Hi Tom, RFC 6506 specifies how to work with OSPFv3 header checksum, but does not specify how to work with LLS data block checksum. For interoperability reasons it would be very useful if it's documented.
There are basically only two options: a) compute LLS checksum as usual b) omit, like for OSPFv3 Header checksum Errata suggests b) because I do not see why to authenticate portion of packet 2x. It may be seen as operational change if there's some implementation doing a). Are you aware of any? Thanks marek -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of t.petch Sent: Friday, March 29, 2013 10:10 PM To: [email protected]; [email protected]; [email protected] Cc: [email protected] Subject: Re: [OSPF] [Technical Errata Reported] RFC6506 (3567) Looks like a functional change to me. Tom Petch ----- Original Message ----- From: "RFC Errata System" <[email protected]> To: <[email protected]>; <[email protected]>; <[email protected]>; <[email protected]>; <[email protected]>; <[email protected]>; <[email protected]> Cc: <[email protected]>; <[email protected]> Sent: Wednesday, March 27, 2013 12:37 PM > The following errata report has been submitted for RFC6506, > "Supporting Authentication Trailer for OSPFv3". > > -------------------------------------- > You may review the report below and at: > http://www.rfc-editor.org/errata_search.php?rfc=6506&eid=3567 > > -------------------------------------- > Type: Technical > Reported by: Marek Karasek <[email protected]> > > Section: 2.2 > > Original Text > ------------- > Consistent with OSPFv2 Cryptographic Authentication [RFC2328], both > OSPFv3 header checksum calculation and verification are omitted when > the OSPFv3 authentication mechanism described in this specification > is used. > > > Corrected Text > -------------- > OSPFv3 authentication mechanism provides capability to detect corruption of > OSPFv3 packet, which is under non authenticated operation achieved using OSPFv3 > header checksum [RFC 5340] and LLS data block checksum [RFC 5613]. In spirit of > OSPFv2 Cryptographic Authentication [RFC2328], OSPFv3 header checksum and LLS > Data Block Checksum calculation and verification are omitted when the OSPFv3 > authentication mechanism described in this specification is used. > > Notes > ----- > RFC does not specify how to work with LLS Data Block Checksum. Errata suggests omit checksum calculation/verification in the same way like for OSPFv3 header checksum. > > Instructions: > ------------- > This errata is currently posted as "Reported". If necessary, please > use "Reply All" to discuss whether it should be verified or rejected. > When a decision is reached, the verifying party (IESG) can log in to > change the status and edit the report, if necessary. > > -------------------------------------- > RFC6506 (draft-ietf-ospf-auth-trailer-ospfv3-11) > -------------------------------------- > Title : Supporting Authentication Trailer for OSPFv3 > Publication Date : February 2012 > Author(s) : M. Bhatia, V. Manral, A. Lindem > Category : PROPOSED STANDARD > Source : Open Shortest Path First IGP > Area : Routing > Stream : IETF > Verifying Party : IESG > _______________________________________________ OSPF mailing list [email protected] https://www.ietf.org/mailman/listinfo/ospf _______________________________________________ OSPF mailing list [email protected] https://www.ietf.org/mailman/listinfo/ospf
