Summary of Cryptographic Authentication Algorithm Implementation Requirements for Routing Protocols
Draft of message to be sent after approval:
From: The IESG <email@example.com> To: IETF-Announce <firstname.lastname@example.org> Cc: Internet Architecture Board <email@example.com>, RFC Editor <firstname.lastname@example.org>, opsec mailing list <email@example.com>, opsec chair <firstname.lastname@example.org> Subject: Document Action: 'Summary of Cryptographic Authentication Algorithm Implementation Requirements for Routing Protocols' to Informational RFC The IESG has approved the following document: - 'Summary of Cryptographic Authentication Algorithm Implementation Requirements for Routing Protocols' <draft-ietf-opsec-igp-crypto-requirements-04.txt> as an Informational RFC This document is the product of the Operational Security Capabilities for IP Network Infrastructure Working Group. The IESG contact persons are Ron Bonica and Dan Romascanu. A URL of this Internet Draft is: http://datatracker.ietf.org/doc/draft-ietf-opsec-igp-crypto-requirements/
Summary: The routing protocols Open Shortest Path First version 2 (OSPFv2) [RFC2328], Intermediate System to Intermediate System (IS-IS) [ISO] [RFC1195] and Routing Information Protocol (RIP) [RFC2453] currently define Clear Text and MD5 (Message Digest 5) [RFC1321] methods for authenticating protocol packets. Recently effort has been made to add support for the SHA (Secure Hash Algorithm) family of hash functions for the purpose of authenticating routing protocol packets for RIP [RFC4822], IS-IS [RFC5310] and OSPF [RFC5709]. To encourage interoperability between disparate implementations, it is imperative that we specify the expected minimal set of algorithms thereby ensuring that there is at least one algorithm that all implementations will have in common. This document examines the current set of available algorithms with interoperability and effective cryptographic authentication protection being the principle considerations. Cryptographic authentication of these routing protocols requires the availability of the same algorithms in disparate implementations. It is desirable that newly specified algorithms should be implemented and available in routing protocol implementations because they may be promoted to requirements at some future time. Working Group Summary: The document was accepted as a workring group item on the mailing list on 1/24/2010.Working Group last call was performed for two weeks, ending on 5/29/2010. With no objections. Document Quality: The document covers the use of cryptographic protections in five igp protocols while it's is likely that the utility of recommendations made in this document will age or be rendered obsolete at different rates. Recommendations conveyed by the document are both informational in nature and temporally limited.