| draft-ietf-bfd-optimizing-authentication-03.txt | draft-ietf-bfd-optimizing-authentication-04.txt | |||
|---|---|---|---|---|
| Network Working Group M. Jethanandani | Network Working Group M. Jethanandani | |||
| Internet-Draft Cisco Systems | Internet-Draft Cisco Systems | |||
| Intended status: Standards Track A. Mishra | Intended status: Standards Track A. Mishra | |||
| Expires: December 29, 2017 O3b Networks | Expires: May 25, 2018 O3b Networks | |||
| A. Saxena | A. Saxena | |||
| Ciena Corporation | Ciena Corporation | |||
| M. Bhatia | M. Bhatia | |||
| Ionos Networks | Ionos Networks | |||
| June 27, 2017 | November 21, 2017 | |||
| Optimizing BFD Authentication | Optimizing BFD Authentication | |||
| draft-ietf-bfd-optimizing-authentication-03 | draft-ietf-bfd-optimizing-authentication-04 | |||
| Abstract | Abstract | |||
| This document describes an optimization to BFD Authentication as | This document describes an optimization to BFD Authentication as | |||
| described in Section 6.7 of BFD [RFC5880]. | described in Section 6.7 of BFD [RFC5880]. | |||
| Requirements Language | Requirements Language | |||
| The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | |||
| "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this | "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this | |||
| document are to be interpreted as described in RFC 2119 [RFC2119]. | document are to be interpreted as described in RFC 2119 [RFC2119]. | |||
| Status of This Memo | Status of This Memo | |||
| This Internet-Draft is submitted in full conformance with the | This Internet-Draft is submitted in full conformance with the | |||
| provisions of BCP 78 and BCP 79. | provisions of BCP 78 and BCP 79. | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at http://datatracker.ietf.org/drafts/current/. | Drafts is at https://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on December 29, 2017. | This Internet-Draft will expire on May 25, 2018. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2017 IETF Trust and the persons identified as the | Copyright (c) 2017 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (http://trustee.ietf.org/license-info) in effect on the date of | (https://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| carefully, as they describe your rights and restrictions with respect | carefully, as they describe your rights and restrictions with respect | |||
| to this document. Code Components extracted from this document must | to this document. Code Components extracted from this document must | |||
| include Simplified BSD License text as described in Section 4.e of | include Simplified BSD License text as described in Section 4.e of | |||
| the Trust Legal Provisions and are provided without warranty as | the Trust Legal Provisions and are provided without warranty as | |||
| described in the Simplified BSD License. | described in the Simplified BSD License. | |||
| Table of Contents | Table of Contents | |||
| 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 | 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 | |||
| skipping to change at page 6, line 18 ¶ | skipping to change at page 6, line 18 ¶ | |||
| secure-sequence-numbers-00 (work in progress), May 2017. | secure-sequence-numbers-00 (work in progress), May 2017. | |||
| [I-D.ietf-bfd-stability] | [I-D.ietf-bfd-stability] | |||
| Mishra, A., Jethanandani, M., Saxena, A., Networks, J., | Mishra, A., Jethanandani, M., Saxena, A., Networks, J., | |||
