KARP KMP: Simplified Peer Authentication

Document Type Expired Internet-Draft (individual)
Last updated 2014-11-28 (latest revision 2014-05-27)
Stream (None)
Intended RFC status (None)
Expired & archived
plain text pdf html
Stream Stream state (No stream defined)
Document shepherd No shepherd assigned
IESG IESG state Expired
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


This document describes the usage of Router Fingerprint Authentication (RFA) with public keys as a potential peer authentication method with KARP pair wise and group Key Management Protocols (KMPs). The advantage of RFA is, it neither requires out- of-band, mutually agreeable symmetric keys nor a full PKI based system (trust anchor or CA certificates) for mutual authentication of peers with KARP KMP deployments. Usage of Router Fingerprints give a significant operational improvement from symmetric key based systems and yet provide a secure authentication technique.


Uma Chunduri (uma.chunduri@ericsson.com)
Albert Tian (albert.tian@ericsson.com)
Ari Keranen (ari.keranen@ericsson.com)
Tero Kivinen (kivinen@iki.fi)

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)