RFC 2747 (rfc2747) - Page 1 of 21
RSVP Cryptographic Authentication
Alternative Format: Original Text Document
Network Working Group F. Baker
Request for Comments: 2747 Cisco
Category: Standards Track B. Lindell
USC/ISI
M. Talwar
Microsoft
January 2000
RSVP Cryptographic Authentication
Status of this Memo
This document specifies an Internet standards track protocol for the
Internet community, and requests discussion and suggestions for
improvements. Please refer to the current edition of the "Internet
Official Protocol Standards" (STD 1) for the standardization state
and status of this protocol. Distribution of this memo is unlimited.
Copyright Notice
Copyright (C) The Internet Society (2000). All Rights Reserved.
Abstract
This document describes the format and use of RSVP's INTEGRITY object
to provide hop-by-hop integrity and authentication of RSVP messages.
1. Introduction
The Resource ReSerVation Protocol RSVP [1] is a protocol for setting
up distributed state in routers and hosts, and in particular for
reserving resources to implement integrated service. RSVP allows
particular users to obtain preferential access to network resources,
under the control of an admission control mechanism. Permission to
make a reservation will depend both upon the availability of the
requested resources along the path of the data, and upon satisfaction
of policy rules.
To ensure the integrity of this admission control mechanism, RSVP
requires the ability to protect its messages against corruption and
spoofing. This document defines a mechanism to protect RSVP message
integrity hop-by-hop. The proposed scheme transmits an
authenticating digest of the message, computed using a secret
Authentication Key and a keyed-hash algorithm. This scheme provides
protection against forgery or message modification. The INTEGRITY
object of each RSVP message is tagged with a one-time-use sequence
Baker, et al. Standards Track
