Re: [OSPF] New Version Notification for draft-acee-ospf-rfc6506bis-01.txt
Michael Barnes <mjbarnes@cisco.com> Thu, 06 June 2013 20:12 UTC
Return-Path: <mjbarnes@cisco.com>
X-Original-To: ospf@ietfa.amsl.com
Delivered-To: ospf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C6E2F21F96DE for <ospf@ietfa.amsl.com>; Thu, 6 Jun 2013 13:12:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.599
X-Spam-Level:
X-Spam-Status: No, score=-10.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qth8AmWiez0z for <ospf@ietfa.amsl.com>; Thu, 6 Jun 2013 13:12:12 -0700 (PDT)
Received: from mtv-iport-4.cisco.com (mtv-iport-4.cisco.com [173.36.130.15]) by ietfa.amsl.com (Postfix) with ESMTP id 6468C21F96EB for <ospf@ietf.org>; Thu, 6 Jun 2013 13:12:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=3504; q=dns/txt; s=iport; t=1370549532; x=1371759132; h=message-id:date:from:mime-version:to:subject:references: in-reply-to:content-transfer-encoding; bh=ln/TN37D1pHrTaodJom2HvFK31Hq6CXyCTrNNOTDcak=; b=WUfMBYHCihLPSNGUBltKbOoqZV+N54BI4qJ2mVIy/+5/Av28xvPsML49 Cv5JNpjQdLgiwwC7idOWvrX0sjz35jZpUY0T/u67fx+/MgdUQyLIkX/XC F+Teoeb5lvfVDhhxoBOP6Nbt6nmwuAvn/867qslNIx2ZOr7PY7W9OZgqp 4=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AhMFAPTrsFGrRDoG/2dsb2JhbABZgwkwAUK/B3oWdIIjAQEBBAEBATU2CQERCxgJDAoPCQMCAQIBFTATBgIBAQULh3gIBbtRjzkKg1EDiSCKTYNSgSmEdYsigy8c
X-IronPort-AV: E=Sophos;i="4.87,817,1363132800"; d="scan'208";a="82913805"
Received: from mtv-core-1.cisco.com ([171.68.58.6]) by mtv-iport-4.cisco.com with ESMTP; 06 Jun 2013 20:12:11 +0000
Received: from [10.21.149.43] (sjc-vpn7-1323.cisco.com [10.21.149.43]) by mtv-core-1.cisco.com (8.14.5/8.14.5) with ESMTP id r56KC3fp009978 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for <ospf@ietf.org>; Thu, 6 Jun 2013 20:12:09 GMT
Message-ID: <51B0ED10.1090007@cisco.com>
Date: Thu, 06 Jun 2013 13:12:00 -0700
From: Michael Barnes <mjbarnes@cisco.com>
User-Agent: Mozilla/5.0 (X11; Linux i686; rv:17.0) Gecko/20130110 Thunderbird/17.0.2
MIME-Version: 1.0
To: ospf@ietf.org
References: <20130509174336.13252.85872.idtracker@ietfa.amsl.com> <94A203EA12AECE4BA92D42DBFFE0AE4713F940@eusaamb101.ericsson.se>
In-Reply-To: <94A203EA12AECE4BA92D42DBFFE0AE4713F940@eusaamb101.ericsson.se>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Subject: Re: [OSPF] New Version Notification for draft-acee-ospf-rfc6506bis-01.txt
X-BeenThere: ospf@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: The Official IETF OSPG WG Mailing List <ospf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ospf>, <mailto:ospf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ospf>
List-Post: <mailto:ospf@ietf.org>
List-Help: <mailto:ospf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ospf>, <mailto:ospf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 06 Jun 2013 20:12:16 -0000
I agree these are good changes. Acee, please move forward with this draft. Thanks, Michael On 05/09/2013 11:03 AM, Acee Lindem wrote: > There have been a couple errata filed on RFC 6505 (authors copied). As a service to the > OSPF community and in an effort to ensure interoperable OSPFv3 authentication > trailer implementations, I have produced a BIS draft. The changes are listed in > section 1.2: > > 1.2. Summary of Changes from RFC 6506 > > This document includes the following changes from RFC 6506 [RFC6506]: > > 