Summary of Cryptographic Authentication Algorithm Implementation Requirements for Routing Protocols (RFC6094)
Original Publication Date: 2011-Feb-01
Included in the Prior Art Database: 2011-Feb-03
Internet Society Requests For Comment (RFCs)
M. Bhatia: AUTHOR [+2]
Most routing protocols include three different types of authentication schemes: Null authentication, cleartext password, and cryptographic authentication. Null authentication is equivalent to having no authentication scheme at all.
Internet Engineering Task Force (IETF) M. Bhatia Request for Comments: 6094 Alcatel-Lucent Category: Informational V. Manral ISSN: 2070-1721 IP Infusion February 2011
Summary of Cryptographic Authentication Algorithm Implementation Requirements for Routing Protocols
The routing protocols Open Shortest Path First version 2 (OSPFv2), Intermediate System to Intermediate System (IS-IS), and Routing Information Protocol (RIP) currently define cleartext and MD5 (Message Digest 5) methods for authenticating protocol packets. Recently, effort has been made to add support for the SHA (Secure Hash Algorithm) family of hash functions for the purpose of authenticating routing protocol packets for RIP, IS-IS, and OSPF.
To encourage interoperability between disparate implementations, it is imperative that we specify the expected minimal set of algorithms, thereby ensuring that there is at least one algorithm that all implementations will have in common.
Similarly, RIP for IPv6 (RIPng) and OSPFv3 support IPsec algorithms for authenticating their protocol packets.
This document examines the current set of available algorithms, with interoperability and effective cryptographic authentication protection being the principal considerations. Cryptographic authentication of these routing protocols requires the availability of the same algorithms in disparate implementations. It is desirable that newly specified algorithms should be implemented and available in routing protocol implementations because they may be promoted to requirements at some future time.
Status of This Memo
This document is not an Internet Standards Track specification; it is published for informational purposes.
This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Not all documents approved by the IESG are a candidate for any level of Internet Standard; see Section 2 of RFC 5741.
Manral Informational [Page 1]
RFC 6094 Crypto Reqs for Routing Protocols February 2011
Information about the current status of this document, any errata, and how to provide feedback on it ma...