[172569] in North American Network Operators' Group
Re: MACsec SFP
daemon@ATHENA.MIT.EDU (Christopher Morrow)
Tue Jun 24 09:51:03 2014
X-Original-To: nanog@nanog.org
In-Reply-To: <53A92FEC.9070206@aimvalley.nl>
Date: Tue, 24 Jun 2014 09:50:55 -0400
From: Christopher Morrow <morrowc.lists@gmail.com>
To: Pieter Hulshoff <phulshof@aimvalley.nl>
Cc: nanog list <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
On Tue, Jun 24, 2014 at 3:59 AM, Pieter Hulshoff <phulshof@aimvalley.nl> wrote:
> features they should have. I'll then try to build a business case to get the
> product developed. MACsec is currently on the top of my own list, but I'll
> gladly pass other ideas to my colleagues.
what would be your key management strategy for the macsec version?
given press / etc over the last 18 or so months it seems like folk
with long-haul ether framing might be very interested in macsec for
those links and NOT doing it by sticking some switch platform between
the 2 routed endpoints.
management of key material (and rolling and...) is probably
interesting for them as well.
-chris
