Pieter Hulshoff phulshof at
Wed Jun 25 20:51:04 UTC 2014

On 25-06-14 22:45, Christopher Morrow wrote:
> today you program the key (on switches that do macsec, not in an SFP
> that does it for you, cause those don't exist, yet) in your router
> config and as near as I have seen there isn't a key distribution
> protocol aside from that which you write/manage yourself and which is
> likely using ssh/snmp(ick)/telnet(ick).

I'm not familiar with the MACsec key distribution available in current 
routers/switches. Are you saying Cisco doesn't support EAP and/or MKA 
for this purpose or just that the command protocol for configuring 
EAP/MKA is run via SSH/SNMP/telnet?

Kind regards,

Pieter Hulshoff

More information about the NANOG mailing list