Re: [Isis-wg] IS-IS HMAC SHA Cryptographic Authentication

[Hannes Gredler <hannes at juniper.net>]

furthermore, it would be also time to think about authentication-type
migration support. i.e. discuss about authentication-type [simple->md5->sha]
and key rollover schemes and nail down the necessary behaviour
(multiple instances of TLV #10).

the prevailing method for both authentication-type and key rollover
(= disabling authentication check during the transition window)
is not really smooth.

/hannes

Tony Li wrote:
> Sofia,
>
> While I know of no substantive risks to the use of MD5 today as used in
> 3567, history suggests that someday, there will be.  Thus, having other
> algorithms available is only prudent and I strongly support that goal.
>
> Regards,
> Tony
>
>
> > -----Original Message-----
> > From: Sofia Ray [mailto:sofia.ray at lycos.com] 
> > Sent: Wednesday, April 19, 2006 11:04 AM
> > To: isis-wg at ietf.org
> > Subject: Re: [Isis-wg] IS-IS HMAC SHA Cryptographic Authentication
> >
> > Manav,
> >
> > Whats wrong with the authentication scheme detailed in 3567?
> >
> > Yours,
> > Sofia
> >
> > ----- Original Message ----
> > From: Manav Bhatia <manav_bhatia06 at yahoo.co.uk>
> > To: isis-wg at ietf.org
> > Sent: Wednesday, 19 April, 2006 8:30:00 AM
> > Subject: [Isis-wg] IS-IS HMAC SHA Cryptographic Authentication
> >
> >
> > Hi,
> >
> > We have written a draft on extending ISIS to use HMAC-SHA 
> > authentication. Would appreciate if we can get some feedback 
> > from the WG. The mechanism proposed in the draft is backward 
> > compatible and would work with the existing ISIS implementations.
> >
> > Cheers,
> > Manav
> >
> > ----- Forwarded Message ----
> > From: Internet-Drafts at ietf.org
> > To: i-d-announce at ietf.org
> > Sent: Wednesday, April 19, 2006 4:20:01 AM
> > Subject: I-D ACTION:draft-bhatia-manral-isis-hmac-sha-00.txt
> >
> > A New Internet-Draft is available from the on-line 
> > Internet-Drafts directories.
> >
> >    Title        : IS-IS HMAC SHA Cryptographic Authentication
> >    Author(s)    : M. Bhatia, V. Manral
> >    Filename    : draft-bhatia-manral-isis-hmac-sha-00.txt
> >    Pages        : 8
> >    Date        : 2006-4-18
> >
> > This document proposes an extension to IS-IS [ISO] [RFC1195] 
> > to allow the use of HMAC SHA authentication algorithm in 
> > addition to the already documented authentication schemes 
> > described in the base specification and RFC 3567.
> >
> > A URL for this Internet-Draft is:
> > http://www.ietf.org/internet-drafts/draft-bhatia-manral-isis-h
> > mac-sha-00.txt
> >
> >
> >
> > --
> > _______________________________________________
> >
> > Search for businesses by name, location, or phone number.  
> > -Lycos Yellow Pages
> >
> > http://r.lycos.com/r/yp_emailfooter/http://yellowpages.lycos.c
> > om/default.asp?SRC=lycos10
> >
> >
> > _______________________________________________
> > Isis-wg mailing list
> > Isis-wg at ietf.org
> > https://www1.ietf.org/mailman/listinfo/isis-wg
>
>
>
>
> _______________________________________________
> Isis-wg mailing list
> Isis-wg at ietf.org
> https://www1.ietf.org/mailman/listinfo/isis-wg

_______________________________________________
Isis-wg mailing list
Isis-wg at ietf.org
https://www1.ietf.org/mailman/listinfo/isis-wg