| Chen, M., and P. Fan, "BFD Stability", draft-ietf-bfd- | Chen, M., and P. Fan, "BFD Stability", draft-ietf-bfd- | |||
| stability-00 (work in progress), May 2017. | stability-00 (work in progress), May 2017. | |||
| [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | |||
| Requirement Levels", BCP 14, RFC 2119, | Requirement Levels", BCP 14, RFC 2119, | |||
| DOI 10.17487/RFC2119, March 1997, | DOI 10.17487/RFC2119, March 1997, | |||
| <http://www.rfc-editor.org/info/rfc2119>. | <https://www.rfc-editor.org/info/rfc2119>. | |||
| [RFC6039] Manral, V., Bhatia, M., Jaeggli, J., and R. White, "Issues | [RFC6039] Manral, V., Bhatia, M., Jaeggli, J., and R. White, "Issues | |||
| with Existing Cryptographic Protection Methods for Routing | with Existing Cryptographic Protection Methods for Routing | |||
| Protocols", RFC 6039, DOI 10.17487/RFC6039, October 2010, | Protocols", RFC 6039, DOI 10.17487/RFC6039, October 2010, | |||
| <http://www.rfc-editor.org/info/rfc6039>. | <https://www.rfc-editor.org/info/rfc6039>. | |||
| [RFC6151] Turner, S. and L. Chen, "Updated Security Considerations | [RFC6151] Turner, S. and L. Chen, "Updated Security Considerations | |||
| for the MD5 Message-Digest and the HMAC-MD5 Algorithms", | for the MD5 Message-Digest and the HMAC-MD5 Algorithms", | |||
| RFC 6151, DOI 10.17487/RFC6151, March 2011, | RFC 6151, DOI 10.17487/RFC6151, March 2011, | |||
| <http://www.rfc-editor.org/info/rfc6151>. | <https://www.rfc-editor.org/info/rfc6151>. | |||
| [RFC6194] Polk, T., Chen, L., Turner, S., and P. Hoffman, "Security | [RFC6194] Polk, T., Chen, L., Turner, S., and P. Hoffman, "Security | |||
| Considerations for the SHA-0 and SHA-1 Message-Digest | Considerations for the SHA-0 and SHA-1 Message-Digest | |||
| Algorithms", RFC 6194, DOI 10.17487/RFC6194, March 2011, | Algorithms", RFC 6194, DOI 10.17487/RFC6194, March 2011, | |||
| <http://www.rfc-editor.org/info/rfc6194>. | <https://www.rfc-editor.org/info/rfc6194>. | |||
| 6.2. Informative References | 6.2. Informative References | |||
| [Dobb96a] Dobbertin, H., "Cryptanalysis of MD5 Compress", May 1996. | [Dobb96a] Dobbertin, H., "Cryptanalysis of MD5 Compress", May 1996. | |||
| [Dobb96b] Dobbertin, H., "The Status of MD5 After a Recent Attack", | [Dobb96b] Dobbertin, H., "The Status of MD5 After a Recent Attack", | |||
| CryptoBytes", 1996. | CryptoBytes", 1996. | |||
| [I-D.ietf-karp-design-guide] | [I-D.ietf-karp-design-guide] | |||
| Lebovitz, G. and M. Bhatia, "Keying and Authentication for | Lebovitz, G. and M. Bhatia, "Keying and Authentication for | |||
| skipping to change at page 7, line 12 ¶ | skipping to change at page 7, line 12 ¶ | |||
| Hash Functions MD4, MD5, HAVAL-128 and RIPEMD", August | Hash Functions MD4, MD5, HAVAL-128 and RIPEMD", August | |||
| 2004. | 2004. | |||
| [NIST-HMAC-SHA] | [NIST-HMAC-SHA] | |||
| National Institute of Standards and Technology, Available | National Institute of Standards and Technology, Available | |||
| online at http://csrc.nist.gov/groups/ST/hash/policy.html, | online at http://csrc.nist.gov/groups/ST/hash/policy.html, | |||
| "NIST's Policy on Hash Functions", 2006. | "NIST's Policy on Hash Functions", 2006. | |||
| [RFC1321] Rivest, R., "The MD5 Message-Digest Algorithm", RFC 1321, | [RFC1321] Rivest, R., "The MD5 Message-Digest Algorithm", RFC 1321, | |||
| DOI 10.17487/RFC1321, April 1992, | DOI 10.17487/RFC1321, April 1992, | |||
| <http://www.rfc-editor.org/info/rfc1321>. | <https://www.rfc-editor.org/info/rfc1321>. | |||
| [RFC2104] Krawczyk, H., Bellare, M., and R. Canetti, "HMAC: Keyed- | [RFC2104] Krawczyk, H., Bellare, M., and R. Canetti, "HMAC: Keyed- | |||
