IS-IS Generic Cryptographic Authentication
RFC 5310
Revision differences
Document history
Date | Rev. | By | Action |
---|---|---|---|
2020-07-29
|
07 | (System) | Received changes through RFC Editor sync (removed Errata tag (all errata rejected)) |
2018-12-20
|
07 | (System) | Received changes through RFC Editor sync (changed abstract to 'This document proposes an extension to Intermediate System to Intermediate System (IS-IS) to allow the use … Received changes through RFC Editor sync (changed abstract to 'This document proposes an extension to Intermediate System to Intermediate System (IS-IS) to allow the use of any cryptographic authentication algorithm in addition to the already-documented authentication schemes, described in the base specification and RFC 5304. IS-IS is specified in International Standards Organization (ISO) 10589, with extensions to support Internet Protocol version 4 (IPv4) described in RFC 1195. Although this document has been written specifically for using the Hashed Message Authentication Code (HMAC) construct along with the Secure Hash Algorithm (SHA) family of cryptographic hash functions, the method described in this document is generic and can be used to extend IS-IS to support any cryptographic hash function in the future. [STANDARDS-TRACK]') |
2017-05-16
|
07 | (System) | Changed document authors from "Manav Bhatia" to "Manav Bhatia, Randall Atkinson, Tony Li, M Fanto, Vishwas Manral, Russ White" |
2015-10-14
|
07 | (System) | Notify list changed from isis-chairs@ietf.org, draft-ietf-isis-hmac-sha@ietf.org to (None) |
2009-02-11
|
07 | Amy Vezza | State Changes to RFC Published from RFC Ed Queue by Amy Vezza |
2009-02-11
|
07 | Amy Vezza | [Note]: 'RFC 5310' added by Amy Vezza |
2009-02-09
|
07 | (System) | RFC published |
2008-12-19
|
07 | (System) | IANA Action state changed to RFC-Ed-Ack from Waiting on RFC Editor |
2008-12-19
|
07 | (System) | IANA Action state changed to Waiting on RFC Editor from In Progress |
2008-12-19
|
07 | (System) | IANA Action state changed to In Progress from Waiting on Authors |
2008-12-19
|
07 | (System) | IANA Action state changed to Waiting on Authors from In Progress |
2008-12-16
|
07 | (System) | IANA Action state changed to In Progress |
2008-12-15
|
07 | Cindy Morgan | State Changes to RFC Ed Queue from Approved-announcement sent by Cindy Morgan |
2008-12-15
|
07 | Cindy Morgan | IESG state changed to Approved-announcement sent |
2008-12-15
|
07 | Cindy Morgan | IESG has approved the document |
2008-12-15
|
07 | Cindy Morgan | Closed "Approve" ballot |
2008-12-13
|
07 | Samuel Weiler | Request for Last Call review by SECDIR Completed. Reviewer: Carl Wallace. |
2008-12-12
|
07 | (System) | Removed from agenda for telechat - 2008-12-11 |
2008-12-11
|
07 | Cindy Morgan | State Changes to Approved-announcement to be sent from IESG Evaluation by Cindy Morgan |
2008-12-11
|
07 | Mark Townsley | [Ballot Position Update] New position, No Objection, has been recorded by Mark Townsley |
2008-12-11
|
07 | Lisa Dusseault | [Ballot Position Update] New position, No Objection, has been recorded by Lisa Dusseault |
2008-12-11
|
07 | Jon Peterson | [Ballot Position Update] New position, No Objection, has been recorded by Jon Peterson |
2008-12-11
|
07 | Jari Arkko | [Ballot Position Update] New position, Yes, has been recorded by Jari Arkko |
2008-12-11
|
07 | Chris Newman | [Ballot Position Update] New position, No Objection, has been recorded by Chris Newman |
2008-12-10
|
07 | Jari Arkko | [Ballot comment] Figure 1: 0 1 … [Ballot comment] Figure 1: 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type 10 | Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Auth Type | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Key ID | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | + + | Authentication Data (Variable)| + + | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ I found the formatting confusing. Does the missing fourth octet mean that it is (a) reserved or (b) omitted and Auth Type and Key ID are actually consequtive fields? Please clarify. |
2008-12-10
|
