ieee802-dot1ae

Organization:

Institute of Electrical and Electronics Engineers

Module:

ieee802-dot1ae

Version:

2021-11-09

File:

ieee802-dot1ae.yang

Abstract:

The MAC security entity (SecY) MIB module. A SecY is a protocol shim providing MAC Security (MACsec) in an interface stack. Eac...

Contact:

WG-URL: http://ieee802.org/1/
WG-EMail: stds-802-1-l@ieee.org

Contact: IEEE 802.1 Working Group Chair
Postal: C/O IEEE 802.1 Working Group
IEEE Standards Association
445 Hoes Lane
Piscataway, NJ 08855
USA

E-mail: stds-802-1-chairs@ieee.org

Check for an additional details:

YANG Catalog

Description:

The MAC security entity (SecY) MIB module. A SecY is a protocol
shim providing MAC Security (MACsec) in an interface stack.

Each SecY transmits MACsec protected frames on one or more Secure
Channels (SCs) to each of the other SecYs attached to the same LAN
and participating in the same Secure Connectivity Association
(CA). The CA is a security relationship, that is established and
maintained by key agreement protocols and supported by MACsec to
provide full connectivity between its participants. Each SC
provides unidirectional point to multipoint connectivity from one
participant to all the others and is supported by a succession of
similarly point to multipoint Secure Associations (SAs). The
Secure Association Key (SAK) used to protect frames is changed as
an SA is replaced by its (overlapping) successor so fresh keys can
be used without disrupting a long lived SC and CA.

Two different upper interfaces, a Controlled Port (for frames
protected by MACsec, providing an instance of the secure MAC
service) and an Uncontrolled Port (for frames not requiring
protection, like the key agreement frames used to establish the CA
and distribute keys) are associated with a SecY shim.