Bernard Aboba wrote, around 15/10/07 10:54 AM:
(2) Standard 802.1x was driven by security between physical Ethernet
ports. The extension work on 802.1af needed for credentials to traverse
a DSLAM will not be available in needed time frames.
What extensions are you referring to? In terms of timeframes, are we
talking about changes to hosts, CPE or DSLAMs?
Tracing this thread, I still am not clear what the transition scenario
is:
a) No changes to hosts, firmware upgrade to CPE and DSLAMs?
b) No changes to hosts, hardware upgrade to CPE, firmware upgrade to
DSLAMs?
c) Changes to hosts, firmware upgrades to CPE and DSLAMs?
d) Changes to hosts, hardware upgrades to CPE and DSLAMs?
I am sure there is a a) to z) of options here, all with their own
chances in the market. When all of our conversations with providers tend
to end is:
e) No changes to hosts, probably whole new CPE, no changes to DSLAMs, no
changes to aggregating switches, software upgrade to NAS, no flag day so
customers at their own speed running PPPoE can switch to IPoE without
re-provisioning when they get a new CPE for new services.
I do think over time that we will get a secure layer 2 capability driven
by enterprise requirements and supported by changes in host, CPE and all
manner of switches, but the time frame for that is simply unknowble.
Almost all proposals for authentication, at any layer seem to be
controversial, this makes them slow, including unfortunately DHCP Auth
it seems.
- Ric
_______________________________________________
Int-area mailing list
[email protected]
https://www1.ietf.org/mailman/listinfo/int-area
_______________________________________________
Int-area mailing list
[email protected]
https://www1.ietf.org/mailman/listinfo/int-area