07 | Cullen Jennings | [Ballot Position Update] New position, No Objection, has been recorded by Cullen Jennings |
2008-12-10
|
07 | David Ward | [Ballot Position Update] Position for David Ward has been changed to Recuse from Yes by David Ward |
2008-12-10
|
07 | David Ward | [Ballot Position Update] New position, Yes, has been recorded by David Ward |
2008-12-10
|
07 | Ron Bonica | [Ballot Position Update] New position, No Objection, has been recorded by Ron Bonica |
2008-12-10
|
07 | Dan Romascanu | [Ballot Position Update] New position, No Objection, has been recorded by Dan Romascanu |
2008-12-10
|
07 | Lars Eggert | [Ballot comment] Section 4., paragraph 7: > [RFC4086] contains helpful information on both key > generation techniques and cryptographic randomness. … |
2008-12-10
|
07 | Lars Eggert | [Ballot Position Update] New position, No Objection, has been recorded by Lars Eggert |
2008-12-09
|
07 | Tim Polk | [Ballot Position Update] New position, Yes, has been recorded by Tim Polk |
2008-12-09
|
07 | Russ Housley | [Ballot Position Update] New position, No Objection, has been recorded by Russ Housley |
2008-12-09
|
07 | Magnus Westerlund | [Ballot Position Update] New position, No Objection, has been recorded by Magnus Westerlund |
2008-11-25
|
07 | Ross Callon | Placed on agenda for telechat - 2008-12-11 by Ross Callon |
2008-11-25
|
07 | Ross Callon | State Changes to IESG Evaluation from Waiting for Writeup::AD Followup by Ross Callon |
2008-11-25
|
07 | Ross Callon | [Ballot Position Update] New position, Yes, has been recorded for Ross Callon |
2008-11-25
|
07 | Ross Callon | Ballot has been issued by Ross Callon |
2008-11-25
|
07 | Ross Callon | Created "Approve" ballot |
2008-11-18
|
07 | (System) | Sub state has been changed to AD Follow up from New Id Needed |
2008-11-18
|
07 | (System) | New version available: draft-ietf-isis-hmac-sha-07.txt |
2008-11-04
|
07 | Ross Callon | State Changes to Waiting for Writeup::Revised ID Needed from Waiting for AD Go-Ahead by Ross Callon |
2008-11-04
|
07 | (System) | State has been changed to Waiting for AD Go-Ahead from In Last Call by system |
2008-10-31
|
07 | Amanda Baber | IANA Last Call comments: Upon approval of this document, the IANA will add the following to the "IS-IS Authentication Type Codes for TLV 10" registry … IANA Last Call comments: Upon approval of this document, the IANA will add the following to the "IS-IS Authentication Type Codes for TLV 10" registry at http://www.iana.org/assignments/isis-tlv-codepoints Reference: [RFC-isis-hmac-sha-05] Registration Procedures: Expert Review Initial contents of this sub-registry will be: Value Authentication Type Code Reference ----- --------------------------- --------- 3 Cryptographic Authentication [RFC-isis-hmac-sha-05] We understand the above to be the only IANA Action for this document. |
2008-10-30
|
06 | (System) | New version available: draft-ietf-isis-hmac-sha-06.txt |
2008-10-23
|
07 | Samuel Weiler | Request for Last Call review by SECDIR is assigned to Carl Wallace |
2008-10-23
|
07 | Samuel Weiler | Request for Last Call review by SECDIR is assigned to Carl Wallace |
2008-10-21
|
07 | Amy Vezza | Last call sent |
2008-10-21
|
07 | Amy Vezza | State Changes to In Last Call from Last Call Requested by Amy Vezza |
2008-10-21
|
07 | Ross Callon | Last Call was requested by Ross Callon |
2008-10-21
|
07 | (System) | Ballot writeup text was added |
2008-10-21
|
07 | (System) | Last call text was added |
2008-10-21
|
07 | (System) | Ballot approval text was added |
2008-10-21
|
07 | Ross Callon | State Changes to Last Call Requested from Publication Requested by Ross Callon |
2008-10-21
|
05 | (System) | New version available: draft-ietf-isis-hmac-sha-05.txt |
2008-07-29
|
