| rfc7298v3.txt | rfc7298.txt | |||
|---|---|---|---|---|
| skipping to change at page 6, line 42 | skipping to change at page 6, line 42 | |||
| Many practical applications of HMAC for authentication of datagram- | Many practical applications of HMAC for authentication of datagram- | |||
| based network protocols (including routing protocols) involve the | based network protocols (including routing protocols) involve the | |||
| padding procedure, a design-specific conditioning of the message that | padding procedure, a design-specific conditioning of the message that | |||
| both the sender and the receiver perform before the HMAC computation. | both the sender and the receiver perform before the HMAC computation. | |||
| The specific padding procedure of this mechanism addresses the | The specific padding procedure of this mechanism addresses the | |||
| following needs: | following needs: | |||
| o Data Initialization | o Data Initialization | |||
| A design that places the HMAC result(s) computed for a message | A design that places the HMAC result(s) computed for a message | |||
| inside the same message after the computation has to allocate in | inside that same message after the computation has to have | |||
| the message some data unit(s) purposed for the result(s) (in this | previously (i.e., before the computation) allocated in that | |||
| mechanism, it is the HMAC TLV(s); see Section 4.3). The padding | message some data unit(s) purposed specifically for those HMAC | |||
| procedure sets the respective octets of the data unit(s), in the | result(s) (in this mechanism, it is the HMAC TLV(s); see | |||
| simplest case to a fixed value known as the padding constant. | Section 4.3). The padding procedure sets the respective octets of | |||
| the data unit(s), in the simplest case to a fixed value known as | ||||
| the padding constant. | ||||
| The particular value of the constant is specific to each design. | The particular value of the constant is specific to each design. | |||
| For instance, in [RIP2-AUTH] as well as works derived from it | For instance, in [RIP2-AUTH] as well as works derived from it | |||
| ([ISIS-AUTH-B], [OSPF2-AUTH], and [OSPF3-AUTH-BIS]), the value is | ([ISIS-AUTH-B], [OSPF2-AUTH], and [OSPF3-AUTH-BIS]), the value is | |||
| 0x878FE1F3. In many other designs (for instance, [RFC3315], | 0x878FE1F3. In many other designs (for instance, [RFC3315], | |||
| [RFC3931], [RFC4030], [RFC4302], [RFC5176], and [ISIS-AUTH-A]), | [RFC3931], [RFC4030], [RFC4302], [RFC5176], and [ISIS-AUTH-A]), | |||
| the value is 0x00. | the value is 0x00. | |||
| However, the HMAC construction is defined on the basis of a | However, the HMAC construction is defined on the basis of a | |||
| cryptographic hash algorithm, that is, an algorithm meeting a | cryptographic hash algorithm, that is, an algorithm meeting a | |||
| particular set of requirements made for any input message. Thus, | particular set of requirements made for any input message. Thus, | |||
| any padding constant values, whether single- or multiple-octet, as | any padding constant values, whether single- or multiple-octet, as | |||
| well as any other message-conditioning methods, don't affect | well as any other message-conditioning methods, don't affect | |||
| cryptographic characteristics of the hash algorithm and the HMAC | cryptographic characteristics of the hash algorithm and the HMAC | |||
| construction, respectively. | construction, respectively. | |||
| End of changes. 2 change blocks. | ||||
| 6 lines changed or deleted | 7 lines changed or added | |||
This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||