Hi Rajesh, I agree that such a distinction is indeed required. However, cant the KeyID be used for such purposes? How about also associating the authentication type with the Key ID. Thus one knows that if the incoming packet is coming with KeyID X then its normal cryptographic authentication, and if its coming with Y, then its the crypto session with Session ID and Nonce. This would also dictate how this packet should be further parsed.
I am btw also amenable to the idea of breaking the 16 bit reserved field into an 8 bit reserved field and an 8 bit AuType field. However, just want to make sure that we absolutely need this before doing it. Would also like to hear what others in WG think about this. Cheers, Manav ________________________________ From: [email protected] [mailto:[email protected]] On Behalf Of Rajesh Shetty Sent: Friday, January 21, 2011 7.32 AM To: [email protected] Subject: [OSPF] AUTH TYPE Hi Manav, Auth Type we might need to add in AT(Authentication Trailer) Header for extensibility. Currently itself we can see the usage of Auth Type. Auth Type = 0 = Cryptographic authentication Auth Type = 1 (May be) = Cryptographic authentication with Session ID/Nonce support (security extension for ospfv3 when using manual key management) So its better to replace Reserved filed with Auth Type. Thanks Rajesh.
_______________________________________________ OSPF mailing list [email protected] https://www.ietf.org/mailman/listinfo/ospf
