IS-IS for IP Internets (isis)

headers Manav Bhatia | 2 May 2006 02:38

Hi,

We have updated the draft to include HMAC-SHA-384 and HMAC-SHA-512 authentication modes. There were some
other minor comments as well that we had received. Those have been addressed in this version.

http://www.ietf.org/internet-drafts/draft-bhatia-manral-isis-hmac-sha-01.txt

Would appreciate a feedback from the WG.

Cheers,
Manav

----- Original Message ----
From: Vishwas Manral <vishwas <at> ipinfusion.com>
To: isis-wg <at> ietf.org
Sent: Saturday, 22 April, 2006 6:55:51 AM
Subject: RE: [Isis-wg] IS-IS HMAC SHA Cryptographic Authentication

Hi Hannes,

I mostly agree with Tony here, except for a very corner case where we can amplify 
a DoS because we have multiple keys to choose between at the receiver during Key
Rollover.

The point that you bring is an intersting point about KeyRollover. A simple 
way to do it is to also have the Key-Id (opaque value) sent by the sender. The 
sender when doing a key rollover will use a different Key ID(which is shared with
the receiver). As the receiver will have the key with the same Key-ID it can use 
that key for calculating the Hash. We will not have to compute the hash with 
multiple keys which are valid in such a case.

Mon	Tue	Wed	Thu	Fri	Sat	Sun

1	2	3	4	5	6	7
8	9	10	11	12	13	14
15	16	17	18	19	20	21
22	23	24	25	26	27	28
29	30	31

9	June 2013
9	May 2013
18	April 2013
17	March 2013
61	February 2013
2	January 2013
3	December 2012
7	November 2012
16	October 2012
20	September 2012
11	August 2012
5	July 2012
3	June 2012
1	May 2012
7	April 2012
26	March 2012
1	February 2012
3	January 2012
2	November 2011
17	October 2011
8	September 2011
8	August 2011
11	July 2011
7	June 2011
14	May 2011
46	April 2011
16	March 2011
31	February 2011
55	January 2011
38	December 2010
32	November 2010
22	October 2010
137	September 2010
52	August 2010
13	July 2010
24	June 2010
46	May 2010
62	April 2010
48	March 2010
4	February 2010
3	January 2010
7	December 2009
4	November 2009
1	October 2009
11	September 2009
3	August 2009
1	July 2009
3	June 2009
2	May 2009
69	April 2009
27	March 2009
14	February 2009
14	January 2009
2	December 2008
5	November 2008
21	October 2008
5	September 2008
15	August 2008
21	July 2008
14	June 2008
3	May 2008
26	April 2008
22	March 2008
18	February 2008
3	January 2008
4	December 2007
22	November 2007
18	October 2007
8	September 2007
7	August 2007
3	July 2007
20	June 2007
7	May 2007
17	April 2007
22	March 2007
19	February 2007
8	January 2007
12	December 2006
11	November 2006
9	October 2006
3	September 2006
7	August 2006
14	July 2006
16	June 2006
4	May 2006
19	April 2006
11	March 2006
13	February 2006
4	January 2006
34	December 2005
14	November 2005
37	October 2005
27	September 2005
3	August 2005
11	July 2005
14	June 2005
26	May 2005
11	April 2005
34	March 2005
42	February 2005
22	January 2005
17	December 2004
16	November 2004
62	October 2004
16	September 2004
38	August 2004
26	July 2004
48	June 2004
28	May 2004
27	April 2004
7	March 2004
21	February 2004
7	January 2004
4	December 2003
1	November 2003
13	October 2003
6	September 2003
7	August 2003
67	July 2003
98	June 2003
71	May 2003
56	April 2003
12	March 2003
54	February 2003
70	January 2003
7	December 2002
54	November 2002
136	October 2002
128	September 2002
69	August 2002
118	July 2002
75	June 2002
90	May 2002
137	April 2002

Re: IS-IS HMAC SHA Cryptographic Authentication

Re: IS-IS HMAC SHA Cryptographic Authentication

RE: IS-IS HMAC SHA Cryptographic Authentication

I-D ACTION:draft-ietf-isis-ipv6-te-03.txt