Mark, >> http://www.ietf.org/id/draft-jakma-ospf-integrity-00.txt should work for >> operators who are only turning on OSPF authentication as a substitute for a >> stronger packet checksum. >> >> I had posted a survey on nanog (we had also exchanged a mail on this) on the >> same and while I only got 7 responses, 4 of those stated that they were >> indeed using IGP crypto only to get a better checksum mechanism. > > This is interesting.
Yes, it indeed is. > > Are there any folks in these mailing lists who use, or who know folks > that use, cryptographic authentication as a substitute for the > internet checksum that OSPF currently uses? None of the operators would be willing to disclose their security policies, so you will most likely never receive a response to such a query in public. You might get a few responses offline if you are lucky, but thats about it. Coming back to your question - Yes, i would wager that there might be a few that do this for precisely the reasons described in the original document. Glen _______________________________________________ OSPF mailing list [email protected] https://www.ietf.org/mailman/listinfo/ospf
