Technical Summary
The Resource reSerVation Protocol [RFC2205] allows hop-by-hop
authentication of RSVP neighbors, as specified in [RFC2747]. In this
mode, an integrity object is attached to each RSVP message to
transmit a keyed message digest. This message digest allows the
recipient to verify the identity of the RSVP node that sent the
message, and to validate the integrity of the message. Through the
inclusion of a sequence number in the scope of the digest, the digest
also offers replay protection.
This document discusses a variety of keying methods and their
applicability to different RSVP deployment environments, for both
message integrity and encryption. It is meant as a comparative guide
to understand where each RSVP keying method is best deployed, and the
limitations of each method. Furthermore, it discusses how RSVP hop
by hop authentication is impacted in the presence of non-RSVP nodes,
or subverted nodes, in the reservation path.
The document "RSVP Security Properties" ([RFC4230]) provides an
overview of RSVP security, including RSVP Cryptographic
Authentication [RFC2747], but does not discuss key management. It
states that "RFC 2205 assumes that security associations are already
available". The present document focuses specifically on key
management with different key types, including group keys. Therefore
this document complements [RFC4230].
Working Group Summary
Understanding that 'strong' consensus is nearly impossible in an open
area WG such as TSVWG, with 5-6 sub-groups within this WG divided
along technology focuses -- there is unwavering consensus in the WG
amongst interested parties to publish this document. It has been
reviewed by several people in the WG last call. Comments raised have
been addressed, including those from the Sec-dir.
A question was raised by the AD about the wording in the IPR declaration
(does the non-assert include Informational documents?)
The WG discussed this IPR declaration and have no objection to publishing.
Document Quality
Key members of the WG have reviewed this document.
This was reviewed by the RSVP Directorate.
Stephen Kent provided a detailed secdir review.
Personnel
Document Shepherd: James Polk.
Responsible Area Director: David Harrington
There are no IANA registrations specified by this document.