Applicability of Keying Methods for RSVP Security
Cisco Systems Inc
Cisco Systems Inc
The Resource reSerVation Protocol (RSVP) allows hop-by-hop authentication of RSVP neighbors. This requires messages to be cryptographically signed using a shared secret between participating nodes. This document compares group keying for RSVP with per neighbor or per interface keying, and discusses the associated key provisioning methods as well as applicability and limitations of these approaches. Draft-weis-gdoi-for-rsvp specifies how the Group Domain of Interpretation (GDOI) can be used to distribute group keys to RSVP nodes. The present document also discusses applicability of such group keying to RSVP encryption.