[mpls] Protocol Action: 'LDP Hello Cryptographic Authentication' to Proposed Standard (draft-ietf-mpls-ldp-hello-crypto-auth-10.txt)
The IESG <iesg-secretary@ietf.org> Mon, 23 June 2014 14:01 UTC
Return-Path: <iesg-secretary@ietf.org>
X-Original-To: mpls@ietfa.amsl.com
Delivered-To: mpls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E4AA11B2969; Mon, 23 Jun 2014 07:01:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XOgXZzV02Ts0; Mon, 23 Jun 2014 07:01:02 -0700 (PDT)
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 17B251B2B0F; Mon, 23 Jun 2014 07:00:55 -0700 (PDT)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
X-Test-IDTracker: no
X-IETF-IDTracker: 5.5.0.p3
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <20140623140055.10358.16385.idtracker@ietfa.amsl.com>
Date: Mon, 23 Jun 2014 07:00:55 -0700
Archived-At: http://mailarchive.ietf.org/arch/msg/mpls/n6oTfImgSLUX2KcV1NmVimA8f1I
Cc: mpls mailing list <mpls@ietf.org>, mpls chair <mpls-chairs@tools.ietf.org>, RFC Editor <rfc-editor@rfc-editor.org>
Subject: [mpls] Protocol Action: 'LDP Hello Cryptographic Authentication' to Proposed Standard (draft-ietf-mpls-ldp-hello-crypto-auth-10.txt)
X-BeenThere: mpls@ietf.org
X-Mailman-Version: 2.1.15
List-Id: Multi-Protocol Label Switching WG <mpls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mpls>, <mailto:mpls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/mpls/>
List-Post: <mailto:mpls@ietf.org>
List-Help: <mailto:mpls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mpls>, <mailto:mpls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 23 Jun 2014 14:01:04 -0000
The IESG has approved the following document: - 'LDP Hello Cryptographic Authentication' (draft-ietf-mpls-ldp-hello-crypto-auth-10.txt) as Proposed Standard This document is the product of the Multiprotocol Label Switching Working Group. The IESG contact persons are Adrian Farrel and Alia Atlas. A URL of this Internet Draft is: http://datatracker.ietf.org/doc/draft-ietf-mpls-ldp-hello-crypto-auth/ Technical Summary This document introduces a new optional Cryptographic Authentication TLV that LDP can use to secure its Hello messages. It secures the Hello messages against spoofing attacks and some well known attacks against the IP header. This document describes a mechanism to secure the LDP Hello messages using National Institute of Standards and Technology (NIST) Secure Hash Standard family of algorithms. Working Group Summary Taking a mostly security document through a working group like MPLS is a bit tricky. Most of the participants do not have there focus on security issues. While a large majority agree that the security work has a huge value, it is often not highest on the priority list for the average MPLS participant. Securing routing protocols, like LDP, started with a analysis done by the KARP working group. KARP pointed to the UDP based Hello messages as a potential risk. The current draft has been developed by the MPLS working group and reviewed by KARP during WGLC. The comments from people active in KARP have been very valuable. Document Quality Currently we do not know of existing implementations of this draft, The SecDir review from Yaron Sheffer took a while to resolve, but has improved the document. Personnel Adrian Farrel is the Responsible AD Loa Andersson is the Document Shepherd.