Applicability of Keying Methods for RSVP Security
Draft of message to be sent after approval:
From: The IESG <firstname.lastname@example.org> To: IETF-Announce <email@example.com> Cc: RFC Editor <firstname.lastname@example.org> Subject: Document Action: 'Applicability of Keying Methods for RSVP Security' to Informational RFC (draft-ietf-tsvwg-rsvp-security-groupkeying-11.txt) The IESG has approved the following document: - 'Applicability of Keying Methods for RSVP Security' (draft-ietf-tsvwg-rsvp-security-groupkeying-11.txt) as an Informational RFC This document is the product of the Transport Area Working Group. The IESG contact persons are David Harrington and Wesley Eddy. A URL of this Internet Draft is: http://datatracker.ietf.org/doc/draft-ietf-tsvwg-rsvp-security-groupkeying/
Technical Summary The Resource reSerVation Protocol [RFC2205] allows hop-by-hop authentication of RSVP neighbors, as specified in [RFC2747]. In this mode, an integrity object is attached to each RSVP message to transmit a keyed message digest. This message digest allows the recipient to verify the identity of the RSVP node that sent the message, and to validate the integrity of the message. Through the inclusion of a sequence number in the scope of the digest, the digest also offers replay protection. This document discusses a variety of keying methods and their applicability to different RSVP deployment environments, for both message integrity and encryption. It is meant as a comparative guide to understand where each RSVP keying method is best deployed, and the limitations of each method. Furthermore, it discusses how RSVP hop by hop authentication is impacted in the presence of non-RSVP nodes, or subverted nodes, in the reservation path. The document "RSVP Security Properties" ([RFC4230]) provides an overview of RSVP security, including RSVP Cryptographic Authentication [RFC2747], but does not discuss key management. It states that "RFC 2205 assumes that security associations are already available". The present document focuses specifically on key management with different key types, including group keys. Therefore this document complements [RFC4230]. Working Group Summary Understanding that 'strong' consensus is nearly impossible in an open area WG such as TSVWG, with 5-6 sub-groups within this WG divided along technology focuses -- there is unwavering consensus in the WG amongst interested parties to publish this document. It has been reviewed by several people in the WG last call. Comments raised have been addressed, including those from the Sec-dir. A question was raised by the AD about the wording in the IPR declaration (does the non-assert include Informational documents?) The WG discussed this IPR declaration and have no objection to publishing. Document Quality Key members of the WG have reviewed this document. This was reviewed by the RSVP Directorate. Stephen Kent provided a detailed secdir review. Personnel Document Shepherd: James Polk. Responsible Area Director: David Harrington There are no IANA registrations specified by this document.