End to end authentication for LDP
draft-schrijvp-mpls-ldp-end-to-end-auth-03
| Document | Type |
Expired Internet-Draft
(individual)
Expired & archived
|
|
|---|---|---|---|
| Authors | Jeremy De Clercq , Oliver Paridaens , Yves T'Joens , Peter De Schrijver | ||
| Last updated | 2001-03-05 | ||
| RFC stream | (None) | ||
| Intended RFC status | (None) | ||
| Formats | |||
| Stream | Stream state | (No stream defined) | |
| Consensus boilerplate | Unknown | ||
| RFC Editor Note | (None) | ||
| IESG | IESG state | Expired | |
| Telechat date | (None) | ||
| Responsible AD | (None) | ||
| Send notices to | (None) |
This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:
Abstract
The Label Distribution Protocol (LDP), as currently defined, makes use of the TCP MD5 Signature option to protect (authentication and integrity) the LDP traffic between two adjacent LSRs. This document specifies extensions to LDP to enable end-to-end authentication between non-adjacent LSR's (ie not directly connected via a TCP connection) that are setting up an LSP. Two mechanisms are defined that also provide integrity protection of the information carried within LDP messages and protect against the malicious replay of LDP messages. Both proposed mechanisms require ordered control LDP and can also be applied to CR-LDP.
Authors
Jeremy De Clercq
Oliver Paridaens
Yves T'Joens
Peter De Schrijver
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)