datatracker.ietf.org
Sign in
Version 5.13.0, 2015-03-25
Report a bug

Negotiation for Keying Pairwise Routing Protocols in IKEv2
draft-mahesh-karp-rkmp-05

Document type: Expired Internet-Draft (individual)
Document stream: No stream defined
Last updated: 2014-05-19 (latest revision 2013-11-15)
Intended RFC status: Unknown
Other versions: (expired, archived): plain text, pdf, html

Stream State:No stream defined
Document shepherd: No shepherd assigned

IESG State: Expired
Responsible AD: (None)
Send notices to: No addresses provided

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found here:
http://www.ietf.org/archive/id/draft-mahesh-karp-rkmp-05.txt

Abstract

This document describes a mechanism to secure the routing protocols which use unicast to transport their signaling messages. Most of such routing protocols are TCP-based (e.g., BGP and LDP), and the TCP Authentication Option (TCP-AO) is primarily employed for securing the signaling messages of these routing protocols. There are also two exceptions: BFD which is over UDP or MPLS, and RSVP-TE which is over IP (but employs an integrated approach to protecting the signaling messages instead of using IPsec). The proposed mechanism secures pairwise TCP-based Routing Protocol (RP) associations, BFD associations and RSVP-TE associations using the IKEv2 Key Management Protocol (KMP) integrated with TCP-AO, BFD, and RSVP-TE respectively. Included are extensions to IKEv2 and its Security Associations to enable its key negotiation to support TCP-AO, BFD, and RSVP-TE.

Authors

Mahesh Jethanandani <mjethanandani@gmail.com>
Brian Weis <bew@cisco.com>
Keyur Patel <keyupate@cisco.com>
Dacheng Zhang <zhangdacheng@huawei.com>
Sam Hartman <hartmans@painless-security.com>
Uma Chunduri <uma.chunduri@ericsson.com>
Albert Tian <albert.tian@ericsson.com>
Joseph Touch <touch@isi.edu>

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid)