Here are my notes from the P2MP
call today concerning Security.
There is agreement within P2MP
that security (encryption, authentication) needs to be defined for EFM market
acceptance and interoperability. This is most acute in EPON which is a
We are still looking for the right
standards body in which to attack this solution, but it is starting to be
narrowed down. The choices still
under discussion are: 802.10 reactivation, an 802.3
security transport mechanism, or a supplier
Paul N. offered guidance for the
802.10 reactivation approach, which was very helpful. What is of most interest here is that a
new PAR for 802.10, can be a *focused* effort on P2MP fiber
security. That means we do not
have to be bounded by the existing 802.10 architecture. The steps would be to identify the
technical activity to be worked on, bringing in security experts as well as
802.3 knowledge, with a core team of (say) ~20
people, and submit a PAR request.
A focused PAR would need to go through the 802 process, but could move
quickly if the scope is narrowed to a specific requirement.
The concerns voiced about 802.10
were the time period required to go through an 802 process (it would likely be
a March PAR approval), and also uncertainty about the ability to be flexible
to handle below MAC layer encryption if that was decided that was the best
To continue to explore this path,
I will invite a former 802.10 Chair on one of the upcoming P2MP calls.
An opinion to leave some bits in
the LLID field undefined so as not to limit future options was expressed.
Regardless of the document host,
we need continued discussion on the security threats, existing standards, and
the most appropriate security mechanism.
I’d like to solicit a volunteer to
lead the security effort for EPON to make sure it happens quickly. It is possible that this will become
an independent effort, although strongly tied to EFM P2MP.
Did I capture this right? My personal opinion is that the
802.10 reactivation, if, and only if, it can be a PAR focused on P2MP Fiber
and not bounded by current 802.10 definitions – is now a more attractive
option. And if that is true, then
the challenge becomes moving faster than the 802 process, and this can be done
by working now in the P2MP group and external alliance meetings to reach
consensus and setup the work.
I’d appreciate feedback from others who were on the call.