I-D Action: draft-ietf-ospf-security-extension-manual-keying-10.txt

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



A New Internet-Draft is available from the on-line Internet-Drafts directories.
 This draft is a work item of the Open Shortest Path First IGP Working Group of the IETF.

        Title           : Security Extension for OSPFv2 when using Manual Key Management
        Authors         : Manav Bhatia
                          Sam Hartman
                          Dacheng Zhang
                          Acee Lindem
	Filename        : draft-ietf-ospf-security-extension-manual-keying-10.txt
	Pages           : 13
	Date            : 2014-10-26

Abstract:
   The current OSPFv2 cryptographic authentication mechanism as defined
   in RFC 2328 and RFC 5709 is vulnerable to both inter-session and
   intra-session replay attacks when using manual keying.  Additionally,
   the existing cryptographic authentication mechanism does not cover
   the IP header.  This omission can be exploited to carry out various
   types of attacks.

   This draft proposes changes to the authentication sequence number
   mechanism that will protect OSPFv2 from both inter-session and intra-
   session replay attacks when using manual keys for securing OSPFv2
   protocol packets.  Additionally, we also describe some changes in the
   cryptographic hash computation that will eliminate attacks resulting
   from OSPFv2 not protecting the IP header.


The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-ospf-security-extension-manual-keying/

There's also a htmlized version available at:
http://tools.ietf.org/html/draft-ietf-ospf-security-extension-manual-keying-10

A diff from the previous version is available at:
http://www.ietf.org/rfcdiff?url2=draft-ietf-ospf-security-extension-manual-keying-10


Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.

Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/

_______________________________________________
I-D-Announce mailing list
I-D-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/i-d-announce
Internet-Draft directories: http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt




[Index of Archives]     [IETF]     [IETF Discussion]     [Linux Kernel]

  Powered by Linux