Re: [OSPF] New Version Notification for draft-acee-ospf-rfc6506bis-01.txt

Acee Lindem <acee.lindem@ericsson.com> Thu, 09 May 2013 18:03 UTC

Return-Path: <acee.lindem@ericsson.com>
X-Original-To: ospf@ietfa.amsl.com
Delivered-To: ospf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BB01521F93A5 for <ospf@ietfa.amsl.com>; Thu, 9 May 2013 11:03:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id O0vLoOPEYN-T for <ospf@ietfa.amsl.com>; Thu, 9 May 2013 11:03:19 -0700 (PDT)
Received: from usevmg21.ericsson.net (usevmg21.ericsson.net [198.24.6.65]) by ietfa.amsl.com (Postfix) with ESMTP id 0E48F21F9378 for <ospf@ietf.org>; Thu, 9 May 2013 11:03:18 -0700 (PDT)
X-AuditID: c6180641-b7f906d000003e3f-02-518be4e4c5a4
Received: from EUSAAHC001.ericsson.se (Unknown_Domain [147.117.188.75]) by usevmg21.ericsson.net (Symantec Mail Security) with SMTP id 7D.BC.15935.4E4EB815; Thu, 9 May 2013 20:03:16 +0200 (CEST)
Received: from EUSAAMB101.ericsson.se ([147.117.188.118]) by EUSAAHC001.ericsson.se ([147.117.188.75]) with mapi id 14.02.0328.009; Thu, 9 May 2013 14:03:15 -0400
From: Acee Lindem <acee.lindem@ericsson.com>
To: OSPF List <ospf@ietf.org>
Thread-Topic: New Version Notification for draft-acee-ospf-rfc6506bis-01.txt
Thread-Index: AQHOTNzGePD/nn9nkU6Nq3KyxwKnJpj9aEUA
Date: Thu, 09 May 2013 18:03:14 +0000
Message-ID: <94A203EA12AECE4BA92D42DBFFE0AE4713F940@eusaamb101.ericsson.se>
References: <20130509174336.13252.85872.idtracker@ietfa.amsl.com>
In-Reply-To: <20130509174336.13252.85872.idtracker@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [147.117.188.134]
Content-Type: text/plain; charset="us-ascii"
Content-ID: <39332360BA8AE64DBF6F06EA6AB5BD55@ericsson.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFnrDLMWRmVeSWpSXmKPExsUyuXSPt+6TJ92BBg+/SVjs2ido8fNLJ6tF y7177A7MHlN+b2T1aDnyltVjyZKfTAHMUVw2Kak5mWWpRfp2CVwZ3w59Yy24LFEx++EP5gbG buEuRk4OCQETiUffD7ND2GISF+6tZwOxhQSOMkos+RnTxcgFZC9jlPjy4xozSIJNQEfi+aN/ YLaIgKzE0iX7WUFsZoFEiWt/Z4ANEhbwljix7Qk7RI2PxIKV94BqOIBsI4nbNwJBwiwCKhIL OpaDtfIClV9eu4cFpERIwFFi2+9MkDCngJPEwiWvmEBsRqDTvp9awwSxSVzi1pP5TBAnC0gs 2XOeGcIWlXj5+B8rhK0sseTJfhaIeh2JBbs/sUHY1hLnLiyHsrUlli18zQxxgqDEyZlPWCYw is9CsmIWkvZZSNpnIWmfhaR9ASPrKkaO0uLUstx0I8NNjMAYOybB5riDccEny0OM0hwsSuK8 iVyNgUIC6YklqdmpqQWpRfFFpTmpxYcYmTg4pRoYrWT1FFxuvFm10FHPMdffpa/mwXG33qsG nts2BRUp+2YaO++50i65afnv6+4XvixQELU5cHVfVZJRwvvTLBb3Y195HC3+/qFBYLJs1HzX dJX3yhIypgJHbnmyr2W4qTiDV+eW1frZFe3MK/T0xVtq23mEnEz3/X+p/2v+LIto1zSpX0cm LJ+vxFKckWioxVxUnAgA4KaE3X8CAAA=
Cc: Srinivasan K K L <klsrinivasan@huawei.com>
Subject: Re: [OSPF] New Version Notification for draft-acee-ospf-rfc6506bis-01.txt
X-BeenThere: ospf@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: The Official IETF OSPG WG Mailing List <ospf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ospf>, <mailto:ospf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ospf>
List-Post: <mailto:ospf@ietf.org>
List-Help: <mailto:ospf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ospf>, <mailto:ospf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 09 May 2013 18:03:24 -0000

There have been a couple errata filed on RFC 6505 (authors copied). As a service to the 
OSPF community and in an effort to ensure interoperable OSPFv3 authentication 
trailer implementations, I have produced a BIS draft. The changes are listed in 
section 1.2:

1.2.  Summary of Changes from RFC 6506

   This document includes the following changes from RFC 6506 [RFC6506]:

   1.  Sections 2.2 and 4.2 explicitly state the Link-Local Signalling
       (LLS) block checksum calculation is omitted when an OSPFv3
       authentication is used.  The LLS block is included in the
       authentication digest calculation and computation of a checksum
       is unneccessary.  Clarification of this issue was raised in an
       errata.

   2.  Section 4.5 includes a correction to the key preparation to use
       the protocol specific key (Ks) rather than the key (K) as the
       initial key (Ko).  This problem was also raised in an errata.

   3.  Section 4.5 also includes a discussion of the choice of key
       length to be the hash length (L) rather than the block size (B).
       The discussion of this choice was included to clarify an issue
       raised in a rejected errata.

   4.  Section 4.1 indicates that sequence number checking is dependent
       on OSPFv3 packet type in order to account for packet
       prioritization as specified in [RFC4222].  This was an omission
       from RFC 6506.


I would like to quickly move this to an OSPF WG document and begin the review process. I'm now soliciting feedback on OSPF WG adoption. 

Thanks,
Acee 


On May 9, 2013, at 1:43 PM, <internet-drafts@ietf.org>
 wrote:

> 
> A new version of I-D, draft-acee-ospf-rfc6506bis-01.txt
> has been successfully submitted by Manav Bhatia and posted to the
> IETF repository.
> 
> Filename:	 draft-acee-ospf-rfc6506bis
> Revision:	 01
> Title:		 Supporting Authentication Trailer for OSPFv3
> Creation date:	 2013-05-09
> Group:		 Individual Submission
> Number of pages: 25
> URL:             http://www.ietf.org/internet-drafts/draft-acee-ospf-rfc6506bis-01.txt
> Status:          http://datatracker.ietf.org/doc/draft-acee-ospf-rfc6506bis
> Htmlized:        http://tools.ietf.org/html/draft-acee-ospf-rfc6506bis-01
> Diff:            http://www.ietf.org/rfcdiff?url2=draft-acee-ospf-rfc6506bis-01
> 
> Abstract:
>   Currently, OSPF for IPv6 (OSPFv3) uses IPsec as the only mechanism
>   for authenticating protocol packets.  This behavior is different from
>   authentication mechanisms present in other routing protocols (OSPFv2,
>   Intermediate System to Intermediate System (IS-IS), RIP, and Routing
>   Information Protocol Next Generation (RIPng)).  In some environments,
>   it has been found that IPsec is difficult to configure and maintain
>   and thus cannot be used.  This document defines an alternative
>   mechanism to authenticate OSPFv3 protocol packets so that OSPFv3 does
>   not only depend upon IPsec for authentication.  This document
>   obsoletes RFC 6506.
> 
> 
> 
> 
> The IETF Secretariat
>