OSPF WG – IETF 68 - Prague

OSPF WG Document

Candidates

Acee Lindem/Redback Networks

OSPF WG – IETF 68 - Prague

Stronger Non-IPSec OSPFv2 Security draft-bhatia-manral-crypto-req-ospf-01.txt draft-bhatia-manral-white-ospf-hmac-sha-03.txt Presented in San Diego Support on OSPF WG List Impetus for non-IPSec Solution

Limitations in OSPFv3 IPSec with respect to replay protection

Simplicity and Affinity with existing OSPFv2 MD5 authentication

Allows stronger authentication without IPSec (not available on all platforms, offerings, etc).

Recommend Adoption as OSPF WG Document

OSPF WG – IETF 68 - Prague

OSPFv2 IPSec Security draft-gupta-ospf-ospfv2-sec-00.txt Not presented yet Impetus for OSPFv2 IPSec Solution

Affinity with OSPFv3 work on IPSec Alignment with IETF Security Direction Hopefully, easier migration to new algorithms, etc.

Recommend Review and Consideration - Will get it presented in Chicago (either by an author or myself)

OSPF WG – IETF 68 - Prague

Update to OSPF Graceful Restart draft-holla-ospf-update-graceful-restart-02.txt Presented in Montreal Two changes

Helper criteria for termination changed Explicit signaling for GR helper termination

Explicit signaling for GR helper has had some support (but primarily from a single enterprise)

There are situations where notification can be expedited.

Recommend making a decision Don’t like helper termination criteria since better

solutions have be proposed but no requirement

OSPF WG – IETF 68 - Prague

Extensions to OSPFv2 for Advertising Optional Route/Link Attributes draft-mirtorabi-ospf-tag-02.txt Provides a mechanism for advertising additional

attributes for OSPFv2 prefixes and links (e.g., Tag)

Requirement – As author, you know I believe there is a requirement

Can’t think of better way to do it. Interest in Implementation?