IETF Logo Mail Archive

[OPSEC] FW: minutes part 2

Michael Barnes <mjbarnes@cisco.com> Wed, 24 December 2008 04:35 UTC

Return-Path: <opsec-bounces@ietf.org>
X-Original-To: opsec-archive@optimus.ietf.org
Delivered-To: ietfarch-opsec-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id B9CBE3A6B4F; Tue, 23 Dec 2008 20:35:45 -0800 (PST)
X-Original-To: opsec@core3.amsl.com
Delivered-To: opsec@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 3009D3A6B52 for <opsec@core3.amsl.com>; Tue, 23 Dec 2008 17:06:45 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HT2GDkuYsON7 for <opsec@core3.amsl.com>; Tue, 23 Dec 2008 17:06:44 -0800 (PST)
Received: from sj-iport-6.cisco.com (sj-iport-6.cisco.com [171.71.176.117]) by core3.amsl.com (Postfix) with ESMTP id 62BB73A6B4F for <opsec@ietf.org>; Tue, 23 Dec 2008 17:06:43 -0800 (PST)
X-IronPort-AV: E=Sophos;i="4.36,274,1228089600"; d="scan'208";a="218735921"
Received: from sj-dkim-4.cisco.com ([171.71.179.196]) by sj-iport-6.cisco.com with ESMTP; 24 Dec 2008 01:06:34 +0000
Received: from sj-core-1.cisco.com (sj-core-1.cisco.com [171.71.177.237]) by sj-dkim-4.cisco.com (8.12.11/8.12.11) with ESMTP id mBO16YdL001630 for <opsec@ietf.org>; Tue, 23 Dec 2008 17:06:34 -0800
Received: from xbh-sjc-221.amer.cisco.com (xbh-sjc-221.cisco.com [128.107.191.63]) by sj-core-1.cisco.com (8.13.8/8.13.8) with ESMTP id mBO16YFh016923 for <opsec@ietf.org>; Wed, 24 Dec 2008 01:06:34 GMT
Received: from xfe-sjc-211.amer.cisco.com ([171.70.151.174]) by xbh-sjc-221.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.1830); Tue, 23 Dec 2008 17:06:34 -0800
Received: from [10.21.147.221] ([10.21.147.221]) by xfe-sjc-211.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.1830); Tue, 23 Dec 2008 17:06:34 -0800
Message-ID: <49518B19.4050803@cisco.com>
Date: Tue, 23 Dec 2008 17:06:33 -0800
From: Michael Barnes <mjbarnes@cisco.com>
User-Agent: Thunderbird 2.0.0.14 (X11/20080501)
MIME-Version: 1.0
To: opsec@ietf.org
X-OriginalArrivalTime: 24 Dec 2008 01:06:34.0439 (UTC) FILETIME=[DD384570:01C96563]
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; l=1164; t=1230080794; x=1230944794; c=relaxed/simple; s=sjdkim4002; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=mjbarnes@cisco.com; z=From:=20Michael=20Barnes=20<mjbarnes@cisco.com> |Subject:=20FW=3A=20[OPSEC]=20minutes=20part=202 |Sender:=20; bh=uxW7t7eqUGccr3duek8RzQe9DDloDUmzmaIg96H+q9w=; b=cQJ2b4S0IhtEs5HLInsRDQKDMcxQXlrFR5ZUfS3cNuYJSol/+8maDgnIZE RjxZwmFVBxl9dFLwNG9IHk7UVIU3uFj6V5jZaZyFcVldPzSwlboqt+xLrgKd D+yT89BIMR;
Authentication-Results: sj-dkim-4; header.From=mjbarnes@cisco.com; dkim=pass ( sig from cisco.com/sjdkim4002 verified; );
X-Mailman-Approved-At: Tue, 23 Dec 2008 20:35:44 -0800
Subject: [OPSEC] FW: minutes part 2
X-BeenThere: opsec@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: opsec wg mailing list <opsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/opsec>, <mailto:opsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/pipermail/opsec>
List-Post: <mailto:opsec@ietf.org>
List-Help: <mailto:opsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsec>, <mailto:opsec-request@ietf.org?subject=subscribe>
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"; Format="flowed"
Sender: opsec-bounces@ietf.org
Errors-To: opsec-bounces@ietf.org

> -----Original Message-----
> From: opsec-bounces@ietf.org [mailto:opsec-bounces@ietf.org] 
> On Behalf Of R Atkinson
> Sent: Wednesday, December 17, 2008 6.58 AM
> To: opsec@ietf.org
> Subject: Re: [OPSEC] minutes part 2
> 
> 
> Vishwas,
> 
> Can we please get answers to these questions -- which in fact
> are entirely on topic for the OPsec WG, since they are all
> operational security matters ?
> 
> (Single quotes are from me; double-quotes are from Vishwas'
> earlier emails.)

<snip>

> 4:  Availability of SHA mechanisms for IGP authentication
> > Further, there are no known shipping implementations of
> > SHA authentication for any IETF-specified IGP.
> > (I don't know of any that are even "in progress".)
> >> We know of a few including a big router vendor. :))
> 
> Which ?  How many ?  When ?
> Are they shipping now or in progress now ?

I am working on an enhancement to use HMAC SHA for OSPF authentication, 
based on the document to which I'm a co-author. This is a "spare time" 
project for me so I don't have an ETA. We do have customers who have 
expressed interest in this enhancement.

Regards,
Michael
_______________________________________________
OPSEC mailing list
OPSEC@ietf.org
https://www.ietf.org/mailman/listinfo/opsec

v2.23.0 | Report a Bug | By Email