> On Feb 19, 2023, at 2:29 AM, Gun Vinayaka <[email protected]> wrote: > > Thanks Acede for the clarification. > > Please share info if other protocols such as ISIS or BFD have a significant > advantage by having different authentication types for MD5 and HMAC_SHA2.
No - note that they don’t include a key-id in the packet. Thanks, Acee > > Thanks, > Vinayaka G > > On Thu, Feb 16, 2023 at 10:52 PM Acee Lindem <[email protected]> wrote: > Hi Gun, > > RFC 2328 defined type 2 to generically refer to all cryptographic > authentication types. Given that the key-id implies both the specific > authentication algorithm and the key, I don’t see that this is a problem or > that using different OSPF authentication types would have provided any > significant advantage (unless you’re an attacker and MD5 is being used) > > Thanks, > Acede > > > On Feb 16, 2023, at 7:15 AM, Gun Vinayaka <[email protected]> wrote: > > > > Hi ALL, > > > > As per RFC 2328 for OSPFv2 authentication type 2 is used for cryptographic > > authentication wherein keyed MD5 was mentioned. > > > > Same authentication type is used for HMAC-SHA2 family algorithms mentioned > > via RFC 5709. > > > > For ISIS authentication type varies between MD5 and HMAC-SHA2 family. The > > same case applies to BFD as well (different authentication types are used > > for keyed-MD5, keyed SHA etc..). > > > > If other protocols such as ISIS and BFD have a different authentication > > types for MD5 and HMAC-SHA for what reason OSPF has to use same > > authentication type for MD5 and HMAC-SHA2 family. > > > > Thanks, > > Vinayaka G > > > > _______________________________________________ > > Lsr mailing list > > [email protected] > > https://www.ietf.org/mailman/listinfo/lsr > _______________________________________________ Lsr mailing list [email protected] https://www.ietf.org/mailman/listinfo/lsr
