Browse Prior Art Database

Summary of Cryptographic Authentication Algorithm Implementation Requirements for Routing Protocols (RFC6094) Disclosure Number: IPCOM000203821D
Original Publication Date: 2011-Feb-01
Included in the Prior Art Database: 2011-Feb-03
Document File: 22 page(s) / 25K

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

M. Bhatia: AUTHOR [+2]


Most routing protocols include three different types of authentication schemes: Null authentication, cleartext password, and cryptographic authentication. Null authentication is equivalent to having no authentication scheme at all.

This text was extracted from an ASCII text file.
This is the abbreviated version, containing approximately 11% of the total text.

Internet Engineering Task Force (IETF)                         M. Bhatia Request for Comments: 6094                                Alcatel-Lucent Category: Informational                                        V. Manral ISSN: 2070-1721                                              IP Infusion                                                            February 2011

     Summary of Cryptographic Authentication Algorithm Implementation                    Requirements for Routing Protocols


   The routing protocols Open Shortest Path First version 2 (OSPFv2),    Intermediate System to Intermediate System (IS-IS), and Routing    Information Protocol (RIP) currently define cleartext and MD5    (Message Digest 5) methods for authenticating protocol packets.    Recently, effort has been made to add support for the SHA (Secure    Hash Algorithm) family of hash functions for the purpose of    authenticating routing protocol packets for RIP, IS-IS, and OSPF.

   To encourage interoperability between disparate implementations, it    is imperative that we specify the expected minimal set of algorithms,    thereby ensuring that there is at least one algorithm that all    implementations will have in common.

   Similarly, RIP for IPv6 (RIPng) and OSPFv3 support IPsec algorithms    for authenticating their protocol packets.

   This document examines the current set of available algorithms, with    interoperability and effective cryptographic authentication    protection being the principal considerations.  Cryptographic    authentication of these routing protocols requires the availability    of the same algorithms in disparate implementations.  It is desirable    that newly specified algorithms should be implemented and available    in routing protocol implementations because they may be promoted to    requirements at some future time.

Status of This Memo

   This document is not an Internet Standards Track specification; it is    published for informational purposes.

   This document is a product of the Internet Engineering Task Force    (IETF).  It represents the consensus of the IETF community.  It has    received public review and has been approved for publication by the    Internet Engineering Steering Group (IESG).  Not all documents    approved by the IESG are a candidate for any level of Internet    Standard; see Section 2 of RFC 5741.

Bhatia & Manral               Informational                     [Page 1]
 RFC 6094            Crypto Reqs for Routing Protocols      February 2011

    Information about the current status of this document, any errata,    and how to provide feedback on it ma...