I strongly agree with Manav here and an implementation must be able to demultiplex using the Key ID in the incoming packet. It is afterall for this very reason that we put the Key ID in the packet.
Erblichs point, as i read it is, that most implementations (if not all) currently take type 2 to mean MD5. This may break once this draft becomes a standard, which it would, in some time. My take on this is that even if the WG agrees to Erblichs solution and introduces a new type, say 3 for HMAC-SHA-1 authentication, then somebody else could repeat the same argument and clamour for a new type when we're introducing newer authentication algorithms in the future. Lets move on from this issue. Phil _______________________________________________ OSPF mailing list [email protected] https://www1.ietf.org/mailman/listinfo/ospf
