certificate and key management
> protocol now. I believe the requirement to
> be quite realistic and a direct consequence of MSO's experience with more
> relaxed authentication mechanisms.
> 
> I believe that the precedent for public access network authentication has
> been set and its feasibility will be proven in the nearest future, with real
> deployments.
> 
> Harry
> 
> -----Original Message-----
> From: Matt Squire [mailto:mattsquire@xxxxxxx]
> Sent: Monday, September 17, 2001 12:51 PM
> To: "HHvostov\"@luminous.com;"@squid.squirehome.org;
> "malcolm.herring\"@btinternet.com"@squid.squirehome.org;
> stds-802-3-efm@ieee.org
> Subject: RE: [EFM] OAM developing Geoff's observation.
> 
> This seems like a new and unrealistic requirement.  Simple password
> authentication has served users well for a long time.  Although I
> understand the benefits of managed certificates, I've also had a taste
> of their complexity and the interoperability problems that lay in wait.
> Managed certificates for authentication cannot be a requirement for EFM
> services.
> 
> - Matt
> 
> >
> > Malcolm,
> >
> > User authentication will likely require the use of digital
> > certificates and
> > key management. As such, this can be transported inside conventional
> > Ethernet frames. There is no requirement for additional
> > concurrent protocol
> > such as PPP to accomplish this.
> >
> > Harry
> >

Follow-Ups:
- RE: [EFM] OAM security and authentication
  - From: Bob Barrett

References:
- RE: [EFM] OAM developing Geoff's observation.
  - From: Harry Hvostov

Prev by Date: RE: [EFM] OAM developing Geoff's observation.
Next by Date: RE: [EFM] OAM developing Geoff's observation.
Prev by thread: RE: [EFM] OAM developing Geoff's observation.
Next by thread: RE: [EFM] OAM security and authentication
Index(es):
- Date
- Thread