Low prices! Originals & Translations! Save your budget and time!
ONLINENORMS: Online Standards Store
Click View Shopping Cart
  1. Home
  2. ENGINEERING
  3. IETF RFC 5796 PDF

IETF RFC 5796 PDF

IETF RFC 5796 PDF

Name:
IETF RFC 5796 PDF

Published Date:
03/01/2010

Status:
[ Active ]

Description:

Authentication and Confidentiality in Protocol Independent Multicast Sparse Mode (PIM-SM) Link-Local Messages

Publisher:
Internet Engineering Task Force

Document status:
Active
Format:
Electronic (PDF)
Delivery time:
10 minutes
Delivery time (for Russian version):
200 business days
SKU:
Choose Document Language:
$11.1
Need Help?

Introduction

All the PIM-SM [RFC4601] control messages have IP protocol number 103. Some control messages are unicast; the rest are multicast with Time to Live (TTL) = 1. The source address used for unicast messages is a domain-wide reachable address. For the multicast messages, a link-local address of the interface on which the message is being sent is used as the source address and a special multicast address, ALL_PIM_ROUTERS (224.0.0.13 in IPv4 and ff02::d in IPv6) is used as the destination address. These messages are called link-local messages. Hello, Join/Prune, and Assert messages are included in this category. A forged link-local message may be sent to the ALL_PIM_ROUTERS multicast address by an attacker. This type of message affects the construction of the distribution tree [RFC4601]. The effects of these forged messages are outlined in Section 6.1 of [RFC4601]. Some of the effects are very severe, whereas some are minor.

PIM-SM version 2 was originally specified in RFC 2117 [RFC2117], and revised in RFC 2362 [RFC2362] and RFC 4601. RFC 4601 obsoletes RFC 2362, and corrects a number of deficiencies. The "Security Considerations" section of RFC 4601 is based primarily on the Authentication Header (AH) specification described in RFC 4302 [RFC4302].

Securing the unicast messages can be achieved by the use of a normal unicast IPsec Security Association (SA) between the two communicants.

This document focuses on the security issues for link-local messages. It provides some guidelines to take advantage of the new permitted AH functionality in RFC 4302 and the new permitted ESP functionality in RFC 4303 [RFC4303], and to bring the PIM-SM specification into alignment with the new AH and ESP specifications. In particular, in accordance with RFC 4301, the use of ESP is made mandatory and AH is specified as optional. This document specifies manual key management as mandatory to implement, i.e., that all implementations MUST support, and provides the necessary structure for an automated key management protocol that the PIM routers may use.


Edition : 10
File Size : 1 file , 33 KB
Number of Pages : 21
Published : 03/01/2010

History

Related products

IETF RFC 6854
IETF RFC 6854
Published Date: 03/01/2013
Update to Internet Message Format to Allow Group Syntax in the "From:" and "Sender:" Header Fields
$9.6

Best-Selling Products

Troubleshooting TCP - IP : Analyzing the Protocols of the Internet
Troubleshooting TCP - IP : Analyzing the Protocols of the Internet
Published Date: 09/01/1995
$13.5