07 | Ross Callon | PROTO Questionnaire and Write-up for: draft-ietf-isis-hmac-sha-04.txt Shepherding WG-Chair: Chris Hopps (chopps@rawdofmt.org) Questionnaire Q1) Have the chairs personally reviewed this version of … PROTO Questionnaire and Write-up for: draft-ietf-isis-hmac-sha-04.txt Shepherding WG-Chair: Chris Hopps (chopps@rawdofmt.org) Questionnaire Q1) Have the chairs personally reviewed this version of the Internet Draft (ID), and in particular, do they believe this ID is ready to forward to the IESG for publication? A1) Yes. Q2) Has the document had adequate review from both key WG members and key non-WG members? Do you have any concerns about the depth or breadth of the reviews that have been performed? A2) Adequately reviewed. Q3) Do you have concerns that the document needs more review from a particular (broader) perspective (e.g., security, operational complexity, someone familiar with AAA, etc.)? A3) No concerns. Q4) Do you have any specific concerns/issues with this document that you believe the ADs and/or IESG should be aware of? For example, perhaps you are uncomfortable with certain parts of the document, or have concerns whether there really is a need for it. In any event, if your issues have been discussed in the WG and the WG has indicated it that it still wishes to advance the document, detail those concerns in the write-up. A4) No concerns. 5) How solid is the WG consensus behind this document? Does it represent the strong concurrence of a few individuals, with others being silent, or does the WG as a whole understand and agree with it? A5) Strong Consensus. 6) Has anyone threatened an appeal or otherwise indicated extreme discontent? If so, please summarise the areas of conflict in separate email to the Responsible Area Director. A6) No. 7) Have the chairs verified that the document adheres to all of the ID Checklist items ? A7) Yes. 8) Is the document split into normative and informative references? Are there normative references to IDs, where the IDs are not also ready for advancement or are otherwise in an unclear state? (note here that the RFC editor will not publish an RFC with normative references to IDs, it will delay publication until all such IDs are also ready for publication as RFCs.) A8) The normative reference to RFC3567 is to an informational RFC. The standards track replacement is currently awaiting RFC number assignedment and it should replace this reference. 9) What is the intended status of the document? (e.g., Proposed Standard, Informational?) A9) Proposed Standard. *** Write-up ** Technical Summary This document updates the cryptographic security mechanism currently deployed for IS-IS. Two key improvements are realized with the new document. The first is the specification of stronger hash algorithms (SHA-X) to replace the less strong MD5 algorithm used in the previous specification. The second improvement is to establish the use of key IDs to allow for better specification of security associations. This allows for more efficient key replacement in an operating network. ** Working Group Summary The consensus was moderately strong for this specification. The specification updates an older security mechanism that various consumers have deemed insecure (MD5) and thus cannot be used. The need for the new scheme was accepted in the end with no controversy. During development 2 conflicting but very similiar drafts were merged with both sets of authors now present on the current document. ** Protocol Quality There are currently no implementations of this specification. As noted in the "Working Group Summary" there is a need in the community to replace the current cryptographic method used in IS-IS, with one that allows for more secure hashing algorithms. At least one author off the document is considered to be a security expert so the security review is considered strong. |
2008-04-10
|
07 | Ross Callon | Intended Status has been changed to Proposed Standard from None |
2008-02-08
|
07 | Ross Callon | Draft Added by Ross Callon in state Publication Requested |
2007-11-07
|
04 | (System) | New version available: draft-ietf-isis-hmac-sha-04.txt |
2007-05-01
|
03 | (System) | New version available: draft-ietf-isis-hmac-sha-03.txt |
2007-04-10
|
02 | (System) | New version available: draft-ietf-isis-hmac-sha-02.txt |
2007-02-26
|
01 | (System) | New version available: draft-ietf-isis-hmac-sha-01.txt |
2006-07-17
|
00 | (System) | New version available: draft-ietf-isis-hmac-sha-00.txt |