Re: [OSPF] Revised OSPF HMAC SHA Authentication Draft
Russ White <riw@cisco.com> Tue, 22 August 2006 23:56 UTC
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1GFg73-0005tL-RJ; Tue, 22 Aug 2006 19:56:53 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GFg73-0005tG-1g for ospf@ietf.org; Tue, 22 Aug 2006 19:56:53 -0400
Received: from stsc1260-eth-s1-s1p1-vip.va.neustar.com ([156.154.16.129] helo=chiedprmail1.ietf.org) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GFdaL-0004G8-1D for ospf@ietf.org; Tue, 22 Aug 2006 17:14:57 -0400
Received: from rtp-iport-2.cisco.com ([64.102.122.149]) by chiedprmail1.ietf.org with esmtp (Exim 4.43) id 1GFdTd-0002mx-8D for ospf@ietf.org; Tue, 22 Aug 2006 17:08:06 -0400
Received: from rtp-dkim-2.cisco.com ([64.102.121.159]) by rtp-iport-2.cisco.com with ESMTP; 22 Aug 2006 17:08:01 -0400
X-IronPort-AV: i="4.08,156,1154923200"; d="scan'208"; a="98111261:sNHT29993416"
Received: from rtp-core-1.cisco.com (rtp-core-1.cisco.com [64.102.124.12]) by rtp-dkim-2.cisco.com (8.12.11.20060308/8.12.11) with ESMTP id k7ML80B6024023; Tue, 22 Aug 2006 17:08:00 -0400
Received: from [10.82.225.37] (rtp-vpn1-293.cisco.com [10.82.225.37]) by rtp-core-1.cisco.com (8.12.10/8.12.6) with ESMTP id k7ML7xdM006178; Tue, 22 Aug 2006 17:08:00 -0400 (EDT)
Message-ID: <44EB7216.3080008@cisco.com>
Date: Tue, 22 Aug 2006 17:07:34 -0400
From: Russ White <riw@cisco.com>
User-Agent: Thunderbird 1.5.0.5 (Windows/20060719)
MIME-Version: 1.0
To: Acee Lindem <acee@cisco.com>
Subject: Re: [OSPF] Revised OSPF HMAC SHA Authentication Draft
References: <6ed23a860608210420h19486857i748aa01cf65a91c9@mail.gmail.com> <20060821142220.63912.qmail@web25406.mail.ukl.yahoo.com> <6ed23a860608210951m6104514fw16ba3215e45df7eb@mail.gmail.com> <44EB5EA3.2030102@cisco.com>
In-Reply-To: <44EB5EA3.2030102@cisco.com>
X-Enigmail-Version: 0.94.0.0
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
DKIM-Signature: a=rsa-sha1; q=dns; l=961; t=1156280880; x=1157144880; c=relaxed/simple; s=rtpdkim2001; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=riw@cisco.com; z=From:Russ=20White=20<riw@cisco.com> |Subject:Re=3A=20[OSPF]=20Revised=20OSPF=20HMAC=20SHA=20Authentication=20Draft |To:Acee=20Lindem=20<acee@cisco.com>; X=v=3Dcisco.com=3B=20h=3DAqS1vbJlmT3NFer5CGieez00nGs=3D; b=ZSnplwCPS4tdjGzBXEoc43d8jyJXDgUCTQ2JYm73z/Yk08xaUrA/5H33VafNPfH6qcJf/xoW 5Za0Y/LzSziO3zzA+ZGvrqVCvI+tBRAsb0ziuX1wr1iftRx05k8hjoVh;
Authentication-Results: rtp-dkim-2.cisco.com; header.From=riw@cisco.com; dkim=pass ( 27 extraneous bytes; sig from cisco.com verified; );
X-Spam-Score: -2.3 (--)
X-Scan-Signature: e5ba305d0e64821bf3d8bc5d3bb07228
Cc: ospf@ietf.org
X-BeenThere: ospf@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: The Official IETF OSPG WG Mailing List <ospf.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ospf>, <mailto:ospf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/ospf>
List-Post: <mailto:ospf@ietf.org>
List-Help: <mailto:ospf-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ospf>, <mailto:ospf-request@ietf.org?subject=subscribe>
