{
  "draft": "draft-ietf-bfd-secure-sequence-numbers",
  "doc_id": "RFC9986",
  "title": "Meticulous Keyed ISAAC for Bidirectional Forwarding Detection (BFD) Optimized Authentication",
  "authors": [
    "A. DeKok",
    "M. Jethanandani",
    "S. Agarwal",
    "A. Mishra",
    "J. Haas"
  ],
  "format": [
    "XML",
    "TEXT",
    "HTML",
    "PDF"
  ],
  "page_count": "29",
  "pub_status": "EXPERIMENTAL",
  "status": "EXPERIMENTAL",
  "source": "bfd",
  "abstract": "This document describes a Bidirectional Forwarding Detection (BFD) Optimized Authentication Mode known as Meticulous Keyed ISAAC Authentication. This mode can be used to authenticate some BFD packets with less CPU time cost than using MD5 or SHA-1 with the trade-off of decreased security. This mechanism cannot be used to signal state changes, but it can be used to maintain a session in the Up state.",
  "pub_date": "June 2026",
  "keywords": [
    "secure BFD",
    "replay packets",
    "spoofing",
    "pseudo-random number"
  ],
  "obsoletes": [],
  "obsoleted_by": [],
  "updates": [],
  "updated_by": [],
  "see_also": [],
  "doi": "10.17487/RFC9986",
  "errata_url": null
}