Technical Summary
This document proposes an extension to Intermediate System to
Intermediate System (IS-IS) to allow the use of any cryptographic
authentication algorithm in addition to the already documented
authentication schemes, described in the base specification and RFC
5304.
Although this document has been written specifically for using the
Hashed Message Authentication Code (HMAC) construct along with the
Secure Hash Algorithm (SHA) family of cryptographic hash functions,
the method described in this document is generic and can be used to
extend IS-IS to support any cryptographic hash function in the
future.
Working Group Summary
Moderately strong consensus reported (see PROTO writeup by
Chris Hopps in the ID tracker).
Document Quality
No current implementations as far as we know. There is a need to
replace the current cryptographic method used in IS-IS (MD5),
with one that allows for more secure hashing algorithms. The
document has been updated in response to last call comments from
Alfred Hines.
Personnel
Chris Hopps is the document shepherd for this document. Ross
Callon is the Responsible Area Director.
RFC Editor Note
Please add RFC4086 to the Informative References (section 7.2).
(note that there is a reference to rfc4086 in section 4).