[dhcwg] Open Issues for Secure DHCPv6

Lishan Li <lilishan48@gmail.com> Wed, 15 June 2016 14:57 UTC

Return-Path: <lilishan48@gmail.com>
X-Original-To: dhcwg@ietfa.amsl.com
Delivered-To: dhcwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2AF9412D836 for <dhcwg@ietfa.amsl.com>; Wed, 15 Jun 2016 07:57:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.449
X-Spam-Level:
X-Spam-Status: No, score=-2.449 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oBT3ElR2r04G for <dhcwg@ietfa.amsl.com>; Wed, 15 Jun 2016 07:57:16 -0700 (PDT)
Received: from mail-qk0-x22c.google.com (mail-qk0-x22c.google.com [IPv6:2607:f8b0:400d:c09::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 12E6912D85E for <dhcwg@ietf.org>; Wed, 15 Jun 2016 07:57:13 -0700 (PDT)
Received: by mail-qk0-x22c.google.com with SMTP id s186so21050985qkc.1 for <dhcwg@ietf.org>; Wed, 15 Jun 2016 07:57:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:from:date:message-id:subject:to; bh=wydMpbL8X1Hssv0yovEhcJU4zawioXY7tjFWqDhqiIc=; b=UuaTorF6vfN4iPsNtcrKeNA3ceKLXoqO+sIkep4B95CgaPYA96sNF8fNiBrCBS/G9T Wrkld2uGPlURwmuxQZjwzT6eaP/J9t5SOHhIR80PsTZmdqRXvL/0x9kpIDrBkDWC7Z0S 25b8NpHh0NFghrpmS96EKLKmOPpzQzHNbrUHAbBYa8uCbyIWFWQqKvrpWrOYckMiBTYc u5Pokd7a4uA0bA79xMOL0GihSY88EhfjvS+swR78aHyQkEE4kCtkmwQmRzD6zip1KZzv qMSssnRMOaW47S26Wblxgh+gS6+3T6AoPb7+2pJFHZmt1OYzVNrx/XofLDCKa1DgZEsY RCSw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=wydMpbL8X1Hssv0yovEhcJU4zawioXY7tjFWqDhqiIc=; b=EEYz3n1dVoHiVlVSCmYAe75IItz/oUqIJHAVc7x/4SIbiWgTVyQtkAJHJb8w8d9Iqa o1VHcyQPfxUW9JYfyGahngUoS7C6zfbn2oS2p/bjYGCjbUXpxeGcpA8PyB49w/P27zzu yylwKACyBQK2B/tuWDUtyaWula6qdIkOfrNGvXUP1/7YBcWOS0HbuGtOk+Ozukwj20Z1 wH+t9o3/JpSYha81ZrQYwl8Betm5aA+706YC6myxCNEnzK5ig9eOorcqYBCn8K7nIR4t WxdVztJOTs/Tvc0B/s9fzD4jDXLs1hs7iyw225kFBM3ok6VnlQhc8raBPGtRbL8RB/I/ jdLA==
X-Gm-Message-State: ALyK8tI1IrHbAg/GpqAfv15TvxVcFf2PKK5Xlf/NX6z82qhOfqbZY5JRC+djteIqRMSb79xUWsgRhwuvoz4f8Q==
X-Received: by 10.200.37.98 with SMTP id 31mr26058863qtn.82.1466002632112; Wed, 15 Jun 2016 07:57:12 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.200.44.65 with HTTP; Wed, 15 Jun 2016 07:57:11 -0700 (PDT)
From: Lishan Li <lilishan48@gmail.com>
Date: Wed, 15 Jun 2016 22:57:11 +0800
Message-ID: <CAJ3w4NeoF7DC91ST=814wq61cTXd8SYUDT1VvJ73Uy_Vhoqk3A@mail.gmail.com>
To: dhcwg <dhcwg@ietf.org>
Content-Type: multipart/alternative; boundary=001a11403cdc20b9cc05355256f7
Archived-At: <https://mailarchive.ietf.org/arch/msg/dhcwg/-GNH6-hnhZ4__Mndp7WOUO3mAT0>
Subject: [dhcwg] Open Issues for Secure DHCPv6
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: <dhcwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dhcwg/>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 15 Jun 2016 14:57:17 -0000

Dear all,

After the discussion with authors and Stephen Farrell, we have the
following problems not sure and want to get further comments from WG.

1. For the applicability part, after the discussion with Jinmei, we want to
made the following changes:
(1). Add some opportunistic security related description in applicability
part;
(2). Support the following two modes of operations: 1.
Authentication+Encryption with cert/public key validation; 2. (if #1 isn't
possible) Encryption-only without cert/public key validation.
   The current version only includes "Authentication+Encryption" mode. We
should add the "Encryption-only" mode.

2. According to Stephen's comment, in some scenario, such as hotspot or
home network, there is not need to verify the client's identity. If someone
is using DHCPv6 to allocate addresses to server boxen in a data centre,
then the client authentication is needed.
So in order to have the balance right there, client authentication is
optional.

3. The Reply message with an error status code, is not encrypted. So the
Reply message may contain the client identifier option, then the client's
privacy information may be disclosed.
So the solution is that: The Reply message can be encrypted to avoid
privacy information disclosure.

Could you please give us some comments and guidance? Thanks in advance.


Best Regards,
Lishan