DRAFT Minutes of an 802.1 Security Task Group teleconference held Wednesday 20th May 2020 1.30 pm Eastern Time Attendees: Rich Dubrawski (Viasat Inc) Don Fedyk (LabN Consulting) Randy Kelsey (Engineering Solutions, Inc.) Scott Mansfield (Ericsson) Glenn Parsons (Ericsson) Karen Randall (Randall Consulting) Jessy Rouyer (Nokia) Mick Seaman (Independent, 802.1 Security Task Group Chair, minutes of this meeting) Marius Stanica (ABB) Max Turner (Ethernovia) William Zhao (Siemens) [Note that minuted contributions from any attendee can not/should not be assumed to represent a position of their employer or affiliated organization as shown. Participation in 802.1 is on individual basis as for all IEEE 802 meetings: https://mentor.ieee.org/802-ec/dcn/17/ec-17-0093-05-0PNP-ieee-802-participation-slide-ppt.ppt.] -- 0. The chair called the meeting to order at 1.30 Eastern Time and showed the SA PatCom Patent Slides for Standards Development Meetings https://development.standards.ieee.org/myproject/Public/mytools/mob/slideset.pdf, the IEEE 802 Participation slide https://mentor.ieee.org/802-ec/dcn/17/ec-17-0093-05-0PNP-ieee-802-participation-slide-ppt.ppt, the IEEE-SA Copyright Policy slides https://standards.ieee.org/content/dam/ieee-standards/standards/web/documents/other/copyright-policy-WG-meetings.potx. There were no responses to the call for patents at this time. 1. Agenda - P802.1AEdk MAC Security: MAC Privacy protection Draft development - A.O.B. - Future meetings/teleconferences 2. P802.1AEdk MAC Security: MAC Privacy protection Mick Seaman presented an update on suggested text for Clause 17, following on from the discussion in the March teleconferences: http://www.ieee802.org/1/files/public/docs2020/dk-seaman-dk17-suggested-text-0503-v01.pdf This had not been updated to reflect the 5/18/2020 discussion of selective privacy protection. Discussion of the recommendation (should, page 24 line 35) to use the PAE Group Address used by MACsec to address the peer PrY. This permits use of an individual address for the peer to accomodate PrY/SecY separation. An individual address should be used in this case to avoid accidental flooding of unintelligible frames. Use of an individual address not recommended in the general case, because that could dictate the network topology and the topology should not depend on the enabled/disabled state of privacy. Need to be sensitive to the need to deploy in stages, and to be able to check as deployment proceeds - which is why PrY operation is not tie4d to MACsec confidentiality. Don Fedyk (P802.1AEdk Editor) reviewed: YANG based Config for MAC Privacy 802.1AEdk Questions http://www.ieee802.org/1/files/public/docs2020/dk-fedyk-dot1aedk-document-open-questions-0520-v00.pdf Discussion of "minimal configuration". Expect experience to add to transmitter strategy over time, while receiver behavior is simpler and remain tolerant of a range of strategies. Needs basic management to be useful for a customer (equipment procurement) perspective, offering enough basic capability. Organization of the management data is management protocol dependent - the natural organization for SNMP (with weak table capabilities) can differ from that for YANG (with weak default capabilities). Balance between a complete self-contained YANG solution and the way that YANG is predominantly used with additional supporting tools. Need to ensure that having complete YANG is not the project length determining item. additional discussion of priority mapping tables, with some possibility of combination for simplification - more in line with a YANG augmentation approach than the separate approach of SNMP (?). Next steps will be assembling current material into a rough draft to facilitate comment, although that draft will be made available as soon as possible so will not incorporate the results of this week's teleconferences. [Draft now available at http://www.ieee802.org/1/files/private/dk-drafts/d0/802-1AEdk-d0-1.pdf ] 3. A.O.B. There was no other business. 4. Future meetings/teleconferences Will be scheduled as necessary, subject to the usual notice, when there is further input material to review. 5. Meeting adjourned: the teleconference concluded 3.28 pm Eastern Time.