1. Sections 2.2 and 4.2 explicitly state the Link-Local Signalling > (LLS) block checksum calculation is omitted when an OSPFv3 > authentication is used. The LLS block is included in the > authentication digest calculation and computation of a checksum > is unneccessary. Clarification of this issue was raised in an > errata. > > 2. Section 4.5 includes a correction to the key preparation to use > the protocol specific key (Ks) rather than the key (K) as the > initial key (Ko). This problem was also raised in an errata. > > 3. Section 4.5 also includes a discussion of the choice of key > length to be the hash length (L) rather than the block size (B). > The discussion of this choice was included to clarify an issue > raised in a rejected errata. > > 4. Section 4.1 indicates that sequence number checking is dependent > on OSPFv3 packet type in order to account for packet > prioritization as specified in [RFC4222]. This was an omission > from RFC 6506. > > > I would like to quickly move this to an OSPF WG document and begin the review process. I'm now soliciting feedback on OSPF WG adoption. > > Thanks, > Acee > > > On May 9, 2013, at 1:43 PM, <internet-drafts@ietf.org> > wrote: > >> >> A new version of I-D, draft-acee-ospf-rfc6506bis-01.txt >> has been successfully submitted by Manav Bhatia and posted to the >> IETF repository. >> >> Filename: draft-acee-ospf-rfc6506bis >> Revision: 01 >> Title: Supporting Authentication Trailer for OSPFv3 >> Creation date: 2013-05-09 >> Group: Individual Submission >> Number of pages: 25 >> URL: http://www.ietf.org/internet-drafts/draft-acee-ospf-rfc6506bis-01.txt >> Status: http://datatracker.ietf.org/doc/draft-acee-ospf-rfc6506bis >> Htmlized: http://tools.ietf.org/html/draft-acee-ospf-rfc6506bis-01 >> Diff: http://www.ietf.org/rfcdiff?url2=draft-acee-ospf-rfc6506bis-01 >> >> Abstract: >> Currently, OSPF for IPv6 (OSPFv3) uses IPsec as the only mechanism >> for authenticating protocol packets. This behavior is different from >> authentication mechanisms present in other routing protocols (OSPFv2, >> Intermediate System to Intermediate System (IS-IS), RIP, and Routing >> Information Protocol Next Generation (RIPng)). In some environments, >> it has been found that IPsec is difficult to configure and maintain >> and thus cannot be used. This document defines an alternative >> mechanism to authenticate OSPFv3 protocol packets so that OSPFv3 does >> not only depend upon IPsec for authentication. This document >> obsoletes RFC 6506. >> >> >> >> >> The IETF Secretariat >> > > _______________________________________________ > OSPF mailing list > OSPF@ietf.org > https://www.ietf.org/mailman/listinfo/ospf >
- Re: [OSPF] New Version Notification for draft-ace… Acee Lindem
- Re: [OSPF] New Version Notification for draft-ace… Michael Barnes
- Re: [OSPF] New Version Notification for draft-ace… Acee Lindem
- Re: [OSPF] New Version Notification for draft-ace… Marek Karasek (mkarasek)
- Re: [OSPF] New Version Notification for draft-ace… Acee Lindem
- Re: [OSPF] New Version Notification for draft-ace… Anton Smirnov
- Re: [OSPF] New Version Notification for draft-ace… Acee Lindem
- Re: [OSPF] New Version Notification for draft-ace… Acee Lindem
- Re: [OSPF] New Version Notification for draft-ace… Marek Karasek (mkarasek)
- Re: [OSPF] New Version Notification for draft-ace… Acee Lindem