[Xorp-users] MD5 Support

Vincent Jardin vjardin@free.fr
Fri, 13 Aug 2004 19:39:23 +0200


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> Future Directions for XORP
> --------------------------
>
> As PF_KEY is somewhat standardized (RFC 2367 Informational) and well
> documented (UNIX Network Programming Vol1 2e Fenner et al) this is a
> portable way of achieving this across the BSDs. Linux (FreeS/WAN et
> cetera) may be another story.

FYI, Linux does support PF_KEY too.

>
> Future Directions for TCP-MD5
> -----------------------------
>
> This would however require that applications such as Quagga and XORP speak
> fluent PF_KEY in the BSD dialect.

I think that the routing protocols will have to speak fluently PF_KEY because 
even for OSPFv2/MD5 or RIP/MD5 the keys could be provided by a "key daemon". 
This concept is already described by the RFC 2367, section 1.2 and section 
5.3 (OSPF Securrity Example).

Regards,
  Vincent
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (FreeBSD)

iD8DBQFBHPzRj1uHAMmANdgRAprWAKDtG8oLQUa7SevIgqVNyjZpzsguoACfZMUy
LsKFJkGeWhH+lhXNZw7ShA4=
=Lvtl
-----END PGP SIGNATURE-----