[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [dhcwg] Accepting the following draft as WG work item (pending discussion)

To: DHC WG <dhcwg at ietf.org>
Subject: Re: [dhcwg] Accepting the following draft as WG work item (pending discussion)
From: Ted Lemon <Ted.Lemon at nominum.com>
Date: Wed, 17 Sep 2008 22:35:54 -0700
Delivered-to: ietfarch-dhcwg-web-archive at core3.amsl.com
Delivered-to: dhcwg at core3.amsl.com
In-reply-to: <C4F75EBC.852E1%john_brzozowski at cable.comcast.com>
List-archive: <https://www.ietf.org/mailman/private/dhcwg>
List-help: <mailto:dhcwg-request@ietf.org?subject=help>
List-id: <dhcwg.ietf.org>
List-post: <mailto:dhcwg@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
References: <C4F75EBC.852E1%john_brzozowski at cable.comcast.com>
Sender: dhcwg-bounces at ietf.org

On Sep 17, 2008, at 10:26 PM, John Jason Brzozowski wrote:
> However, prior to doing so we agreed that some additional  
> discussions is
> required.  Specifically, we are requesting that the dhc WG consider  
> whether
> disabling or turning off security is acceptable or if a nonce method  
> (as
> specified as part of DHCPv6) should be required?

I was one of the people (perhaps the only one - I don't remember!) who  
wanted to know why we couldn't use a nonce.   My recollection is that  
the authors agreed to look into the nonce security model as defined in  
RFC3315.

My position on this was that a draft adapting the nonce model for use  
with DHCPv4 would be worth considering.   However, this draft contains  
no security precautions at all, meaning that it would be trivial for  
an attacker to trigger a renew on a client that implemented it.   So  
I'd be against adopting this draft as it stands as a WG item.

_______________________________________________
dhcwg mailing list
dhcwg at ietf.org
https://www.ietf.org/mailman/listinfo/dhcwg

Follow-Ups:
- Re: [dhcwg] Accepting the following draft as WG work item (pendingdiscussion)
  - From: MILES DAVID

References:
- [dhcwg] Accepting the following draft as WG work item (pending discussion)
  - From: John Jason Brzozowski

Prev by Date: [dhcwg] Accepting the following draft as WG work item (pending discussion)
Next by Date: Re: [dhcwg] FW: Discussion of draft-ietf-dhc-l2ra-01.txt prior to dhc WG last call
Previous by thread: [dhcwg] Accepting the following draft as WG work item (pending discussion)
Next by thread: Re: [dhcwg] Accepting the following draft as WG work item (pendingdiscussion)
Index(es):
- Date
- Thread