A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the TCP Maintenance and Minor Extensions Working Group of the IETF.
Title : The TCP Authentication Option
Author(s) : J. Touch, et al.
Filename : draft-ietf-tcpm-tcp-auth-opt-01.txt
Pages : 30
Date : 2008-07-14
This document specifies a TCP Authentication Option (TCP-AO) which is
intended to replace the TCP MD5 Signature option of RFC-2385 (TCP
MD5). TCP-AO specifies the use of stronger Message Authentication
Codes (MACs) and provides more details on the association of security
associations with TCP connections. TCP-AO assumes an external, out-
of-band mechanism (manual or via a separate protocol) for session key
establishment, parameter negotiation, and rekeying, replicating the
separation of key management and key use as in the IPsec suite. The
result is intended to be a simple modification to support current
infrastructure uses of TCP MD5, such as to protect BGP and LDP, and
to support a larger set of MACs with minimal other system and
operational changes. TCP-AO uses a new option identifier, even though
it is intended to be mutually exclusive with TCP MD5 on a given TCP
connection. It supports IPv6, and is fully compatible with
requirements under development for an update to TCP MD5.
A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-tcpm-tcp-auth-opt-01.txt
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
Below is the data which will enable a MIME compliant mail reader
implementation to automatically retrieve the ASCII version of the
Internet-Draft.
- <ftp://ftp.ietf.org/internet-drafts/draft-ietf-tcpm-tcp-auth-opt-01.txt>
-
_______________________________________________
I-D-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/i-d-announce
Internet-Draft directories: http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
