KARP KMP: Simplified Peer Authentication

Document Type Expired Internet-Draft (individual)
Authors Uma Chunduri  , Albert Tian  , Ari Keränen  , Tero Kivinen 
Last updated 2014-11-28 (latest revision 2014-05-27)
Stream (None)
Intended RFC status (None)
Expired & archived
plain text pdf htmlized bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


This document describes the usage of Router Fingerprint Authentication (RFA) with public keys as a potential peer authentication method with KARP pair wise and group Key Management Protocols (KMPs). The advantage of RFA is, it neither requires out- of-band, mutually agreeable symmetric keys nor a full PKI based system (trust anchor or CA certificates) for mutual authentication of peers with KARP KMP deployments. Usage of Router Fingerprints give a significant operational improvement from symmetric key based systems and yet provide a secure authentication technique.


Uma Chunduri (uma.chunduri@ericsson.com)
Albert Tian (albert.tian@ericsson.com)
Ari Keränen (ari.keranen@ericsson.com)
Tero Kivinen (kivinen@iki.fi)

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)