Errors-To: ospf-bounces@ietf.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 > I'd also vote against this since the standardized definition of > cryptographic authentication (AuType = 2) was designed to accommodate > different hash algorithms. Based on the discussion heretofore, it > seems that its definition satisfies this requirement. Additionally, I > don't see any compatibility problems with implementations > unequivocally map AuType 2 to MD5 authentication. As one would > expect, authentication will fail (at least with a very high > probability :^) if there is a mismatch between configured hash > algorithms. Agreed--I would agree this is the best way to handle this. :-) Russ - -- riw@cisco.com CCIE <>< Grace Alone -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFE63IWER27sUhU9OQRAlQ9AKDMTNxCGSlvsYfm13dimdbPkZUBMwCgxLPO kG7cKpSwagLsx+4T2ZjbB+Q= =wtHk -----END PGP SIGNATURE----- _______________________________________________ OSPF mailing list OSPF@ietf.org https://www1.ietf.org/mailman/listinfo/ospf
- [OSPF] Revised OSPF HMAC SHA Authentication Draft Vishwas Manral
- Re: [OSPF] Revised OSPF HMAC SHA Authentication D… Erblichs
- Re: [OSPF] Revised OSPF HMAC SHA Authentication D… Manav Bhatia
- Re: [OSPF] Revised OSPF HMAC SHA Authentication D… Erblichs
- Re: [OSPF] Revised OSPF HMAC SHA Authentication D… Manav Bhatia
- Re: [OSPF] Revised OSPF HMAC SHA Authentication D… Phil Cowburn
- Re: [OSPF] Revised OSPF HMAC SHA Authentication D… Acee Lindem
- Re: [OSPF] Revised OSPF HMAC SHA Authentication D… Phil Cowburn
- Re: [OSPF] Revised OSPF HMAC SHA Authentication D… tom.petch
- Re: [OSPF] Revised OSPF HMAC SHA Authentication D… Tom Sanders
- Re: [OSPF] Revised OSPF HMAC SHA Authentication D… Manav Bhatia
- Re: [OSPF] Revised OSPF HMAC SHA Authentication D… Tom Sanders
- Re: [OSPF] Revised OSPF HMAC SHA Authentication D… Michael J Barnes
- Re: [OSPF] Revised OSPF HMAC SHA Authentication D… Acee Lindem
- Re: [OSPF] Revised OSPF HMAC SHA Authentication D… Russ White
- RE: [OSPF] Revised OSPF HMAC SHA Authentication D… sujay
- Re: [OSPF] Revised OSPF HMAC SHA Authentication D… Manav Bhatia
- RE: [OSPF] Revised OSPF HMAC SHA Authentication D… Manav Bhatia
- RE: [OSPF] Revised OSPF HMAC SHA Authentication D… sujay
- RE: [OSPF] Revised OSPF HMAC SHA Authentication D… sujay
- Re: [OSPF] Revised OSPF HMAC SHA Authentication D… Dave Katz
- Re: [OSPF] Revised OSPF HMAC SHA Authentication D… Paul Jakma
- Re: [OSPF] Revised OSPF HMAC SHA Authentication D… Vishwas Manral
- RE: [OSPF] Revised OSPF HMAC SHA Authentication D… sujay
- Re: [OSPF] Revised OSPF HMAC SHA Authentication D… Vishwas Manral
- Re: [OSPF] Revised OSPF HMAC SHA Authentication D… Erblichs
- Re: [OSPF] Revised OSPF HMAC SHA Authentication D… Vishwas Manral
- Re: [OSPF] Revised OSPF HMAC SHA Authentication D… Tom Sanders
- Re: [OSPF] Revised OSPF HMAC SHA Authentication D… Tom Sanders
- Re: [OSPF] Revised OSPF HMAC SHA Authentication D… Acee Lindem