UNLIMITED FREE ACCESS TO THE WORLD'S BEST IDEAS

SUBMIT
Already a GlobalSpec user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your GlobalSpec Experience

Select Your Free Newsletters

Industry Newsletters

Select Your Free Product Alerts

Finish!
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

IETF - RFC 9145

Integrity Protection for the Network Service Header (NSH) and Encryption of Sensitive Context Headers

active, Most Current
Organization: IETF
Publication Date: 1 December 2021
Status: active
Page Count: 25
scope:

Abstract

This specification presents an optional method to add integrity protection directly to the Network Service Header (NSH) used for Service Function Chaining (SFC). Also, this specification allows for the encryption of sensitive metadata (MD) that is carried in the NSH.

Document History

RFC 9145
December 1, 2021
Integrity Protection for the Network Service Header (NSH) and Encryption of Sensitive Context Headers
Abstract This specification presents an optional method to add integrity protection directly to the Network Service Header (NSH) used for Service Function Chaining (SFC). Also, this specification...

References

This document references:
IETF RFC 4868 - Using HMAC-SHA-256, HMAC-SHA-384, and HMAC-SHA-512 with IPsec
Published by IETF on May 1, 2007
This specification describes the use of Hashed Message Authentication Mode (HMAC) in conjunction with the SHA-256, SHA-384, and SHA-512 algorithms in IPsec. These algorithms may be used as the basis...
This document references:
IETF RFC 5116 - An Interface and Algorithms for Authenticated Encryption
Published by IETF on January 1, 2008
This document defines algorithms for Authenticated Encryption with Associated Data (AEAD), and defines a uniform interface and a registry for such algorithms. The interface and registry can be used...
This document references:
IETF RFC 7635 - Session Traversal Utilities for NAT (STUN) Extension for Third-Party Authorization
Published by IETF on August 1, 2015
This document proposes the use of OAuth 2.0 to obtain and validate ephemeral tokens that can be used for Session Traversal Utilities for NAT (STUN) authentication. The usage of ephemeral tokens...
This document references:
IETF RFC 8300 - Network Service Header (NSH)
Published by IETF on January 1, 2018
This document describes a Network Service Header (NSH) imposed on packets or frames to realize Service Function Paths (SFPs). The NSH also provides a mechanism for metadata exchange along the...
This document references:
IETF RFC 8915 - Network Time Security for the Network Time Protocol
Published by IETF on September 1, 2020
Abstract This memo specifies Network Time Security (NTS), a mechanism for using Transport Layer Security (TLS) and Authenticated Encryption with Associated Data (AEAD) to provide cryptographic...
This document is referenced by:
RFC 9263 - Network Service Header (NSH) Metadata Type 2 Variable-Length Context Headers
Published by IETF on August 1, 2022
Service Function Chaining (SFC) uses the Network Service Header (NSH) (RFC 8300) to steer and provide context metadata (MD) with each packet. Such metadata can be of various types, including MD Type...
This document is referenced by:
RFC 9451 - Operations, Administration, and Maintenance (OAM) Packet and Behavior in the Network Service Header (NSH)
Published by IETF on August 1, 2023
This document clarifies an ambiguity in the Network Service Header (NSH) specification related to the handling of O bit. In particular, this document clarifies the meaning of "OAM packet". This...
This document is referenced by:
RFC 9516 - Active Operations, Administration, and Maintenance (OAM) for Service Function Chaining (SFC)
Published by IETF on November 1, 2023
Abstract A set of requirements for active Operations, Administration, and Maintenance (OAM) for Service Function Chaining (SFC) in a network is presented in this document. Based on these...
View Less
View All
Advertisement