Thread Links Date Links
Thread Prev Thread Next Thread Index Date Prev Date Next Date Index

RE: [EFM] OAM developing Geoff's observation.


I was referring to the shared link data security requirements for P2MP, i.e.
between the ONUs and the OLT.


-----Original Message-----
From: Roy Bynum [mailto:rabynum@xxxxxxxxxxxxxx]
Sent: Monday, September 17, 2001 5:42 PM
To: Faye Ly; Harry Hvostov; mattsquire@xxxxxxx;
Subject: RE: [EFM] OAM developing Geoff's observation.


The real question, since the encryption is at the aggregation "box" then 
how much of that would apply to EFM which is between the aggregation "box" 
and the CPE or does this issue even apply at all?

Thank you,
Roy Bynum

At 05:28 PM 9/17/01 -0700, Faye Ly wrote:
>Can you please clarify the network segment where encryption covers?
>Judging from the PPPoE discussion we had, the encryption starts
>at the subscriber termination point and it may very well be at the
>aggregation box.  Not at the CPE.
>So the big question is "Is data segration alone satisfy the needs for
>security for user data travelling from home/office to the subscriber
>termination point?"
>         -----Original Message-----
>         From: Harry Hvostov
>         Sent: Mon 9/17/2001 3:59 PM
>         To: 'mattsquire@xxxxxxx';
>         Cc:
>         Subject: RE: [EFM] OAM developing Geoff's observation.
>         Cable industry is deploying X.509 digital certificate and key
>         protocol now. I believe the requirement to
>         be quite realistic and a direct consequence of MSO's experience
>with more
>         relaxed authentication mechanisms.
>         I believe that the precedent for public access network
>authentication has
>         been set and its feasibility will be proven in the nearest
>future, with real
>         deployments.
>         Harry
>         -----Original Message-----
>         From: Matt Squire [mailto:mattsquire@xxxxxxx]
>         Sent: Monday, September 17, 2001 12:51 PM
>         To: "HHvostov\";";
>         "malcolm.herring\"";
>         Subject: RE: [EFM] OAM developing Geoff's observation.
>         This seems like a new and unrealistic requirement.  Simple
>         authentication has served users well for a long time.  Although
>         understand the benefits of managed certificates, I've also had a
>         of their complexity and the interoperability problems that lay
>in wait.
>         Managed certificates for authentication cannot be a requirement
>for EFM
>         services.
>         - Matt
>         >
>         > Malcolm,
>         >
>         > User authentication will likely require the use of digital
>         > certificates and
>         > key management. As such, this can be transported inside
>         > Ethernet frames. There is no requirement for additional
>         > concurrent protocol
>         > such as PPP to accomplish this.
>         >
>         > Harry
>         >