[rbridge] Threat and security analysis?
jukka.manner at tkk.fi
Fri May 28 08:44:58 PDT 2010
I was mostly thinking in the direction of
a) Deployment guidelines: what people should understand when looking for
deploying TRILL. Yes, concrete details would be good.
b) Future work: how could we make TRILL more secure and trustworthy than
legacy Ethernet since we don't need to carry all that legacy (yes, I
know, the simplicity requirement of TRILL is against this).
I don't have a pointer to Ethernet for comparison.
On 28.5.2010 18:18, Joe Touch wrote:
> Hi, Jukka,
> Jukka Manner wrote:
>> I was wondering, has anyone done a detailed analysis of the threats
>> associated with deploying and using TRILL? All the WG documens basically
>> just go around the topic by comparing and refering to other similar
>> technologies and saying that TRILL should not be worse.
> While I realize that such analyses are currently popular, what exactly
> is worth stating beyond "we're not worse than Ethernet"? Does that need
> to be shown in detail, e.g., in regards to the protocols/mechanisms we add:
> - IS-IS
> which we now depend on, rather than STP
> - edge label tables
> which should have the same issues as ARP
> It would be useful to point us to a similar threat analysis of Ethernet
> to build upon, but the key question I would have is:
> what do you expect in this doc that isn't already in
> the Security Considerations of the RFCs?
> rbridge mailing list
> rbridge at postel.org
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 359 bytes
Desc: not available
Url : http://mailman.postel.org/pipermail/rbridge/attachments/20100528/0d4bcb9c/jukka_manner-0001.vcf
More information about the rbridge