[tcpm] I-D Action:draft-ietf-tcpm-tcp-auth-opt-04.txt
Internet-Drafts@ietf.org Mon, 09 March 2009 19:00 UTC
Return-Path: <root@core3.amsl.com>
X-Original-To: tcpm@ietf.org
Delivered-To: tcpm@core3.amsl.com
Received: by core3.amsl.com (Postfix, from userid 0) id 9B1F93A69DE; Mon, 9 Mar 2009 12:00:01 -0700 (PDT)
From: Internet-Drafts@ietf.org
To: i-d-announce@ietf.org
Content-Type: Multipart/Mixed; Boundary="NextPart"
Mime-Version: 1.0
Message-Id: <20090309190001.9B1F93A69DE@core3.amsl.com>
Date: Mon, 09 Mar 2009 12:00:01 -0700
Cc: tcpm@ietf.org
Subject: [tcpm] I-D Action:draft-ietf-tcpm-tcp-auth-opt-04.txt
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tcpm>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Mar 2009 19:00:01 -0000
A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the TCP Maintenance and Minor Extensions Working Group of the IETF. Title : The TCP Authentication Option Author(s) : J. Touch, et al. Filename : draft-ietf-tcpm-tcp-auth-opt-04.txt Pages : 48 Date : 2009-03-09 This document specifies the TCP Authentication Option (TCP-AO), which obsoletes the TCP MD5 Signature option of RFC-2385 (TCP MD5). TCP-AO specifies the use of stronger Message Authentication Codes (MACs), protects against replays even for long-lived TCP connections, and provides more details on the association of security with TCP connections than TCP MD5. TCP-AO is compatible with either static master key configuration or an external, out-of-band master key management mechanism; in either case, TCP-AO also protects connections when using the same master key across repeated instances of a connection, using traffic keys derived from the master key, and coordinates key changes between endpoints. The result is intended to support current infrastructure uses of TCP MD5, such as to protect long-lived connections (as used, e.g., in BGP and LDP), and to support a larger set of MACs with minimal other system and operational changes. TCP-AO uses its own option identifier, even though used mutually exclusive of TCP MD5 on a given TCP connection. TCP-AO supports IPv6, and is fully compatible with the requirements for the replacement of TCP MD5. A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-tcpm-tcp-auth-opt-04.txt Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft.
- [tcpm] I-D Action:draft-ietf-tcpm-tcp-auth-opt-04… Internet-Drafts
- Re: [tcpm] I-D Action:draft-ietf-tcpm-tcp-auth-op… Joe Touch
- Re: [tcpm] I-D Action:draft-ietf-tcpm-tcp-auth-op… Eddy, Wesley M. (GRC-RCN0)[Verizon]