Re: [Dhcpv6bis] [dhcwg] seDHCPv6 update and next steps ...

Francis Dupont <Francis.Dupont@fdupont.fr> Thu, 27 July 2017 19:16 UTC

Return-Path: <Francis.Dupont@fdupont.fr>
X-Original-To: dhcpv6bis@ietfa.amsl.com
Delivered-To: dhcpv6bis@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 47E3513216E for <dhcpv6bis@ietfa.amsl.com>; Thu, 27 Jul 2017 12:16:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0IyuCafTTDem for <dhcpv6bis@ietfa.amsl.com>; Thu, 27 Jul 2017 12:16:50 -0700 (PDT)
Received: from givry.fdupont.fr (givry.fdupont.fr [IPv6:2001:41d0:1:6d55:211:5bff:fe98:d51e]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 40971132181 for <dhcpv6bis@ietf.org>; Thu, 27 Jul 2017 12:16:50 -0700 (PDT)
Received: from givry.fdupont.fr (localhost [IPv6:::1]) by givry.fdupont.fr (8.14.7/8.14.7) with ESMTP id v6RIxr10093609; Thu, 27 Jul 2017 20:59:53 +0200 (CEST) (envelope-from dupont@givry.fdupont.fr)
Message-Id: <201707271859.v6RIxr10093609@givry.fdupont.fr>
From: Francis Dupont <Francis.Dupont@fdupont.fr>
To: "Bernie Volz (volz)" <volz@cisco.com>
cc: Ted Lemon <ted.lemon@nominum.com>, "'dhcpv6bis@ietf.org'" <dhcpv6bis@ietf.org>, Tomek Mrugalski <tomasz.mrugalski@gmail.com>, Lishan Li <lilishan48@gmail.com>, "draft-ietf-dhc-sedhcpv6@tools.ietf.org" <draft-ietf-dhc-sedhcpv6@tools.ietf.org>, 神明達哉 <jinmei@wide.ad.jp>
In-reply-to: Your message of Mon, 24 Jul 2017 21:32:39 -0000. <87f4ce9751c749d5813173ccb7e23598@XCH-ALN-003.cisco.com>
Date: Thu, 27 Jul 2017 20:59:53 +0200
Archived-At: <https://mailarchive.ietf.org/arch/msg/dhcpv6bis/62NQljM0Pd5Oi3X03EOBI7XRS3o>
Subject: Re: [Dhcpv6bis] [dhcwg] seDHCPv6 update and next steps ...
X-BeenThere: dhcpv6bis@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "DHCPv6 \(RFC3315\) bis discussion list" <dhcpv6bis.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dhcpv6bis>, <mailto:dhcpv6bis-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dhcpv6bis/>
List-Post: <mailto:dhcpv6bis@ietf.org>
List-Help: <mailto:dhcpv6bis-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dhcpv6bis>, <mailto:dhcpv6bis-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 27 Jul 2017 19:16:52 -0000

In your previous mail you wrote:
>  The analysis that Francis did might help (attached), but he didn't
>  address whether the server's response contained anything that could be
>  "sensitive" (probably not).

=> in the "coffee-shop" case I can't see what the DHCP server could know
which is "sensitive" so I added nothing about from server to client
messages. BTW there are some recommendations in the two RFCs I
referenced because these messages can have an impact on privacy
in some other cases, and 3315bis privacy considerations have some
statements about resource allocation strategies.
(i.e. it was not relevant in my analysis but is not neutral in some
particular cases).

Regards

Francis.Dupont@fdupont.fr

PS: I don't put again the whole message but the analysis was about
opportunistic encryption in the coffee-shop case.