Re: [OSPF] FW: New Version Notification for draft-ietf-ospf-security-extension-manual-keying-09.txt
Alia Atlas <akatlas@gmail.com> Tue, 07 October 2014 14:47 UTC
Return-Path: <akatlas@gmail.com>
X-Original-To: ospf@ietfa.amsl.com
Delivered-To: ospf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9DAF21A1BB4 for <ospf@ietfa.amsl.com>; Tue, 7 Oct 2014 07:47:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.485
X-Spam-Level:
X-Spam-Status: No, score=-0.485 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001, URIBL_RHS_DOB=1.514] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tkRatgJxAGMn for <ospf@ietfa.amsl.com>; Tue, 7 Oct 2014 07:47:48 -0700 (PDT)
Received: from mail-wi0-x22d.google.com (mail-wi0-x22d.google.com [IPv6:2a00:1450:400c:c05::22d]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B547D1A6F90 for <ospf@ietf.org>; Tue, 7 Oct 2014 07:47:47 -0700 (PDT)
Received: by mail-wi0-f173.google.com with SMTP id fb4so8130838wid.0 for <ospf@ietf.org>; Tue, 07 Oct 2014 07:47:46 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=JRA9r45DCegYojLkwqSiL+V/idZE5w/nrYqR3RLx/3c=; b=hlgriqn5JomraJmAEwXF97No31X1Uup4mcEzsP3eID4dLMG5xYc6ALoPpy91Fl1cD3 xQEKrmVf+Hqsc0ULGBVHo3a7z1twValkGX0MFSgIAJXRmf29xdSKz2W9r0BX/etWXLXa l9v2JoyBILxna0C22RsGzHu41rlJZfSNFCMMUGq7PdCngOPbkzOW/WwLAD182C46pRRf m0Q0X3hxZTR1OzJkE2FjZKP5V7IUgH3WAaszcsnHyT0lhysJDsUQctzGzs0FEaDTMlcl vGaHpKQU+rzD+LOpLg2AlbXrOw68FiXxwUs3oRJswZpTrIW87N7bDZr3uIBJqXRjHi2t NTbA==
MIME-Version: 1.0
X-Received: by 10.194.184.111 with SMTP id et15mr5495629wjc.14.1412693266181; Tue, 07 Oct 2014 07:47:46 -0700 (PDT)
Received: by 10.217.69.138 with HTTP; Tue, 7 Oct 2014 07:47:46 -0700 (PDT)
In-Reply-To: <D0596902.440E%acee@cisco.com>
References: <20141007103803.28280.59076.idtracker@ietfa.amsl.com> <D0596902.440E%acee@cisco.com>
Date: Tue, 07 Oct 2014 10:47:46 -0400
Message-ID: <CAG4d1rdUr-Aqhxz31QQ9hzpqgFSwtGoYcBPdn+u4jY6uudy6ww@mail.gmail.com>
From: Alia Atlas <akatlas@gmail.com>
To: "Acee Lindem (acee)" <acee@cisco.com>
Content-Type: multipart/alternative; boundary="047d7ba97e9a4eb38f0504d64832"
Archived-At: http://mailarchive.ietf.org/arch/msg/ospf/j-hlCWm0fLqShuyJcGtDPilu5pU
Cc: OSPF WG List <ospf@ietf.org>
Subject: Re: [OSPF] FW: New Version Notification for draft-ietf-ospf-security-extension-manual-keying-09.txt
X-BeenThere: ospf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: The Official IETF OSPG WG Mailing List <ospf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ospf>, <mailto:ospf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ospf/>
List-Post: <mailto:ospf@ietf.org>
List-Help: <mailto:ospf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ospf>, <mailto:ospf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Oct 2014 14:47:49 -0000
Acee, Looks good - thanks! Alia On Tue, Oct 7, 2014 at 9:56 AM, Acee Lindem (acee) <acee@cisco.com> wrote: > This version just addresses Alia¹s AD review comments. The draft is in > IESG Last Call. > Thanks, > Acee > > On 10/7/14, 6:38 AM, "internet-drafts@ietf.org" <internet-drafts@ietf.org> > wrote: > > > > >A new version of I-D, > >draft-ietf-ospf-security-extension-manual-keying-09.txt > >has been successfully submitted by Manav Bhatia and posted to the > >IETF repository. > > > >Name: draft-ietf-ospf-security-extension-manual-keying > >Revision: 09 > >Title: Security Extension for OSPFv2 when using Manual Key > Management > >Document date: 2014-10-06 > >Group: ospf > >Pages: 13 > >URL: > > > http://www.ietf.org/internet-drafts/draft-ietf-ospf-security-extension-man > >ual-keying-09.txt > >Status: > > > https://datatracker.ietf.org/doc/draft-ietf-ospf-security-extension-manual > >-keying/ > >Htmlized: > > > http://tools.ietf.org/html/draft-ietf-ospf-security-extension-manual-keyin > >g-09 > >Diff: > > > http://www.ietf.org/rfcdiff?url2=draft-ietf-ospf-security-extension-manual > >-keying-09 > > > >Abstract: > > The current OSPFv2 cryptographic authentication mechanism as defined > > in RFC 2328 and RFC 5709 is vulnerable to both inter-session and > > intra-session replay attacks when using manual keying. Additionally, > > the existing cryptographic authentication mechanism does not cover > > the IP header. This omission can be exploited to carry out various > > types of attacks. > > > > This draft proposes changes to the authentication sequence number > > mechanism that will protect OSPFv2 from both inter-session and intra- > > session replay attacks when using manual keys for securing OSPFv2 > > protocol packets. Additionally, we also describe some changes in the > > cryptographic hash computation that will eliminate attacks resulting > > from OSPFv2 not protecting the IP header. > > > > > > > > > > > >Please note that it may take a couple of minutes from the time of > >submission > >until the htmlized version and diff are available at tools.ietf.org. > > > >The IETF Secretariat > > > > _______________________________________________ > OSPF mailing list > OSPF@ietf.org > https://www.ietf.org/mailman/listinfo/ospf >
- [OSPF] FW: New Version Notification for draft-iet… Acee Lindem (acee)
- Re: [OSPF] FW: New Version Notification for draft… Alia Atlas