Thread Links Date Links
Thread Prev Thread Next Thread Index Date Prev Date Next Date Index

Re: [EFM] P2MP Call Notes / Security

Gerry,
     I would like to make some comments on the points below. How about making a 802.3 security transport specifications for the EPON? Doesn't that seem like a better choice for 802.3 EFM? Also, I am not sure how much of work would it take to revive 802.1 with a new PAR.
 
   Would do anything outside the umbrella of 802 be a advisable thing just for EPON? I think work would move after with an external group and since this is dedicated for EPON it could come up with the architecture will be faster.
 
  Finally, I would like to volunteer myself for this work. What are the next few steps to take?
 
 
Please let me know.
 
Regards
SG
 

*********** REPLY SEPARATOR ***********

On 8/13/2002 at 8:43 AM Gerry Pesavento wrote:

Here are my notes from the P2MP call today concerning Security. 

 

(1)     There is agreement within P2MP that security (encryption, authentication) needs to be defined for EFM market acceptance and interoperability.  This is most acute in EPON which is a shared network.  

(2)     We are still looking for the right standards body in which to attack this solution, but it is starting to be narrowed down.  The choices still under discussion are: 802.10 reactivation, an 802.3 security transport mechanism, or a supplier alliance/agreement.

(3)     Paul N. offered guidance for the 802.10 reactivation approach, which was very helpful.  What is of most interest here is that a new PAR for 802.10, can be a *focused* effort on P2MP fiber security.  That means we do not have to be bounded by the existing 802.10 architecture.  The steps would be to identify the technical activity to be worked on, bringing in security experts as well as 802.3 knowledge, with a core team of (say) ~20 people, and submit a PAR request.  A focused PAR would need to go through the 802 process, but could move quickly if the scope is narrowed to a specific requirement.

(4)     The concerns voiced about 802.10 were the time period required to go through an 802 process (it would likely be a March PAR approval), and also uncertainty about the ability to be flexible to handle below MAC layer encryption if that was decided that was the best approach.  

(5)     To continue to explore this path, I will invite a former 802.10 Chair on one of the upcoming P2MP calls.

(6)     An opinion to leave some bits in the LLID field undefined so as not to limit future options was expressed.

(7)     Regardless of the document host, we need continued discussion on the security threats, existing standards, and the most appropriate security mechanism.  

(8)     I’d like to solicit a volunteer to lead the security effort for EPON to make sure it happens quickly.  It is possible that this will become an independent effort, although strongly tied to EFM P2MP.   

 

Did I capture this right?   My personal opinion is that the 802.10 reactivation, if, and only if, it can be a PAR focused on P2MP Fiber and not bounded by current 802.10 definitions – is now a more attractive option.  And if that is true, then the challenge becomes moving faster than the 802 process, and this can be done by working now in the P2MP group and external alliance meetings to reach consensus and setup the work.   I’d appreciate feedback from others who were on the call.

 

 

 

Gerry Pesavento