TCP-AO extensions for KARP-KMP
draft-chunduri-tcp-ao-extensions-for-karp-kmp-00
Document | Type |
Expired Internet-Draft
(individual)
Expired & archived
|
|
---|---|---|---|
Authors | Uma Chunduri , Albert Tian | ||
Last updated | 2012-04-26 (Latest revision 2011-10-24) | ||
RFC stream | (None) | ||
Intended RFC status | (None) | ||
Formats | |||
Stream | Stream state | (No stream defined) | |
Consensus boilerplate | Unknown | ||
RFC Editor Note | (None) | ||
IESG | IESG state | Expired | |
Telechat date | (None) | ||
Responsible AD | (None) | ||
Send notices to | (None) |
This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:
Abstract
This document discusses the possible extensions for TCP Authentication Option (TCP-AO) to better integrate and maximize the benefits, when deployed with Key Management Protocols (KMPs). TCP-AO as defined in RFC5925 can obtain master key from KMP and uses a Key Derivation Function (KDF) to generate traffic keys to protect the TCP sessions. In this mode, not all the benefits from the KMP can be realized. This document introduces an alternative approach for TCP-AO that allows TCP-AO to realize all the operational and security benefits from the deployed KMP.
Authors
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)