nanog mailing list archives

Re: Security over SONET/SDH

From: Christopher Morrow <morrowc.lists () gmail com>
Date: Mon, 24 Jun 2013 22:59:02 -0400

On Mon, Jun 24, 2013 at 10:25 PM, joel jaeggli <joelja () bogus com> wrote:

Securing the link layer however is not a replacement for an end to end
solution so just because it's protecting the air interface(s) doesn't really
mean somebody not looking at the traffic elsewhere.


it's fair to say, I think, that if you want to  say something on the
network it's best that you consider:
  1) is the communication something private between you and another party(s)
  2) is the communication going to be seen by other than you +
the-right-other-party(s)

and probably assume 2 is always going to be the case... So, if 1) is
true then make some way to keep it private:
  ssl + checking certs 'properly' (where is dane?)
  gpg + good key material security
  private-key/shared-key - don't do this, everyone screws this up.

-chris

Current thread:

Re: Are undersea cables tapped before they get to ISP's? [was Re: Security over SONET/SDH], (continued)
- - - Re: Are undersea cables tapped before they get to ISP's? [was Re: Security over SONET/SDH] Dobbins, Roland (Jun 25)
    - Re: Are undersea cables tapped before they get to ISP's? [was Re: Security over SONET/SDH] Dobbins, Roland (Jun 25)
    - Message not available
    - Re: Are undersea cables tapped before they get to ISP's? [was Re: Security over SONET/SDH] Hank Nussbacher (Jun 25)
    - Re: Are undersea cables tapped before they get to ISP's? [was Re: Security over SONET/SDH] Warren Bailey (Jun 25)
    - Re: Security over SONET/SDH JP Velders (Jun 29)
- Re: Security over SONET/SDH Scott Weeks (Jun 24)
  - RE: Security over SONET/SDH Jamie Bowden (Jun 24)
    - Re: Security over SONET/SDH Gary Buhrmaster (Jun 24)
    - Re: Security over SONET/SDH Mike A (Jun 24)
  - Re: Security over SONET/SDH joel jaeggli (Jun 24)
    - Re: Security over SONET/SDH Christopher Morrow (Jun 24)
    - Re: Security over SONET/SDH Philip Dorr (Jun 24)
    - Re: Security over SONET/SDH Mike A (Jun 25)
- Re: Security over SONET/SDH Scott Weeks (Jun 25)
  - Re: Security over SONET/SDH Glen Turner (Jun 25)
    - Re: Security over SONET/SDH sam (Jun 25)
  - Re: Security over SONET/SDH William Allen Simpson (Jun 25)
    - Re: Security over SONET/SDH Christopher Morrow (Jun 25)
- Re: Security over SONET/SDH Scott Weeks (Jun 25)
  - Re: Security over SONET/SDH sam (Jun 25)
    - Re: Security over SONET/SDH Phil Fagan (Jun 25)

(Thread continues...)