Re: Security Architecture for DHCP
Ted Lemon <mellon@hoffman.vix.com> Sun, 20 April 1997 17:54 UTC
Received: from cnri by ietf.org id aa10069; 20 Apr 97 13:54 EDT
Received: from marge.bucknell.edu by CNRI.Reston.VA.US id aa22062; 20 Apr 97 13:54 EDT
Received: from reef.bucknell.edu by mail.bucknell.edu; (5.65v3.2/1.1.8.2/17Jul96-0109PM) id AA02516; Sun, 20 Apr 1997 13:49:51 -0400
Date: Sun, 20 Apr 1997 13:49:51 -0400
Message-Id: <199704201743.KAA02957@andare.fugue.com>
Errors-To: droms@bucknell.edu
Reply-To: dhcp-v4@bucknell.edu
Originator: dhcp-v4@bucknell.edu
Sender: dhcp-v4@bucknell.edu
Precedence: bulk
From: Ted Lemon <mellon@hoffman.vix.com>
To: Multiple recipients of list <dhcp-v4@bucknell.edu>
Subject: Re: Security Architecture for DHCP
X-Listprocessor-Version: 6.0c -- ListProcessor by Anastasios Kotsikonas
X-Comment: Discussion of DHCP for IPv4
Jim, there is some disagreement as to whether public key, by itself, will be a good choice for the DHCP authentication protocol. The reason is that public key signatures are fairly expensive to compute, and since we have to do it for every packet, this limits the number of transactions per second that a general purpose computer is likely to be able to support. This gets to be a big problem on Monday morning at 9:00 AM when 10,000 or more nodes try to boot at once. My personal belief is that private, shared secrets should be used in the default case, with public key as a fallback for cases where the server and the client are not yet known to each other. Did you by any chance have a chance to read the message I posted last week on what I thought the requirements for DHCP authentication were? _MelloN_
- Security Architecture for DHCP bound
- Re: Security Architecture for DHCP Ted Lemon
- Re: Security Architecture for DHCP bound
- Re: Security Architecture for DHCP bound
- Re: Security Architecture for DHCP Ted Lemon
- Re: Security Architecture for DHCP Olafur Gudmundsson
- Re: Security Architecture for DHCP bound