MACsec, or IEEE 802.1AE, is an encryption standard for wired LANs. It can protect DHCP traffic and VLANs, prevent tampering on ethernet headers. It can be used on its own, or rely on 802.1X for key distribution via the MACsec Key Agreement (MKA) extension.
This talk will give an overview of MACsec, present some use cases, describe the proposed implementation for the Linux kernel, and future work.