[c-nsp] Securing OSPFv3 on 6500/7600 Routers?

Dobbins, Roland rdobbins at arbor.net
Thu Jan 6 00:50:43 EST 2011


On Jan 6, 2011, at 12:45 PM, Mikael Abrahamsson wrote:

> It's usually not about intentional attacks, it's also about unintentional 
> consequences of mistakes.

Concur 100%.

> Short, not adding MD5 support in OSPFv3 was a design mistake, I'm sure it 
> looked good on paper but it's not good in real life.

Um, I thought multiple vendors supported MD5 for OSPFv3, do they not?  That's what I was alluding to when I said that MD5 should suffice.

If I'm wrong about this, thanks much for the schooling!

------------------------------------------------------------------------
Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>

Most software today is very much like an Egyptian pyramid, with millions
of bricks piled on top of each other, with no structural integrity, but
just done by brute force and thousands of slaves.

			  -- Alan Kay




More information about the cisco-nsp mailing list