IETF Logo Mail Archive

Re: draft-ietf-ospf-ospfv3-auth-04.txt

Abhay Roy <akr@CISCO.COM> Sun, 11 July 2004 20:09 UTC

Received: from cherry.ease.lsoft.com (cherry.ease.lsoft.com [209.119.0.109]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id QAA10371 for <ospf-archive@LISTS.IETF.ORG>; Sun, 11 Jul 2004 16:09:15 -0400 (EDT)
Received: from vms.dc.lsoft.com (209.119.0.2) by cherry.ease.lsoft.com (LSMTP for Digital Unix v1.1b) with SMTP id <11.00E101C8@cherry.ease.lsoft.com>; 11 Jul 2004 16:09:14 -0400
Received: from PEACH.EASE.LSOFT.COM by PEACH.EASE.LSOFT.COM (LISTSERV-TCP/IP release 1.8e) with spool id 25437843 for OSPF@PEACH.EASE.LSOFT.COM; Sun, 11 Jul 2004 16:09:12 -0400
Received: from 171.71.176.72 by WALNUT.EASE.LSOFT.COM (SMTPL release 1.0i) with TCP; Sun, 11 Jul 2004 16:09:12 -0400
Received: from sj-core-5.cisco.com (171.71.177.238) by sj-iport-3.cisco.com with ESMTP; 11 Jul 2004 13:10:24 +0000
X-BrightmailFiltered: true
Received: from mira-sjc5-b.cisco.com (IDENT:mirapoint@mira-sjc5-b.cisco.com [171.71.163.14]) by sj-core-5.cisco.com (8.12.10/8.12.6) with ESMTP id i6BK9At1008767 for <OSPF@PEACH.EASE.LSOFT.COM>; Sun, 11 Jul 2004 13:09:10 -0700 (PDT)
Received: from irp-view9.cisco.com (irp-view9.cisco.com [171.70.65.147]) by mira-sjc5-b.cisco.com (MOS 3.4.5-GR) with ESMTP id AVG27838; Sun, 11 Jul 2004 13:07:59 -0700 (PDT)
References: <BB6D74C75CC76A419B6D6FA7C38317B22E8117@sinett-sbs.SiNett.LAN>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"
Message-ID: <Pine.GSO.4.58.0407111304170.5768@irp-view9.cisco.com>
Date: Sun, 11 Jul 2004 13:09:09 -0700
Reply-To: Mailing List <OSPF@PEACH.EASE.LSOFT.COM>
Sender: Mailing List <OSPF@PEACH.EASE.LSOFT.COM>
From: Abhay Roy <akr@CISCO.COM>
Subject: Re: draft-ietf-ospf-ospfv3-auth-04.txt
To: OSPF@PEACH.EASE.LSOFT.COM
In-Reply-To: <BB6D74C75CC76A419B6D6FA7C38317B22E8117@sinett-sbs.SiNett.LAN>
Precedence: list

Vishwas,

As the draft stands today, it doesn't venture into the security
mechanism(s). I guess we need to add something. My preference will
be to stick with IPSec even for OSPFv3 IPv4 AF (irrespective of
ipv4 or ipv6 transport).

Regards,
-Roy-

On 07/05/04-0700 at 10:41pm, Vishwas Manral writes:

> Hi Abhay,
>
> Good point, didnt know the draft was actually out(actually I
> think Sina/Michael actually started working on it togather a
> long long while back before the idea was dropped). Just curious
> would we still use IPSec or would we use the current
> authentication mechanism?
>
> To add further, we intend to add a draft to allow out of order
> sequence of packets with authentication enabled like in IPSec
> for OSPFv2 too. (IP does not guarentee inorder dilevery
> anyway/besides we can allow for packet prioritization)
>
> Thanks,
> Vishwas
>
> -----Original Message-----
> From: Mailing List [mailto:OSPF@PEACH.EASE.LSOFT.COM]On Behalf Of Abhay
> Roy
> Sent: Tuesday, July 06, 2004 11:04 AM
> To: OSPF@PEACH.EASE.LSOFT.COM
> Subject: Re: draft-ietf-ospf-ospfv3-auth-04.txt
>
>
> On 07/05/04-0500 at 2:19pm, Mukesh.Gupta@NOKIA.COM writes:
>
> > Hi Vishwas,
> >
> > Thanks for the comments.  Please see my comments inline..
> >
> > > 1. I am not sure we should have a statement which says OSPFv3
> > > is only for IPv6.
> > > "As OSPFv2 is only for IPv4 and OSPFv3 is only for IPv6,
> > > the distinction between the packets can be easily made by
> > > IP version. "
> >
> > Do you have a replacement statement that you would prefer ?
> > As the IP protocol type value for OSPF and OSPFv3 is same,
> > we have to depend upon the IP version to separate OSPF and
> > OSPFv3 packets.
>
> Just FYI, we can run OSPFv3 using IPv4 transport (see section 9 of
> draft-mirtorabi-ospfv3-af-alt-01.txt). In which case the demux
> will be based on OSPF protocol version.
>
> Regards,
> -Roy-
>

v2.23.0 | Report a Bug | By Email