RE: secdir review of draft-ietf-opsec-igp-crypto-requirements

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, 16 Sep 2010, Bhatia, Manav (Manav) wrote:

In describing each routing protocol's authentication options, it would be helpful to say whether there's any in-band negotiation available.

I am not sure I understand whats being meant by in-band negotiation here?

Many protocols negotiate which crypto algorithm (or even more generic security mechanism) to use. Those negotiations, if done poorly, can be subject to downgrade attacks.

Given how common security negotiation is, it's worthwhile to point out whether or not each of these protocols do it or whether they depend entirely on static configuration of each endpoint.

-- Sam
_______________________________________________
Ietf mailing list
Ietf@xxxxxxxx
https://www.ietf.org/mailman/listinfo/ietf


[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]