MACsec SFP

Randy Bush randy at psg.com
Wed Jun 25 05:23:08 UTC 2014


>> i have always been fond of rfc 4808 and not the unnecessarily complex
>> alternatives such as tcp-ao.
> sure... but to do this you have to be able to program the keys from
> the platform the SFP is plugged into.. .not via the sfp itself
> (outside the chassis)

i was advocating the general method, prepping key roll, not the
particular use in md5 tcp

randy



More information about the NANOG mailing list