Re: I-D ACTION:draft-ietf-dhc-authentication-03.txt

Ralph Droms <droms@bucknell.edu> Sat, 30 November 1996 04:10 UTC

Received: from cnri by ietf.org id al03301; 29 Nov 96 23:10 EST
Received: from marge.bucknell.edu by CNRI.Reston.VA.US id aa14967; 29 Nov 96 17:01 EST
Received: from reef.bucknell.edu by mail.bucknell.edu; (5.65v3.2/1.1.8.2/17Jul96-0109PM) id AA18561; Fri, 29 Nov 1996 16:54:33 -0500
Date: Fri, 29 Nov 1996 16:54:33 -0500
Message-Id: <v02130504aec509f3fc34@[134.82.7.154]>
Errors-To: droms@bucknell.edu
Reply-To: dhcp-v4@bucknell.edu
Originator: dhcp-v4@bucknell.edu
Sender: dhcp-v4@bucknell.edu
Precedence: bulk
From: Ralph Droms <droms@bucknell.edu>
To: Multiple recipients of list <dhcp-v4@bucknell.edu>
Subject: Re: I-D ACTION:draft-ietf-dhc-authentication-03.txt
X-Listprocessor-Version: 6.0c -- ListProcessor by Anastasios Kotsikonas
X-Comment: Discussion of DHCP for IPv4
Mime-Version: 1.0

At 5:42 PM 11/26/96, Thomas Narten wrote:
>>   Appendix A - Key Management Technique
>>
>>   To avoid centralized management of a list of random keys, suppose K for
>>   each client is generated from the pair (client identifier, subnet
>>   address), which must be unique to that client.  That is, K =3D MD5(MK,
>>   unique-id), where MK is a secret master key and MD5 is some encoding
>>   function.
>
>In the first paragraph, it seems to me that you don't want the subnet
>address to be part of the computation, since that would change the key
>if the subnet was renumbered.

Oops - of course, including the subnet number in the key means that a=
 particular key will only be valid on one subnet.  I think we should take=
 the subnet out of the key generation mechanism for this suggested=
 technique, and accept the possibility of client-identifier (and, therefore,=
 key) collisions.

- Ralph