--- 1/draft-ietf-csi-send-name-type-registry-05.txt 2010-06-03 17:12:54.000000000 +0200 +++ 2/draft-ietf-csi-send-name-type-registry-06.txt 2010-06-03 17:12:54.000000000 +0200 @@ -1,21 +1,21 @@ Network Working Group R. Gagliano Internet-Draft Cisco Systems Updates: 3971 (if approved) S. Krishnan Intended status: Standards Track Ericsson -Expires: December 4, 2010 A. Kukec +Expires: December 5, 2010 A. Kukec University of Zagreb - June 2, 2010 + June 3, 2010 Subject Key Identifier (SKI) SEND Name Type fields. - draft-ietf-csi-send-name-type-registry-05 + draft-ietf-csi-send-name-type-registry-06 Abstract SEcure Neighbor Discovery (SEND) defines the Name Type field in the ICMPv6 Trust Anchor option. This document specifies new Name Type fields based on certificate Subject Key Identifiers (SKI). Status of this Memo This Internet-Draft is submitted in full conformance with the @@ -24,21 +24,21 @@ Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at http://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." - This Internet-Draft will expire on December 4, 2010. + This Internet-Draft will expire on December 5, 2010. Copyright Notice Copyright (c) 2010 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents @@ -155,21 +155,21 @@ | 6 | SHA-384 Subject Key Identifier (SKI) ( Section 3 ) | | 7 | SHA-512 Subject Key Identifier (SKI) ( Section 3 ) | | 253-254 | Experimental use ( Section 3 ) | | 255 | Reserved ( Section 3 ) | +---------+----------------------------------------------------+ Table 1: New Name Type field values in the ICMPv6 TA option IANA is also requested to modify the registration procedures for the Name Type field in the ICMPv6 Trust Anchor option registry to - Standard Action or IESG Approval. + Standard Action or IESG Approval [RFC5226]. 6. Security Considerations The hash functions referenced in this document to calculate the SKI have reasonable random properties in order to provide reasonably unique identifiers. Two identical identifiers in the same validation path will cause the router to stop fetching certificates once the first certificate has been fetched. In the case that the upward certificate was configured as TA by a host, the router will send to this host an incomplete list of certificates, causing the SEND @@ -200,25 +200,20 @@ [RFC3779] Lynn, C., Kent, S., and K. Seo, "X.509 Extensions for IP Addresses and AS Identifiers", RFC 3779, June 2004. [RFC3971] Arkko, J., Kempf, J., Zill, B., and P. Nikander, "SEcure Neighbor Discovery (SEND)", RFC 3971, March 2005. [RFC5226] Narten, T. and H. Alvestrand, "Guidelines for Writing an IANA Considerations Section in RFCs", BCP 26, RFC 5226, May 2008. - [RFC5280] Cooper, D., Santesson, S., Farrell, S., Boeyen, S., - Housley, R., and W. Polk, "Internet X.509 Public Key - Infrastructure Certificate and Certificate Revocation List - (CRL) Profile", RFC 5280, May 2008. - Authors' Addresses Roque Gagliano Cisco Systems Avenue des Uttins 5 Rolle, 1180 Switzerland Email: rogaglia@cisco.com