| base.txt | issue60.txt | |
|---|---|---|
| Skipping to change at page 17, line 49: | ||
| and Redirect messages without the Signature option MUST be treated as | and Redirect messages without the Signature option MUST be treated as | |
| insecure, i.e., processed in the same way as NDP messages sent by a | insecure, i.e., processed in the same way as NDP messages sent by a | |
| non-SEND node. See Section 8. | non-SEND node. See Section 8. | |
| Router Solicitation messages without the Signature option MUST be | Router Solicitation messages without the Signature option MUST be | |
| also treated as insecure, unless the source address of the message is | also treated as insecure, unless the source address of the message is | |
| the unspecified address. | the unspecified address. | |
| A message containing a Signature option MUST be checked as follows: | A message containing a Signature option MUST be checked as follows: | |
| o The Signature option MUST appear as the last option. | o The receiver MUST ignore any options the come after the first | |
| Signature option. | ||
| o The Key Hash field MUST indicate the use of a known public key, | o The Key Hash field MUST indicate the use of a known public key, | |
| either one learned from a preceding CGA option, or one known by | either one learned from a preceding CGA option, or one known by | |
| other means. | other means. | |
| o The Digital Signature field MUST have correct encoding, and not | o The Digital Signature field MUST have correct encoding, and not | |
| exceed the length of the Signature option. | exceed the length of the Signature option. | |
| o The Digital Signature verification MUST show that the signature | o The Digital Signature verification MUST show that the signature | |
| has been calculated as specified in the previous section. | has been calculated as specified in the previous section. | |
| End of changes. | ||
This html diff was produced by rfcdiff v0.42, available from http://www.levkowetz.com/ietf/tools/rfcdiff/ | ||