Upload
griffin-lewis
View
218
Download
2
Embed Size (px)
Citation preview
OSPF WG – IETF 68 - Prague
OSPF WG Document
Candidates
Acee Lindem/Redback Networks
OSPF WG – IETF 68 - Prague
Stronger Non-IPSec OSPFv2 Security draft-bhatia-manral-crypto-req-ospf-01.txt draft-bhatia-manral-white-ospf-hmac-sha-03.txt Presented in San Diego Support on OSPF WG List Impetus for non-IPSec Solution
Limitations in OSPFv3 IPSec with respect to replay protection
Simplicity and Affinity with existing OSPFv2 MD5 authentication
Allows stronger authentication without IPSec (not available on all platforms, offerings, etc).
Recommend Adoption as OSPF WG Document
OSPF WG – IETF 68 - Prague
OSPFv2 IPSec Security draft-gupta-ospf-ospfv2-sec-00.txt Not presented yet Impetus for OSPFv2 IPSec Solution
Affinity with OSPFv3 work on IPSec Alignment with IETF Security Direction Hopefully, easier migration to new algorithms, etc.
Recommend Review and Consideration - Will get it presented in Chicago (either by an author or myself)
OSPF WG – IETF 68 - Prague
Update to OSPF Graceful Restart draft-holla-ospf-update-graceful-restart-02.txt Presented in Montreal Two changes
Helper criteria for termination changed Explicit signaling for GR helper termination
Explicit signaling for GR helper has had some support (but primarily from a single enterprise)
There are situations where notification can be expedited.
Recommend making a decision Don’t like helper termination criteria since better
solutions have be proposed but no requirement
OSPF WG – IETF 68 - Prague
Extensions to OSPFv2 for Advertising Optional Route/Link Attributes draft-mirtorabi-ospf-tag-02.txt Provides a mechanism for advertising additional
attributes for OSPFv2 prefixes and links (e.g., Tag)
Requirement – As author, you know I believe there is a requirement
Can’t think of better way to do it. Interest in Implementation?