Key Change Strategies for TCP-MD5
Draft of message to be sent after approval:
From: The IESG <firstname.lastname@example.org> To: IETF-Announce <email@example.com> Cc: Internet Architecture Board <firstname.lastname@example.org>, RFC Editor <email@example.com> Subject: Document Action: 'Key Change Strategies for TCP-MD5' to Informational RFC The IESG has approved the following document: - 'Key Change Strategies for TCP-MD5 ' <draft-bellovin-keyroll2385-05.txt> as an Informational RFC This document has been reviewed in the IETF but is not the product of an IETF Working Group. The IESG contact person is Russ Housley. A URL of this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-bellovin-keyroll2385-05.txt
Technical Summary The TCP-MD5 option is most commonly used to secure BGP sessions between routers. However, changing the long-term key is difficult, since the change needs to be synchronized between different organizations. This document describes single-ended strategies that will permit (mostly) unsynchronized key changes. Working Group Summary This is an individual effort. It is not affiliated with any IETF Working Group. Protocol Quality This document was reviewed by Russ Housley for the IESG.