RFC 2154 (rfc2154) - Page 1 of 29


OSPF with Digital Signatures



Alternative Format: Original Text Document

Next >


Network Working Group                                          S. Murphy
Request for Comments: 2154                                     M. Badger
Category: Experimental                                     B. Wellington
                                             Trusted Information Systems
                                                               June 1997

                      OSPF with Digital Signatures

Status of this Memo

   This memo defines an Experimental Protocol for the Internet
   community.  This memo does not specify an Internet standard of any
   kind.  Discussion and suggestions for improvement are requested.
   Distribution of this memo is unlimited.

Abstract

   This memo describes the extensions to OSPF required to add digital
   signature authentication to Link State data, and to provide a
   certification mechanism for router data.  Added LSA processing and
   key management is detailed.  A method for migration from, or co-
   existence with, standard OSPF V2 is described.

Table of Contents

   1 Acknowledgements .............................................   2
   2 Introduction .................................................   2
   3 LSA Processing ...............................................   4
   3.1 Signed LSA .................................................   4
   3.2 Router Public Key LSA (PKLSA) ..............................   5
   3.3 MaxAge Processing ..........................................   7
   4 Key Management ...............................................   8
   4.1 Identifying Keys ...........................................   8
   4.1.1 Identifying Router Keys and PKLSAs .......................   8
   4.1.2 Identifying TE Public Keys ...............................   8
   4.1.3 Key to use for Signing ...................................   9
   4.1.4 Key to use for Verification ..............................   9
   4.2 Trusted Entity (TE) Requirements ...........................  10
   4.3 Scope for Keys and Signature Algorithms.....................  10
   4.4 Router Key Replacement .....................................  11
   4.5 Trusted Entity Key Replacement .............................  12
   4.6 Flexible Cryptographic Environments ........................  14
   4.6.1 Multiple Signature Algorithms ............................  14
   4.6.2 Multiple Trusted Entities ................................  15
   4.6.3 Multiple Keys for One Router .............................  16
   5 Compatibility with Standard OSPF V2 ..........................  16
   6 Special Considerations/Restrictions for the ABR-ASBR .........  17
   7 LSA formats ..................................................  18



Murphy, et. al.               Experimental


Next >


Web Standards & Support:

Link to and support eLook.org Powered by LoadedWeb Web Hosting
Valid XHTML 1.0! Valid CSS! eLook.org FireFox Extensions