| Hashing for Message Authentication", RFC 2104, | Hashing for Message Authentication", RFC 2104, | |||
| DOI 10.17487/RFC2104, February 1997, | DOI 10.17487/RFC2104, February 1997, | |||
| <http://www.rfc-editor.org/info/rfc2104>. | <https://www.rfc-editor.org/info/rfc2104>. | |||
| [RFC4086] Eastlake 3rd, D., Schiller, J., and S. Crocker, | [RFC4086] Eastlake 3rd, D., Schiller, J., and S. Crocker, | |||
| "Randomness Requirements for Security", BCP 106, RFC 4086, | "Randomness Requirements for Security", BCP 106, RFC 4086, | |||
| DOI 10.17487/RFC4086, June 2005, | DOI 10.17487/RFC4086, June 2005, | |||
| <http://www.rfc-editor.org/info/rfc4086>. | <https://www.rfc-editor.org/info/rfc4086>. | |||
| [RFC4822] Atkinson, R. and M. Fanto, "RIPv2 Cryptographic | [RFC4822] Atkinson, R. and M. Fanto, "RIPv2 Cryptographic | |||
| Authentication", RFC 4822, DOI 10.17487/RFC4822, February | Authentication", RFC 4822, DOI 10.17487/RFC4822, February | |||
| 2007, <http://www.rfc-editor.org/info/rfc4822>. | 2007, <https://www.rfc-editor.org/info/rfc4822>. | |||
| [RFC5310] Bhatia, M., Manral, V., Li, T., Atkinson, R., White, R., | [RFC5310] Bhatia, M., Manral, V., Li, T., Atkinson, R., White, R., | |||
| and M. Fanto, "IS-IS Generic Cryptographic | and M. Fanto, "IS-IS Generic Cryptographic | |||
| Authentication", RFC 5310, DOI 10.17487/RFC5310, February | Authentication", RFC 5310, DOI 10.17487/RFC5310, February | |||
| 2009, <http://www.rfc-editor.org/info/rfc5310>. | 2009, <https://www.rfc-editor.org/info/rfc5310>. | |||
| [RFC5709] Bhatia, M., Manral, V., Fanto, M., White, R., Barnes, M., | [RFC5709] Bhatia, M., Manral, V., Fanto, M., White, R., Barnes, M., | |||
| Li, T., and R. Atkinson, "OSPFv2 HMAC-SHA Cryptographic | Li, T., and R. Atkinson, "OSPFv2 HMAC-SHA Cryptographic | |||
| Authentication", RFC 5709, DOI 10.17487/RFC5709, October | Authentication", RFC 5709, DOI 10.17487/RFC5709, October | |||
| 2009, <http://www.rfc-editor.org/info/rfc5709>. | 2009, <https://www.rfc-editor.org/info/rfc5709>. | |||
| [RFC5880] Katz, D. and D. Ward, "Bidirectional Forwarding Detection | [RFC5880] Katz, D. and D. Ward, "Bidirectional Forwarding Detection | |||
| (BFD)", RFC 5880, DOI 10.17487/RFC5880, June 2010, | (BFD)", RFC 5880, DOI 10.17487/RFC5880, June 2010, | |||
| <http://www.rfc-editor.org/info/rfc5880>. | <https://www.rfc-editor.org/info/rfc5880>. | |||
| [RFC6234] Eastlake 3rd, D. and T. Hansen, "US Secure Hash Algorithms | [RFC6234] Eastlake 3rd, D. and T. Hansen, "US Secure Hash Algorithms | |||
| (SHA and SHA-based HMAC and HKDF)", RFC 6234, | (SHA and SHA-based HMAC and HKDF)", RFC 6234, | |||
| DOI 10.17487/RFC6234, May 2011, | DOI 10.17487/RFC6234, May 2011, | |||
| <http://www.rfc-editor.org/info/rfc6234>. | <https://www.rfc-editor.org/info/rfc6234>. | |||
| [SHA-1-attack1] | [SHA-1-attack1] | |||
| Wang, X., Yin, Y., and H. Yu, "Finding Collisions in the | Wang, X., Yin, Y., and H. Yu, "Finding Collisions in the | |||
| Full SHA-1", 2005. | Full SHA-1", 2005. | |||
| [SHA-1-attack2] | [SHA-1-attack2] | |||
| Wang, X., Yao, A., and F. Yao, "New Collision Search for | Wang, X., Yao, A., and F. Yao, "New Collision Search for | |||
| SHA-1", 2005. | SHA-1", 2005. | |||
| Authors' Addresses | Authors' Addresses | |||
| End of changes. 18 change blocks. | ||||
| 18 lines changed or deleted | 18 lines changed or added | |||
This html diff was produced by rfcdiff 1.46. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||