Authenticating BFD using HMAC-SHA-2 procedures

The information below is for an old version of the document
Document Type Expired Internet-Draft (bfd WG)
Last updated 2014-04-18 (latest revision 2013-10-15)
Stream IETF
Intended RFC status Proposed Standard
Expired & archived
plain text pdf html bibtex
Stream WG state WG Document (wg milestone: Jan 2015 - Submit the cryptogra... )
Document shepherd None
IESG IESG state Expired
Consensus Boilerplate Unknown
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


This document describes the mechanism to authenticate Bidirectional Forwarding Detection (BFD) protocol packets using Hashed Message Authentication Mode (HMAC) with the SHA-256, SHA-384, and SHA-512 algorithms. The described mechanism uses the Generic Cryptographic Authentication and Generic Meticulous Cryptographic Authentication sections to carry the authentication data. This document updates, but does not supercede, the cryptographic authentication mechanism specified in RFC 5880.


Dacheng Zhang (
Manav Bhatia (
Vishwas Manral (

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)