IS-IS Generic Cryptographic Authentication
Draft of message to be sent after approval:
From: The IESG <email@example.com> To: IETF-Announce <firstname.lastname@example.org> Cc: Internet Architecture Board <email@example.com>, RFC Editor <firstname.lastname@example.org>, isis mailing list <email@example.com>, isis chair <firstname.lastname@example.org> Subject: Protocol Action: 'IS-IS Generic Cryptographic Authentication' to Proposed Standard The IESG has approved the following document: - 'IS-IS Generic Cryptographic Authentication ' <draft-ietf-isis-hmac-sha-08.txt> as a Proposed Standard This document is the product of the IS-IS for IP Internets Working Group. The IESG contact persons are Ross Callon and David Ward. A URL of this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-isis-hmac-sha-08.txt
Technical Summary This document proposes an extension to Intermediate System to Intermediate System (IS-IS) to allow the use of any cryptographic authentication algorithm in addition to the already documented authentication schemes, described in the base specification and RFC 5304. Although this document has been written specifically for using the Hashed Message Authentication Code (HMAC) construct along with the Secure Hash Algorithm (SHA) family of cryptographic hash functions, the method described in this document is generic and can be used to extend IS-IS to support any cryptographic hash function in the future. Working Group Summary Moderately strong consensus reported (see PROTO writeup by Chris Hopps in the ID tracker). Document Quality No current implementations as far as we know. There is a need to replace the current cryptographic method used in IS-IS (MD5), with one that allows for more secure hashing algorithms. The document has been updated in response to last call comments from Alfred Hines. Personnel Chris Hopps is the document shepherd for this document. Ross Callon is the Responsible Area Director. RFC Editor Note Please add RFC4086 to the Informative References (section 7.2). (note that there is a reference to rfc4086 in section 4).