I-D ACTION:draft-ietf-tcpm-tcp-auth-opt-08.txt

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



A New Internet-Draft is available from the on-line Internet-Drafts 
directories.
This draft is a work item of the TCP Maintenance and Minor Extensions Working Group of the IETF.

	Title		: The TCP Authentication Option
	Author(s)	: J. Touch, A. Mankin, R. Bonica
	Filename	: draft-ietf-tcpm-tcp-auth-opt-08.txt
	Pages		: 45
	Date		: 2009-10-28
	
This document specifies the TCP Authentication Option (TCP-AO), which
   obsoletes the TCP MD5 Signature option of RFC-2385 (TCP MD5). TCP-AO
   specifies the use of stronger Message Authentication Codes (MACs),
   protects against replays even for long-lived TCP connections, and
   provides more details on the association of security with TCP
   connections than TCP MD5. TCP-AO is compatible with either static
   master key tuple (MKT) configuration or an external, out-of-band MKT
   management mechanism; in either case, TCP-AO also protects
   connections when using the same MKT across repeated instances of a
   connection, using traffic keys derived from the MKT, and coordinates
   MKT changes between endpoints. The result is intended to support
   current infrastructure uses of TCP MD5, such as to protect long-lived
   connections (as used, e.g., in BGP and LDP), and to support a larger
   set of MACs with minimal other system and operational changes. TCP-AO
   uses its own option identifier, even though used mutually exclusive
   of TCP MD5 on a given TCP connection. TCP-AO supports IPv6, and is
   fully compatible with the proposed requirements for the replacement
   of TCP MD5.

A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-tcpm-tcp-auth-opt-08.txt

Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/

Below is the data which will enable a MIME compliant mail reader
implementation to automatically retrieve the ASCII version of the
Internet-Draft.
<ftp://ftp.ietf.org/internet-drafts/draft-ietf-tcpm-tcp-auth-opt-08.txt>
_______________________________________________

I-D-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/i-d-announce
Internet-Draft directories: http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt

[Index of Archives]     [IETF]     [IETF Discussion]     [Linux Kernel]

  Powered by Linux