Thread Links Date Links
Thread Prev Thread Next Thread Index Date Prev Date Next Date Index

[802SEC] Updated P802.1AEcg PAR plus comments received on the proposed P802.1AEcg PAR with 802.1 responses

Folks,

 

The revised proposed PAR for P802.1AEcg is now at:

http://www.ieee802.org/1/files/public/docs2014/cg-draft-aecg-par-0714-v3.pdf

The revised CSD is now at:

http://www.ieee802.org/1/files/public/docs2014/cg-draft-aecg-csd-0714-v3.pdf

Comments, responses, and proposed changes to the pre-circulated P802.1AEcg PAR text follow.


P802.1AEcg PAR comment resolution
---------------------------------------------

2 comments were received from 802.15 and x comments from 802.11.


The 802.15 comments were:

Comment: recommend change to 08/2017 to align with Sponsor Ballot date of 11/2016

Response:
Accept. Dates will be updated, taking into account this comments and other comments received on the dates.

Comment:

As stated in the 5.4 Purpose: "This standard will facilitate secure communication over publicly accessible LAN/MAN media for which security has not already been defined, and allow the use of IEEE Std 802.1X, already widespread and supported by multiple vendors, in additional applications."

It is not explicitly clear from this purpose statement that the resultant standard will address the needs of 64-bit MAC address devices as per IEEE Std. 802.15.4.  Will this standard be MAC address size agnostic?  If it will not, how will this group address the needs stated in 5.5 for these 64-bit MAC address devices?

Response:

As this is an amendment the Purpose shown is the purpose of the final standard and this has not/will not change. IEEE Std 802.1AE currently specifies MACsec frame formats and procedures for 48-bit addresses. The scope of the project 5.2.b does not include new formats for 64-bit addresses. That would be a substantial and different effort with little if any overlap with the proposed project and would need to be the subject of a separate amendment.

The 802.11 comments were:


Comment:
4.1 and 4.2: Check the Start of Sponsor Ballot and the Submission to RevCom dates…They do not seem reasonable.

Response:

Dates will be updated, taking into account this comments and other comments received on the dates.

Comment:
Note that the dates that are listed seem to be close to date that a new revision is needed.  Have you considered just getting this amendment done in conjunction with a Revision PAR?

Response: Yes we have. Bearing in mind the scope of the amendment and the discussions so far we believe that a focused amendment would be a timely and effective way to proceed.

Comment:
5.5 Change “separate bridging systems (Ethernet Data Encryption devices, EDEs) “ to separate bridging systems,  Ethernet Data Encryption devices, (EDEs)

Response:
Change "separate bridging systems (Ethernet Data Encryption devices, EDEs)" to "separate bridging systems known as Ethernet Data Encryption devices (EDEs)"

Comment:
8.1 Add the full name of the 802.1AE, 802.1X, and 802.1Q standards.

Response:
Everywhere that 802.1AE, 802.1X, and 802.1Q appears we will show the name in full. Only IEEE Std 802.1AE appears in 8.1. Changes to be made in 5.5 and 8.1.

Comment:
8.1: Where is “#7.3”?  This comment may be a hold over, or miss labeled.

Response: This appears to be an accidental hold over from previous versions of the form and will be removed. Delete "#7.3" from 8.1.

Comment:
5.6 – consider making the Stakeholders: Developers and users of  secure networking equipment.

Response: Accept. Add the word "secure". Note however that a large fraction (to the extent that we are aware without discussing market share) of recently deployed 802.3 based equipment is MACsec capable so the stakeholders and interested parties include many who might not be traditionally recognized as being associated with secure networking equipment.

Comment:
1.2 Broad Market Potential: “…number of  significant users…” what number? Who are these significant users?

Response:
We do not believe it is appropriate to quote the names of companies without their approval (which might be hard to get since the CSD would then take on aspects of a press release) and deciding on precise criteria for "significant" is too close to discussing market share issues for our comfort. However we would note that the ESS specification mentioned in 1.2 is aimed at supporting security of US businesses as a whole and is the subject of a public comment period. Individual task group members have discussed the identified needs with the originators of that specification who are interested in seeing the work go forward. The specification does publicly identify the use of the technology within national security systems in additional to commercial use. No change is proposed to the 1.2 text, which is repeated below.

"This amendment will support the use of MACsec in a number of scenarios deemed important by a number of
significant users. In particular it will support requirements that have been identified during the development of the
`Ethernet Security Specification' (ESS) by the NSA."


Comment:
1.2.2/1.2.3  missing “Std” on several of the standards cited.
1.2.5 change “802.1AE-2006” to “IEEE Std 802.1AE-2006”
Please check in the CSD for other instances of missing proper citation.

Response: Accept. Will update.

 

 

--

Glenn Parsons - Chair, IEEE 802.1

glenn.parsons@ericsson.com

+1-613-963-8141

 

---------- This email is sent from the 802 Executive Committee email reflector. This list is maintained by Listserv.