Search RFCs

RFC Editor

Found 1 record.

Status:Verified (1)

RFC 2747, "RSVP Cryptographic Authentication", January 2000

Note: This RFC has been updated byRFC 3097

Errata ID:4313
Status: Verified
Type: Technical
Publication Format(s) : TEXT
Reported By: Nikolai Malykh
Date Reported: 2015-03-25
Verifier Name: Martin Stiemerling
Date Verified: 2015-04-21

Section 3.2 says:

   In this approach, we could use an NTP based timestamp value as the   sequence number.  The roll-over period of an NTP timestamp is about   136 years, much longer than any reasonable lifetime of a key.  In   addition, the granularity of the NTP timestamp is fine enough to   allow the generation of an RSVP message every 200 picoseconds for a   given key.  Many real time clock modules do not have the resolution   of an NTP timestamp.  In these cases, the least significant bits of   the timestamp can be generated using a message counter, which is   reset every clock tick.  For example, when the real time clock   provides a resolution of 1 second, the 32 least significant bits of   the sequence number can be generated using a message counter.  The   remaining 32 bits are filled with the 32 least significant bits of   the timestamp.  Assuming that the recovery time after failure takes   longer than one tick of the real time clock, the message counter for   the low order bits can be safely reset to zero after a restart.

It should say:

   In this approach, we could use an NTP based timestamp value as the   sequence number.  The roll-over period of an NTP timestamp is about   136 years, much longer than any reasonable lifetime of a key.  In   addition, the granularity of the NTP timestamp is fine enough to   allow the generation of an RSVP message every 200 picoseconds for a   given key.  Many real time clock modules do not have the resolution   of an NTP timestamp.  In these cases, the least significant bits of   the sequence number can be generated using a message counter, which   is reset every clock tick.  For example, when the real time clock   provides a resolution of 1 second, the 32 least significant bits of   the sequence number can be generated using a message counter.  The   remaining 32 bits are filled with the 32 most significant bits of   the timestamp.  Assuming that the recovery time after failure takes   longer than one tick of the real time clock, the message counter for   the low order bits can be safely reset to zero after a restart.

Notes:

32 least significant bits of the timestamp will in this case be set to zero.

Report New Errata