Thread Links Date Links
Thread Prev Thread Next Thread Index Date Prev Date Next Date Index

Re: [802SEC] +++ SEC EMAIL BLLOT +++ MOTION: Authorize the Link Security Exec SG to become an 802.1 SG




Dear Ken,

I am glad to hear that the 802.10 members may finally get their personal
funding issues resolved to participate in this effort soon. The current
economical environment makes funding a challenge for a lot of individuals
and companies. And we are making everything possible to make participation
accessible to everyone.

As you know, I have personally updated you as chairman of 802.10WG since
this effort started early September 2002 until the formation of the SG.
After that I have posted all the information to the reflector. No concerns
have been voiced in there and currently there are members from at least
802.1, 802.3, 802.11, 802.15 and even 802.10.

To give you an update of the first official SG meeting, we had up to 70
participants in the meeting. It is true we have very strong participation
from 802.1 but also from 802.3, and some participation from 802.11. This
includes security experts, bridging experts and MAC experts. Thanks to this
participation we have been able to agree on a placement of the project but
also on a work plan and make progress towards consensus, and more
importantly a critical mass with the right expertise to take the job.
(Obviously, we will get more participants as the process move forward.) So
from my point of view, all 802.1 members, as well as all other participants,
deserve my full respect for taking their time and resources to attend the
meetings and work on this project.

At the same time, your opinion is also respected. I personally was not aware
of it. I would like to ask you to elaborate more on your proposal, although
it would have been useful to bring it to the group first. Do you plan to
post this to the SG reflector?

Can you please elaborate on the advantages of being part of 802.10 and
outline the disadvantages of being part of 802.1? If you review the minutes
of the SG, I personally asked 802.1 officers to elaborate on the technical
constraints due to being part of 802.1. The answer was none. 802.1 is the
group "owning" the architecture issues of 802 and it is not restricted to
the traditional layer location they have been working so far. 802.1 is
focused on the global view of 802 networks instead of specific MACs. This in
fact was the reason for not doing it in 802.3. Therefore, this combined with
the attraction of security experts to the group meets the initial motivation
of this effort. If you think it doesn't, can you please elaborate on this?
what do you mean with the following statement: "This SG will wind up in a
MAC-oriented working group rather than in a non-biased security-oriented
working group".

I would like to remind that we are not approving an standard with this
decision. We are just letting it start. The EPON people is trying to get
this process running since EFM started early 2001. There is a real market
need with real deadlines, specially in Asia, waiting for this solution.

Ken, can you please explain how you want to proceed? do you want time in the
SG agenda to present your proposal? or in the opening or closing SEC
meeting? You are saying there is no guarantees yet that any of you can
attend the meeting. With the due respect, I am not sure what you are
requesting. Should we take this to the SG reflector over email?

Respectfully,

Dolors

----- Original Message -----
From: "Paul Nikolich" <paul.nikolich@att.net>
To: "Ken Alonge" <kenneth.alonge@verizon.net>; "Geoff Thompson"
<gthompso@nortelnetworks.com>; "Paul Nikolich" <p.nikolich@ieee.org>;
"IEEE802" <stds-802-sec@ieee.org>
Cc: "Russ Housley" <housley@vigilsec.com>; "Dolors Sala (E-mail)"
<dolors@ieee.org>
Sent: Wednesday, February 19, 2003 9:01 PM
Subject: Re: [802SEC] +++ SEC EMAIL BLLOT +++ MOTION: Authorize the Link
Security Exec SG to become an 802.1 SG


