IGP extension for PCEP security capability support in the PCE discovery
draft-ietf-lsr-pce-discovery-security-support-03
| Document | Type | Expired Internet-Draft (lsr WG) | |
|---|---|---|---|
| Authors | Diego Lopez , Qin Wu , Dhruv Dhody , Zitao Wang , Daniel King | ||
| Last updated | 2020-05-03 (Latest revision 2019-10-31) | ||
| Replaces | draft-wu-lsr-pce-discovery-security-support | ||
| Stream | Internet Engineering Task Force (IETF) | ||
| Formats |
Expired & archived
plain text
xml
htmlized
pdfized
bibtex
|
||
| Reviews |
SECDIR Last Call review
(of
-05)
Not Ready
|
||
| Stream | WG state | WG Document | |
| Document shepherd | Acee Lindem | ||
| IESG | IESG state | Expired | |
| Consensus boilerplate | Unknown | ||
| Telechat date | (None) | ||
| Responsible AD | (None) | ||
| Send notices to | Acee Lindem <acee@cisco.com>, pce@ietf.org |
https://www.ietf.org/archive/id/draft-ietf-lsr-pce-discovery-security-support-03.txt
Abstract
When a Path Computation Element (PCE) is a Label Switching Router (LSR) participating in the Interior Gateway Protocol (IGP), or even a server participating in IGP, its presence and path computation capabilities can be advertised using IGP flooding. The IGP extensions for PCE discovery (RFC 5088 and RFC 5089) define a method to advertise path computation capabilities using IGP flooding for OSPF and IS-IS respectively. However these specifications lack a method to advertise PCEP security (e.g., Transport Layer Security(TLS), TCP Authentication Option (TCP-AO)) support capability. This document proposes new capability flag bits for PCE-CAP-FLAGS sub-TLV that can be announced as attribute in the IGP advertisement to distribute PCEP security support information. In addition, this document updates RFC 5088 and RFC 5089 to allow advertisement of Key ID or Key Chain Name Sub-TLV to support TCP AO security capability.
Authors
Diego Lopez
Qin Wu
Dhruv Dhody
Zitao Wang
Daniel King
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)