mark seery mark.a.seery at
Sat Sep 19 03:56:37 UTC 2020

> Sounds like you're making a/the case for MACSec :-).

While I get your point, and it is a good one, no. Once lawyers, finance, and other functions get involved, it goes from being just another technology, to a pain for suppliers and customers alike. Export laws complicate implementation, and vendors can only afford and/or have the operational agility, to do an implementation once. Any security tech that is sufficiently interesting, is going to be a pain for router vendors to implement and operationalize given the government’s attitude to such tech. The lower in the stack it is, the bigger the pain. 

That said, vendors are being asked to put MACSec in and I suspect more platforms supporting it will become available over time.

More information about the NANOG mailing list