IETF Logo Mail Archive

[dhcwg] preliminary comments on draft-ietf-dhc-sedhcpv6-17

神明達哉 <jinmei@wide.ad.jp> Tue, 01 November 2016 21:52 UTC

Return-Path: <jinmei.tatuya@gmail.com>
X-Original-To: dhcwg@ietfa.amsl.com
Delivered-To: dhcwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B6FF9129A19 for <dhcwg@ietfa.amsl.com>; Tue, 1 Nov 2016 14:52:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.4
X-Spam-Level:
X-Spam-Status: No, score=-2.4 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FORGED_FROMDOMAIN=0.199, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hiYG9Kos-cwP for <dhcwg@ietfa.amsl.com>; Tue, 1 Nov 2016 14:52:45 -0700 (PDT)
Received: from mail-qk0-x235.google.com (mail-qk0-x235.google.com [IPv6:2607:f8b0:400d:c09::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3A1B0129A09 for <dhcwg@ietf.org>; Tue, 1 Nov 2016 14:52:45 -0700 (PDT)
Received: by mail-qk0-x235.google.com with SMTP id z190so215139416qkc.2 for <dhcwg@ietf.org>; Tue, 01 Nov 2016 14:52:45 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:from:date:message-id:subject:to; bh=vuPjKmu4fW1KtlqygGDdh5Qt5pY2Y4Xrsnm6z0bkRxs=; b=RmxQRKEEAs6LO00O425a2kMIfFMTJcrwxxD43HNHDc4u87jQMXqY4nf+Gt1StRuWY5 vrm4MDyZx0tCAPnP2F1b6U/IzSO3qlEctgHDQTkvvp8rrsJRR3ijg5YCNagfzrAKt4to XwzCMQRNvNp6V3NF88s351YAifmbyCuxEzSAoHGZaxu06/5O1I3biG8MZYbmvEkGkQL0 dSoPrIULmEhreEZ0HiVZLINkL73mavWBvnKso4D1Ey+VrocDel/NpRGWQGJO4dtmrOCT tyXysITUQl1PnCZLuZ5nOpikzycrLg8ddB+WaqwTPeDDUYwUsppgVgnyhZQcsc7U5cVi 4zTw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:sender:from:date:message-id:subject :to; bh=vuPjKmu4fW1KtlqygGDdh5Qt5pY2Y4Xrsnm6z0bkRxs=; b=C1meVFbBbgCAEl3/OL6JVIusmdaVxibZuareVkBURPAtfIHjEo/zwt7jUyvNeLpNr3 1FYvTMxMmGTUlmGhRN/dsAjw83s1eO2ZrTp08HzSfnYded0oT3CtEzBlOkBw6/nTUxm/ PS7h5E8Fe7HD8KsOPKKUhO7BOAncvnvV2O7ktvTddISGkpxwltUfo50U7vdVQ/R2isoZ AzEDPdg4gDlYozL9JVEptIw8wPMcqIbjPTLmYFyF6Ntuv6V0Dv3v7S0jvnoOvffhA25A iUVQ7pz7b40kHh9XqBRd6VzRXsbchj3j1V9BdNWiJRdLnD52KRurtzw1CL2rSK3/itj5 cY/A==
X-Gm-Message-State: ABUngvdQxHBP+D6nLx/FYzFfNl7FACDLFnvYuh4dqHNkNmyUB4YKixCNIcDKOfZPsFdB3A4TwsuHN0Kh95mJaw==
X-Received: by 10.233.220.131 with SMTP id q125mr204297qkf.43.1478037164100; Tue, 01 Nov 2016 14:52:44 -0700 (PDT)
MIME-Version: 1.0
Sender: jinmei.tatuya@gmail.com
Received: by 10.237.54.134 with HTTP; Tue, 1 Nov 2016 14:52:43 -0700 (PDT)
From: 神明達哉 <jinmei@wide.ad.jp>
Date: Tue, 01 Nov 2016 14:52:43 -0700
X-Google-Sender-Auth: fg8s8-tMDgTfi1F4Ql0jmpvhtqs
Message-ID: <CAJE_bqebwr2WUUgaNgiYS4_8L77Gxj4Os+oPRG407B6ELMEhCQ@mail.gmail.com>
To: "dhcwg@ietf.org" <dhcwg@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dhcwg/0LMxU7dc1P8RSSjPOkpErlYJQto>
Subject: [dhcwg] preliminary comments on draft-ietf-dhc-sedhcpv6-17
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: <dhcwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dhcwg/>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 01 Nov 2016 21:52:48 -0000

I have a couple of higher-level comments on draft-ietf-dhc-sedhcpv6-17.

1. I still disagree with the following restriction described in
 Section 5.4:

   For the privacy consideration, we have to give up the
   previous server selection feature.

 Especially now that rfc3315bis is going to deprecate the delayed
 authentication protocol and sedhcpv6 will become the only current
 candidate to provide security for DHCPv6, I believe it should cover
 all basic features of DHCPv6 including "the previous server selection
 feature".  There is at least one way to support this feature
 (although it's operationally restrictive): share the same
 private/public key pairs by multiple servers that may respond to the
 same Solicit.  As far as I can see there's nothing in this
 specification that prohibits this operation (unlike an earlier
 version of the spec, we don't include the server ID option in
 the Encrypted-Query message for a Solicit).  Also the following
 sentence in Section 10 seems to assume this operation:

   It should be noted that the selected certificate may
   correspond to multiple DHCPv6 servers.

2. Algorithm negotiation still doesn't make much sense to me.  I have
   many questions and concerns related to this point, but instead of
   raising each of these, I'd suggest one specific alternative to
   consider: have the client send a list of supported algorithms in
   the initial Information-Request, and let the server choose one set
   of them and keep using the same set.  This way we don't have to
   worry about an "algorithm not supported" error in the middle of a
   DHCPv6 session (as a corollary, we don't have to worry about how to
   return an encrypted reply when the client's preferred encryption
   algorithm isn't supported by the server).  An obvious downside of
   this is that it reveals some information of the client (the list of
   supported/preferred algorithms), but IMO this is acceptable.

--
JINMEI, Tatuya

v2.23.0 | Report a Bug | By Email