Summary of Cryptographic Authentication Algorithm Implementation Requirements for Routing Protocols
RFC 6094

Approval announcement
Draft of message to be sent after approval:

From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Cc: Internet Architecture Board <iab@iab.org>,
    RFC Editor <rfc-editor@rfc-editor.org>,
    opsec mailing list <opsec@ietf.org>,
    opsec chair <opsec-chairs@tools.ietf.org>
Subject: Document Action: 'Summary of Cryptographic Authentication Algorithm Implementation Requirements for Routing Protocols' to Informational RFC

The IESG has approved the following document:
- 'Summary of Cryptographic Authentication Algorithm Implementation
   Requirements for Routing Protocols'
  <draft-ietf-opsec-igp-crypto-requirements-04.txt> as an Informational
RFC

This document is the product of the Operational Security Capabilities for
IP Network Infrastructure Working Group.

The IESG contact persons are Ron Bonica and Dan Romascanu.

A URL of this Internet Draft is:
http://datatracker.ietf.org/doc/draft-ietf-opsec-igp-crypto-requirements/

Summary:

The routing protocols Open Shortest Path First version 2 (OSPFv2) 
[RFC2328], Intermediate System to Intermediate System (IS-IS) [ISO] 
[RFC1195] and Routing Information Protocol (RIP) [RFC2453] currently 
define Clear Text and MD5  (Message Digest 5) [RFC1321] methods for 
authenticating protocol packets. Recently effort has been made to add 
support for the SHA (Secure Hash Algorithm) family of hash functions 
for the purpose of authenticating routing protocol packets for RIP 
[RFC4822], IS-IS [RFC5310] and OSPF [RFC5709].

To encourage interoperability between disparate implementations, it is 
imperative that we specify the expected minimal set of algorithms 
thereby ensuring that there is at least one algorithm that all 
implementations will have in common.

This document examines the current set of available algorithms with 
interoperability and effective cryptographic authentication protection 
being the principle considerations. Cryptographic authentication of 
these routing protocols requires the availability of the same 
algorithms in disparate implementations. It is desirable that newly 
specified algorithms should be implemented and available in routing 
protocol implementations because they may be promoted to requirements 
at some future time.

Working Group Summary:

The document was accepted as a workring group item on the mailing list 
on 1/24/2010.Working Group last call was performed for two weeks, 
ending on 5/29/2010. With no objections.

Document Quality:

The document covers  the use of cryptographic protections in five igp 
protocols while it's is likely that the utility of recommendations 
made in this document will age or be rendered obsolete at different 
rates. Recommendations conveyed by the document are both informational 
in nature and temporally limited.