Thread Links Date Links
Thread Prev Thread Next Thread Index Date Prev Date Next Date Index

RE: [EFM] OAM developing Geoff's observation.



Harry,
 
Yes, thank you for the clarification.  Note that the underlying
mechanims for
EPON transport (PHY) is TDM.  A very natural medium for data
segragation.
My question is "Is there a strong need for data encryption provided that
data segragation is done at the PHY layer?"
 
Note that I am not pushing for NONE encryption, I am merely trying to
figure
out the requirements.  If encryption is still needed, it will be very
helpful for
us to find out why and in what business model?  Thanks.
 
-faye

	-----Original Message----- 
	From: Harry Hvostov 
	Sent: Mon 9/17/2001 7:12 PM 
	To: 'Roy Bynum'; Faye Ly; Harry Hvostov; mattsquire@xxxxxxx;
"HHvostov\"@luminous.com;"@squid.squirehome.org;
"malcolm.herring\"@btinternet.com"@squid.squirehome.org;
stds-802-3-efm@ieee.org 
	Cc: 
	Subject: RE: [EFM] OAM developing Geoff's observation.
	
	

	Faye,
	
	I was referring to the shared link data security requirements
for P2MP, i.e.
	between the ONUs and the OLT.
	
	Harry
	
	-----Original Message-----
	From: Roy Bynum [mailto:rabynum@xxxxxxxxxxxxxx]
	Sent: Monday, September 17, 2001 5:42 PM
	To: Faye Ly; Harry Hvostov; mattsquire@xxxxxxx;
	"HHvostov\"@luminous.com;"@squid.squirehome.org;
	"malcolm.herring\"@btinternet.com"@squid.squirehome.org;
	stds-802-3-efm@ieee.org
	Subject: RE: [EFM] OAM developing Geoff's observation.
	
	
	Faye,
	
	The real question, since the encryption is at the aggregation
"box" then
	how much of that would apply to EFM which is between the
aggregation "box"
	and the CPE or does this issue even apply at all?
	
	Thank you,
	Roy Bynum
	
	
	At 05:28 PM 9/17/01 -0700, Faye Ly wrote:
	>Harry,
	>
	>Can you please clarify the network segment where encryption
covers?
	>Judging from the PPPoE discussion we had, the encryption starts
	>at the subscriber termination point and it may very well be at
the
	>aggregation box.  Not at the CPE.
	>
	>So the big question is "Is data segration alone satisfy the
needs for
	>security for user data travelling from home/office to the
subscriber
	>termination point?"
	>
	>-faye
	>
	>         -----Original Message-----
	>         From: Harry Hvostov
	>         Sent: Mon 9/17/2001 3:59 PM
	>         To: 'mattsquire@xxxxxxx';
	>"HHvostov\"@luminous.com;"@squid.squirehome.org;
	>"malcolm.herring\"@btinternet.com"@squid.squirehome.org;
	>stds-802-3-efm@ieee.org
	>         Cc:
	>         Subject: RE: [EFM] OAM developing Geoff's observation.
	>
	>
	>
	>
	>         Cable industry is deploying X.509 digital certificate
and key
	>management
	>         protocol now. I believe the requirement to
	>         be quite realistic and a direct consequence of MSO's
experience
	>with more
	>         relaxed authentication mechanisms.
	>
	>         I believe that the precedent for public access network
	>authentication has
	>         been set and its feasibility will be proven in the
nearest
	>future, with real
	>         deployments.
	>
	>         Harry
	>
	>         -----Original Message-----
	>         From: Matt Squire [mailto:mattsquire@xxxxxxx]
	>         Sent: Monday, September 17, 2001 12:51 PM
	>         To: "HHvostov\"@luminous.com;"@squid.squirehome.org;
	>
"malcolm.herring\"@btinternet.com"@squid.squirehome.org;
	>         stds-802-3-efm@ieee.org
	>         Subject: RE: [EFM] OAM developing Geoff's observation.
	>
	>
	>
	>
	>         This seems like a new and unrealistic requirement.
Simple
	>password
	>         authentication has served users well for a long time.
Although
	>I
	>         understand the benefits of managed certificates, I've
also had a
	>taste
	>         of their complexity and the interoperability problems
that lay
	>in wait.
	>         Managed certificates for authentication cannot be a
requirement
	>for EFM
	>         services.
	>
	>         - Matt
	>
	>         >
	>         > Malcolm,
	>         >
	>         > User authentication will likely require the use of
digital
	>         > certificates and
	>         > key management. As such, this can be transported
inside
	>conventional
	>         > Ethernet frames. There is no requirement for
additional
	>         > concurrent protocol
	>         > such as PPP to accomplish this.
	>         >
	>         > Harry
	>         >
	>
	

winmail.dat