BGP Sessions Protection via MD5 Authentication
draft-chunzhe-idr-protection-md5-00
| Document | Type |
Expired Internet-Draft
(individual)
Expired & archived
|
|
|---|---|---|---|
| Author | Hu Chunzhe | ||
| Last updated | 2002-08-27 | ||
| RFC stream | (None) | ||
| Intended RFC status | (None) | ||
| Formats | |||
| Stream | Stream state | (No stream defined) | |
| Consensus boilerplate | Unknown | ||
| RFC Editor Note | (None) | ||
| IESG | IESG state | Expired | |
| Telechat date | (None) | ||
| Responsible AD | (None) | ||
| Send notices to | (None) |
This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:
Abstract
This draft describes a BGP Extension to protect the route information on the basis of authentication on the BGP message between BGP speakers,In this mechanism,an addtional Capabilty option(Authentication Code) and random number used for authentication are added to OPEN message,and the Authentication Capability is negotiated between BGP speakers,when they pass the negotiation and setup the Established relationship, all the successive message will be authenticated using MD5 algorithm,with the Marker field in the BGP message substituted with the MD5 digest of the combination including message body.This mechanism can guard against that the BGP message be intercepted and tampered by the attacker.
Authors
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)