| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 23 Feb 2022 08:20:24 -0800
From: Jakub Kicinski <kuba@...nel.org>
To: Hans Schultz <schultz.hans@...il.com>
Cc: davem@...emloft.net, netdev@...r.kernel.org,
Andrew Lunn <andrew@...n.ch>,
Vivien Didelot <vivien.didelot@...il.com>,
Florian Fainelli <f.fainelli@...il.com>,
Vladimir Oltean <olteanv@...il.com>,
Roopa Prabhu <roopa@...dia.com>,
Nikolay Aleksandrov <nikolay@...dia.com>,
Shuah Khan <shuah@...nel.org>,
Stephen Suryaputra <ssuryaextr@...il.com>,
David Ahern <dsahern@...nel.org>,
Ido Schimmel <idosch@...dia.com>,
Petr Machata <petrm@...dia.com>,
Amit Cohen <amcohen@...dia.com>,
Po-Hsu Lin <po-hsu.lin@...onical.com>,
Baowen Zheng <baowen.zheng@...igine.com>,
linux-kernel@...r.kernel.org, bridge@...ts.linux-foundation.org,
linux-kselftest@...r.kernel.org
Subject: Re: [PATCH net-next v4 0/5] Add support for locked bridge ports
(for 802.1X)
On Wed, 23 Feb 2022 09:40:59 +0100 Hans Schultz wrote:
> > You still haven't answer my question. Is the data plane clear text in
> > the deployment you describe?
>
> Sorry, I didn't understand your question in the first instance. So as
> 802.1X is only about authentication/authorization, the port when opened
> for a host is like any other switch port and thus communication is in
> the clear.
Alright, thanks for clarifying!
> I have not looked much into macsec (but know ipsec), and that is a
> crypto (key) based connection mechanism, but that is a totally different
> ballgame, and I think it would for most practical cases require hardware
> encryption.
Powered by blists - more mailing lists