Supporting Authentication Trailer for OSPFv3
RFC 6506

Approval announcement
Draft of message to be sent after approval:

From: The IESG <>
To: IETF-Announce <>
Cc: RFC Editor <>,
    ospf mailing list <>,
    ospf chair <>
Subject: Protocol Action: 'Supporting Authentication Trailer for OSPFv3' to Proposed Standard (draft-ietf-ospf-auth-trailer-ospfv3-11.txt)

The IESG has approved the following document:
- 'Supporting Authentication Trailer for OSPFv3'
  (draft-ietf-ospf-auth-trailer-ospfv3-11.txt) as a Proposed Standard

This document is the product of the Open Shortest Path First IGP Working

The IESG contact persons are Stewart Bryant and Adrian Farrel.

A URL of this Internet Draft is:

Technical Summary

   Currently OSPFv3 uses IPsec as the only mechanism for authenticating
   protocol packets.  This behavior is different from authentication
   mechanisms present in other routing protocols (OSPFv2, IS-IS, RIPng).
   In some environments, it has been found that IPsec is difficult to
   configure and maintain, and cannot be used.  This document proposes
   an alternative mechanism to authenticate OSPFv3 protocol packets so
   that OSPFv3 does not depend upon only IPsec for authentication.

Working Group Summary

    There was discussion about the size of Crypto Sequence Number. 
    After much debate it was agreed to increase it from 32 bit to 64 bit.   

Document Quality

    This extension is similar to OSPFv2 Cryptographic Authentication
    where a message digest is appended to the end of the OSPF packet.
    There is no known implementation at this time. 


Abhay Roy ( is the Document Shepherd for this document.
Stewart Bryant ( Responsible Area Director.

RFC Editor Note


s/This document proposes a new mechanism/This document defines a new mechanism/

- end of section 3 is missing a full stop.

Section 4.3
s/> the secret key/the secret key/