In message <c72cbd9fe3ca604887b1b3f1d145d05e7dc...@szxeml501-mbx.china.huawei.com> "Dacheng Zhang(Dacheng)" writes: > > >>It would be better to exchange a session key rather than just a > >>session ID. The reason to do this is so as not to use the same > >>session key over a long period of time and to use the shared or > >>public/private keys infrequently to provide very little data on which > >>to try to reverse engineer the keys. > > This draft assumes there is no automatic key management system > provided. If there is a auto KMP, challenge/response solution will not > be needed. Do you suggest that we should integrate a key negotiation > process in OSPF?
This is about a session key. The session key is determined through an exchange that makes use of a shared or public/private key. OSPF has had a clear text password for decades and better authentication as time goes on that didn't put the key (password) in the clear. A shared key already exists so now new key management is being suggested. Curtis _______________________________________________ OSPF mailing list [email protected] https://www.ietf.org/mailman/listinfo/ospf
