List,
the next (04) revision of the Babel authentication I-D is available at:
http://tools.ietf.org/html/draft-ovsienko-babel-hmac-authentication-04
Technical improvements are as follows.
* The previous revisions missed the case of IPv4 exchange of Babel datagrams,
which is valid according to RFC6126 even if not currently implemented.
* The two mandatory-to-implement hash algorithms are now RIPEMD-160 and SHA-1
(they were SHA-512 and Whirlpool). The thinking behind this is based on
HMAC-specific considerations (see Section 2.1), protocol encoding footprint and
processing throughput.
* Any TS/PC TLVs in a packet besides the 1st are now considered a violation.
* The TS/PC and HMAC TLVs don't have to be the last in the sequence, although
that is the recommended implementation approach (now with a diagram and an
explanatory note).
To my best understanding, the current code base of Quagga-RE babeld complies
with the new revision.
Thank you.
--
Denis Ovsienko
_______________________________________________
Babel-users mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/babel-users
