Hi Dacheng,
HW became more capable and we, one hopes, wiser. Perhaps it's time to re-visit
our options.
Regards,
Greg
-----Original Message-----
From: Dacheng Zhang [mailto:[email protected]]
Sent: Monday, November 23, 2015 11:12 PM
To: Gregory Mirsky; Marc Binderberger; Reshad Rahman (rrahman);
[email protected]; Stephen Farrell
Cc: [email protected]
Subject: Re: Request for WG adoption of draft-mahesh-bfd-authentication
在 15-11-24 下午2:46, "Gregory Mirsky" <[email protected]> 写入:
>Dear All,
>I'd like to share comment by Security AD Stephen Farrell on a work that
>is directly related to BFD, draft-ietf-mpls-lsp-ping-mpls-tp-oam-conf
>(hope it is OK to raise security awareness in BFD community):
>
>> - 2.1.1, is there any chance of moving on from the "Keyed SHA1"
>>
>> from RFC5880 to e.g. HMAC-SHA256 for this? We're generally trying to
>> get that kind of transition done as we can and moving to use of a
>> standard integrity check rather than a more home-grown one has some
>> benefits. The HMAC-SHA1-like thing you're doing is still probably ok,
>> (though could maybe do with crypto eyeballs on it as there may have
>> been relevant new results since 2010) but future-proofing would
>> suggest moving to HMAC-SHA256 if we can. (I can imagine such a change
>> might require a new document, but am asking anyway:-)
>>
>> GIM>> The fact is that we're bound by what is defined in RFC 5880.
>
>I wonder for how long though, that's now a five year old RFC.
>Assuming it takes a few years for new deployments to pick up new
>algorithms, isn't it time that a whole bunch of algorithm choices were
>revisited?
>
>> There was a proposal to strengthen BFD security BFD Generic
>>Cryptographic
>>Authentication<http://tools.ietf.org/html/draft-bhatia-bfd-crypto-auth
>>-03
>>> but the document had expired.
>
>Pity that.
I am one of the co-author of that draft. We didn’t try to update document
because we got the feedback from the group that the influence on the
performance is a big concern. That is why I raised the question in the last
email whether it is a good time for us to re-consider the usage of
aha-2 in BFD.
>
