[OSPF] Fwd: New Version Notification for draft-ietf-ospf-security-extension-manual-keying-06.txt

Acee Lindem <acee.lindem@ericsson.com> Mon, 25 November 2013 19:19 UTC

Return-Path: <acee.lindem@ericsson.com>
X-Original-To: ospf@ietfa.amsl.com
Delivered-To: ospf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 028471ADFC0 for <ospf@ietfa.amsl.com>; Mon, 25 Nov 2013 11:19:09 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.4
X-Spam-Level:
X-Spam-Status: No, score=0.4 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, MANGLED_SAVELE=2.3, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BJ9HKl8JbY8D for <ospf@ietfa.amsl.com>; Mon, 25 Nov 2013 11:19:07 -0800 (PST)
Received: from usevmg21.ericsson.net (usevmg21.ericsson.net [198.24.6.65]) by ietfa.amsl.com (Postfix) with ESMTP id E573D1ADFFA for <ospf@ietf.org>; Mon, 25 Nov 2013 11:19:06 -0800 (PST)
X-AuditID: c6180641-b7fbd8e0000011cc-bb-5293a2a8d248
Received: from EUSAAHC006.ericsson.se (Unknown_Domain [147.117.188.90]) by usevmg21.ericsson.net (Symantec Mail Security) with SMTP id 7E.B6.04556.8A2A3925; Mon, 25 Nov 2013 20:19:04 +0100 (CET)
Received: from EUSAAMB101.ericsson.se ([147.117.188.118]) by EUSAAHC006.ericsson.se ([147.117.188.90]) with mapi id 14.02.0328.009; Mon, 25 Nov 2013 14:19:02 -0500
From: Acee Lindem <acee.lindem@ericsson.com>
To: OSPF List <ospf@ietf.org>
Thread-Topic: New Version Notification for draft-ietf-ospf-security-extension-manual-keying-06.txt
Thread-Index: AQHO6g/AHPMlLhExu0eAXbb/XnEZBw==
Date: Mon, 25 Nov 2013 19:19:02 +0000
Message-ID: <94A203EA12AECE4BA92D42DBFFE0AE4703101C99@eusaamb101.ericsson.se>
References: <20131125185413.14059.39253.idtracker@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [147.117.188.134]
Content-Type: multipart/alternative; boundary="_000_94A203EA12AECE4BA92D42DBFFE0AE4703101C99eusaamb101erics_"
MIME-Version: 1.0
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFjrLLMWRmVeSWpSXmKPExsUyuXRPlO6KRZODDL5cM7douXeP3YHRY8mS n0wBjFFcNimpOZllqUX6dglcGdtuPmAqeOFcsWVqF2MD42frLkZODgkBE4krL7cyQthiEhfu rWfrYuTiEBI4wijxbEcTO0hCSGA5o8TSiQUgNpuAjsTzR/+YQWwRAVmJpUv2s4LYwgIpEu1X ZrBDxFMk+ra+YIKw9STOfXvCBmKzCKhKrFrYDBbnFfCVuHTkGRvEfEeJ75c/g/UyAh3x/dQa sBpmAXGJW0/mM0EcJyCxZM95ZghbVOLl43+sELayxJIn+1m6GDmA6vMlzny2hRgvKHFy5hOW CYzCs5BMmoVQNQtJFUSJjsSC3Z/YIGxtiWULXzPD2GcOPGaCsK0lPn78wYKsZgEjxypGjtLi 1LLcdCPDTYzAKDkmwea4g3HBJ8tDjNIcLErivF/eOgcJCaQnlqRmp6YWpBbFF5XmpBYfYmTi 4JRqYCxI2LTkdpmyKK+tzZKAw+I+SpnWYhsm5Dove9dfPLfV1Oz/1pCjnosai/v4F8yX55uQ /YEne+6Jm1sLz/pNDduicqr02y05X6+Tk+O9L1rm2Vj5T0maG9+qNkujlomFfdbEAJ7/qQYt +b8DXS6VXK39mhpptN6uWnTvTK9ZRgkVyQeLzbOvKbEUZyQaajEXFScCABIt4pFgAgAA
Subject: [OSPF] Fwd: New Version Notification for draft-ietf-ospf-security-extension-manual-keying-06.txt
X-BeenThere: ospf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: The Official IETF OSPG WG Mailing List <ospf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ospf>, <mailto:ospf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ospf/>
List-Post: <mailto:ospf@ietf.org>
List-Help: <mailto:ospf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ospf>, <mailto:ospf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 25 Nov 2013 19:19:09 -0000

This version includes the key table clarifications to packet transmission and reception that I talked about in the IETF 88 OSPF WG meeting. Hopefully, we can WG last call this draft soon.
Thanks,
Acee

Begin forwarded message:

From: <internet-drafts@ietf.org<mailto:internet-drafts@ietf.org>>
Date: November 25, 2013 1:54:13 PM EST
To: Manav Bhatia <manav.bhatia@alcatel-lucent.com<mailto:manav.bhatia@alcatel-lucent.com>>, Sam Hartman <hartmans@painless-security.com<mailto:hartmans@painless-security.com>>, Dacheng Zhang <zhangdacheng@huawei.com<mailto:zhangdacheng@huawei.com>>, Acee Lindem <acee.lindem@ericsson.com<mailto:acee.lindem@ericsson.com>>
Subject: New Version Notification for draft-ietf-ospf-security-extension-manual-keying-06.txt


A new version of I-D, draft-ietf-ospf-security-extension-manual-keying-06.txt
has been successfully submitted by Manav Bhatia and posted to the
IETF repository.

Filename: draft-ietf-ospf-security-extension-manual-keying
Revision: 06
Title: Security Extension for OSPFv2 when using Manual Key Management
Creation date: 2013-11-25
Group: ospf
Number of pages: 13
URL:             http://www.ietf.org/internet-drafts/draft-ietf-ospf-security-extension-manual-keying-06.txt
Status:          http://datatracker.ietf.org/doc/draft-ietf-ospf-security-extension-manual-keying
Htmlized:        http://tools.ietf.org/html/draft-ietf-ospf-security-extension-manual-keying-06
Diff:            http://www.ietf.org/rfcdiff?url2=draft-ietf-ospf-security-extension-manual-keying-06

Abstract:
  The current OSPFv2 cryptographic authentication mechanism as defined
  in RFC 2328 and RFC 5709 is vulnerable to both inter-session and
  intra-session replay attacks when using manual keying.  Additionally,
  the existing cryptographic authentication schemes do not cover the IP
  header.  This omission can be exploited to carry out various types of
  attacks.

  This draft proposes changes to the authentication sequence number
  mechanism that will protect OSPFv2 from both inter-session and intra-
  session replay attacks when using manual keys for securing OSPFv2
  protocol packets.  Additionally, we also describe some changes in the
  cryptographic hash computation so that we eliminate most attacks that
  result from OSPFv2 not protecting the IP header.




Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org<http://tools.ietf.org>.

The IETF Secretariat