RE: [Isis-wg] Cryptographic Algorithm Implementation Requirements for IS-IS
"Manav Bhatia" <manav_bhatia06@yahoo.co.uk> Mon, 24 July 2006 04:15 UTC
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1G4rrC-0003Ai-0g; Mon, 24 Jul 2006 00:15:50 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1G4rrA-0003Ad-SR for isis-wg@ietf.org; Mon, 24 Jul 2006 00:15:49 -0400
Received: from smtp008.mail.ukl.yahoo.com ([217.12.11.62]) by ietf-mx.ietf.org with smtp (Exim 4.43) id 1G4rr9-0001u5-4h for isis-wg@ietf.org; Mon, 24 Jul 2006 00:15:48 -0400
Received: (qmail 18117 invoked from network); 24 Jul 2006 04:15:36 -0000
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.co.uk; h=Received:From:To:Cc:Subject:Date:Message-ID:MIME-Version:Content-Type:Content-Transfer-Encoding:X-Mailer:In-Reply-To:X-MimeOLE:Thread-Index; b=YG3jDiKSK+MuIk6w8x5Szrjfk0yEjj9AsHkI1WkXkESTiCCcLBfmVaoveHfKNUsyub5ySTXXjZDTshluBiK8aDjxH5isB3wmZkqAfiRu/UK6EBcJEksa3W0+YWabmSTungx3hUzvo9ReShcqnj6BxJr2mBIcuF1IjUCWUtSi71Y= ;
Received: from unknown (HELO pfloyd) (manav?bhatia06@202.144.106.188 with login) by smtp008.mail.ukl.yahoo.com with SMTP; 24 Jul 2006 04:15:35 -0000
From: Manav Bhatia <manav_bhatia06@yahoo.co.uk>
To: 'Jack Kohn' <kohn.jack@gmail.com>
Subject: RE: [Isis-wg] Cryptographic Algorithm Implementation Requirements for IS-IS
Date: Mon, 24 Jul 2006 09:45:18 +0530
Message-ID: <003901c6aed7$c7bad630$260218ac@rs.riverstonenet.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Office Outlook 11
In-Reply-To: <dc8fd0140607221120p40e4e7dbi3eca8e2bd01610c8@mail.gmail.com>
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2869
Thread-Index: Acatu5SWeGwYNfdWQg6352jcYCdPCQBGq9mQ
X-Spam-Score: 0.9 (/)
X-Scan-Signature: b7b9551d71acde901886cc48bfc088a6
Cc: isis-wg@ietf.org
X-BeenThere: isis-wg@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IETF IS-IS working group <isis-wg.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/isis-wg>, <mailto:isis-wg-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/isis-wg>
List-Post: <mailto:isis-wg@ietf.org>
List-Help: <mailto:isis-wg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/isis-wg>, <mailto:isis-wg-request@ietf.org?subject=subscribe>
Errors-To: isis-wg-bounces@ietf.org
Jack, These definitions have been used in RFCs (4305 and 4307), internet drafts and the community since quite some time and I don't think there should be any problem there. In cryptography, algorithms believed to be secure today may get broken any time tomorrow and we need to continuously deprecate such algorithms. Thus an algorithm marked as MUST may not always remain a MUST and it may need to be demoted if there are weaknesses found there. Hope this helps. Manav # -----Original Message----- # From: Jack Kohn [mailto:kohn.jack@gmail.com] # Sent: Saturday, July 22, 2006 11:51 PM # To: manav_bhatia06@yahoo.co.uk # Cc: isis-wg@ietf.org # Subject: RE: [Isis-wg] Cryptographic Algorithm Implementation # Requirements for IS-IS # # Manav, # # Would your definitions of new RFC 2119 language be acceptable to the # IESG? I personally dont have a huge problem with it, but I'm just # making sure that flies with the IESG (or the powers to be). # # Jack # # ----- Original Message ---- # From: Manav Bhatia <manav_bhatia06@yahoo.co.uk> # To: isis <isis-wg@ietf.org> # Sent: Saturday, 22 July, 2006 7:09:39 AM # Subject: [Isis-wg] Cryptographic Algorithm Implementation # Requirements for IS-IS # # Hi, # # This draft follows the ISIS HMAC SHA authentication draft that was # presented in Montreal. # # This document lists down the various authentication schemes and # algorithms that IS-IS can use to authenticate its PDUs. Further to # ensure interop between different # implementations, it specifies a set of MUST/SHOULD/MAY support auth # schemes/algos to ensure that there is atleast 1 auth algo/scheme that # all implementations support. # # This is basically an equivalent of RFC 4305 for IS-IS. # # The nature of cryptography is that new algorithms surface continuously # and existing algorithms are continuously attacked. An algorithm # believed to be strong today may be demonstrated to be weak tomorrow. # Given this, the choice of mandatory-to-implement algorithm should be # conservative so as to minimize the likelihood of it being compromised # quickly. # # Also, we need to recognize that the mandatory-to-implement # algorithm(s) may need to change over time to adapt to the changing # world. For this reason, the selection of mandatory-to-implement # algorithms should not be included in the base IS-IS specification. # This way it is only this document that needs to get updated, whenever # there is a need to update the status of mandatory-to-implement # authentication algorithms or if some authentication algorithms are # deprecated/obsoleted. # # A URL for this Internet-Draft is: # http://www.ietf.org/internet-drafts/draft-bhatia-manral-crypto -req-isis-00.txt # # Thanks, # Manav # # > ----- Forwarded Message ---- # > From: Internet-Drafts@ietf.org # > To: i-d-announce@ietf.org # > Sent: Saturday, July 22, 2006 1:20:01 AM # > Subject: I-D ACTION:draft-bhatia-manral-crypto-req-isis-00.txt ___________________________________________________________ To help you stay safe and secure online, we've developed the all new Yahoo! Security Centre. http://uk.security.yahoo.com _______________________________________________ Isis-wg mailing list Isis-wg@ietf.org https://www1.ietf.org/mailman/listinfo/isis-wg
- [Isis-wg] Cryptographic Algorithm Implementation … Manav Bhatia
- RE: [Isis-wg] Cryptographic Algorithm Implementat… Manav Bhatia