base.txt		issue59.txt
Skipping to change at page 14, line 22:
All nodes that support the verification of the CGA option MUST record		All nodes that support the verification of the CGA option MUST record
the following configuration information:		the following configuration information:
minbits		minbits
The minimum acceptable key length for the public keys used in the		The minimum acceptable key length for the public keys used in the
generation of the CGA address. The default SHOULD be 1024 bits.		generation of the CGA address. The default SHOULD be 1024 bits.
Implementations MAY also set an upper limit in order to limit the		Implementations MAY also set an upper limit in order to limit the
amount of computation they need to perform when verifying packets		amount of computation they need to perform when verifying packets
that use these security associations. Any implementation should		that use these security associations. The upper limit SHOULD be
follow prudent cryptographic practice in determining the		at least 2048 bits. Any implementation should follow prudent
appropriate key lengths.		cryptographic practice in determining the appropriate key lengths.
minSec		minSec
The minimum acceptable Sec value, if CGA verification is required		The minimum acceptable Sec value, if CGA verification is required
(see Section 2 in [12]). This parameter is intended to facilitate		(see Section 2 in [12]). This parameter is intended to facilitate
future extensions and experimental work. Currently, the minSec		future extensions and experimental work. Currently, the minSec
value SHOULD always be set to zero.		value SHOULD always be set to zero.
All nodes that support the sending of the CGA option MUST record the		All nodes that support the sending of the CGA option MUST record the
following configuration information:		following configuration information:
End of changes.
This html diff was produced by rfcdiff v0.42, available from http://www.levkowetz.com/ietf/tools/rfcdiff/