> Dear SEC,
>
> Attached is a message from Ken Alonge, the Chairman of the hibernating
> 802.10 Security WG, on the ECSG Motion.
>
> (Bob O'Hara, please add Ken to the SEC reflector list.)
>
> Regards,
>
> --Paul Nikolich
>
>
> ----- Original Message -----
> From: "Ken Alonge" <kenneth.alonge@verizon.net>
> To: "Geoff Thompson" <gthompso@nortelnetworks.com>; "Paul Nikolich"
> <p.nikolich@ieee.org>
> Cc: "Russ Housley" <housley@vigilsec.com>; "Dolors Sala (E-mail)"
> <dolors@ieee.org>
> Sent: Wednesday, February 19, 2003 4:46 PM
> Subject: Re: [802SEC] +++ SEC EMAIL BLLOT +++ MOTION: Authorize the Link
> Security Exec SG to become an 802.1 SG
>
>
> > Paul and Geoff-
> >
> > I couldn't agree with Geoff's position more.  I think it is a grave
> mistake
> > to vote (at this point) to put the study group into 802.1.
> >
> > It seems to me (and was voiced to you by Russ Housley) that the deck was
> > stacked by the fact that the LinkSec study group meeting was held in
> > conjunction with an 802.1 interim meeting. Some of the other working
> groups
> > that have an interest in the SG had conflicting meetings during or near
> the
> > time of the SG meeting and therefore could not attend. It's obvious that
> the
> > recommendation coming out of that meeting would be to move the SG into
.1
> > since most of the attendees were from .1, and it seems that members of
.1
> > are the ones driving this e-mail ballot.
> >
> > The other problem that I have with this is that it appears that this SG,
> > which is focused on critical 802 security issues, will wind up in a
> > MAC-oriented working group rather than in a non-biased security-oriented
> > working group, such as .10.  We clearly see, and the industry is still
> > feeling, the result of the .11 security fiasco.  Can 802 afford another
> > oops?
> >
> > Russ is pursuing funding from Government sponsors for both himself and
me
> so
> > that we can unhibernate .10, if need be, in order to deal with the 802
> > security issues.  My guess is that we will be successful in getting the
> > required funding if 802 decides that .10 is where these issues should be
> > handled.  It is also a possibility that the other two key .10 members
> (Dick
> > McAllister and Joe Maley) could get funding to participate, if .10 comes
> out
> > of hibernation.
> >
> > There is a possibility that I might be able to attend the March plenary
to
> > discuss this further in person, but that depends on contractual issues
> that
> > are currently in the works and which probably won't get resolved until
> late
> > this week or early next week.
> >
> > Ken Alonge
> >
> > ----- Original Message -----
> > From: "Geoff Thompson" <gthompso@nortelnetworks.com>
> > To: "Paul Nikolich" <p.nikolich@ieee.org>
> > Cc: "IEEE802" <stds-802-sec@ieee.org>; "Dolors Sala (E-mail)"
> > <dolors@ieee.org>
> > Sent: Tuesday, February 18, 2003 11:36 AM
> > Subject: Re: [802SEC] +++ SEC EMAIL BLLOT +++ MOTION: Authorize the Link
> > Security Exec SG to become an 802.1 SG
> >
> >
> > >
> > > Colleagues-
> > >
> > > I vote DISAPPROVE
> > > Further, were this vote to come up on the agenda for Monday morning, I
> > > would move to defer the decision until Friday.
> > >
> > > By conducting this as an e-mail ballot we are taking a vote of the
SEC.
> By
> > > conducting this vote at the closing plenary as I consider proper, we
> would
> > > (hopefully) have the input of the body of the Working Groups.
> > >
> > > It is my opinion that this sort of 802 structural decision will have
far
> > > reaching consequences for each/all of the Working Groups and should
not
> be
> > > taken lightly.
> > >
> > > Respectfully,
> > >
> > > Geoff
> > >
> > >
> > > At 02:04 PM 2/12/2003 -0500, Paul Nikolich wrote:
> > >
> > > >Dear SEC,
> > > >
> > > >This is a 10 day SEC email ballot to make a determination on the
below
> > SEC
> > > >motion to authorize the Link Security Executive Study Group to become
> an
> > > >802.1 Study Group. Moved by Tony Jeffree, seconded by Bob Grow.
> > > >
> > > >The email ballot opens on Wednesday February 11 2PM EST and closes
> Friday
> > > >February 21 2PM EST.
> > > >
> > > >Please direct your responses to the SEC reflector.
> > > >
> > > >Regards,
> > > >
> > > >--Paul Nikolich
> > > >Chairman, IEEE 802 LMSC
> > > >
> > > >MOTION: "The SEC resolves that the Link Security Study Group will
> become
> > a
> > > >study  group of the 802.1 HiLi working group, effective from the
start
> of
> > > >the  March 802 Plenary meeting."
> > > >
> > > >MOVER: Tony Jeffree
> > > >SECOND: Bob Grow
> > >
> > >
> >
>
>