I-D Action:draft-ietf-tcpm-tcp-auth-opt-03.txt

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the TCP Maintenance and Minor Extensions Working Group of the IETF.


	Title           : The TCP Authentication Option
	Author(s)       : J. Touch, et al.
	Filename        : draft-ietf-tcpm-tcp-auth-opt-03.txt
	Pages           : 40
	Date            : 2009-02-16

This document specifies the TCP Authentication Option (TCP-AO), which 
obsoletes the TCP MD5 Signature option of RFC-2385 (TCP MD5). TCP-AO 
specifies the use of stronger Message Authentication Codes (MACs), 
protects against replays even for long-lived TCP connections, and 
provides more details on the association of security with TCP 
connections than TCP MD5. TCP-AO is compatible with either static 
master key configuration or an external, out-of-band master key 
management mechanism; in either case, TCP-AO also protects 
connections when using the same master key across repeated instances 
of a connection, using connection keys derived from the master key. 
The result is intended to support current infrastructure uses of TCP 
MD5, such as to protect long-lived connections (as used, e.g., in BGP 
and LDP), and to support a larger set of MACs with minimal other 
system and operational changes. TCP-AO uses its own option 
identifier, even though used mutually exclusive of TCP MD5 on a given 
TCP connection. TCP-AO supports IPv6, and is fully compatible with 
the requirements for the replacement of TCP MD5.

A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-tcpm-tcp-auth-opt-03.txt

Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/

Below is the data which will enable a MIME compliant mail reader
implementation to automatically retrieve the ASCII version of the
Internet-Draft.
<ftp://ftp.ietf.org/internet-drafts/draft-ietf-tcpm-tcp-auth-opt-03.txt>
_______________________________________________

I-D-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/i-d-announce
Internet-Draft directories: http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
[Index of Archives]     [IETF]     [IETF Discussion]     [Linux Kernel]

  Powered by Linux