Re: [dhcwg] Additional feedback on secure DHCPv6 draft
Francis Dupont <Francis.Dupont@fdupont.fr> Mon, 10 August 2015 15:07 UTC
Return-Path: <Francis.Dupont@fdupont.fr>
X-Original-To: dhcwg@ietfa.amsl.com
Delivered-To: dhcwg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3D1AC1B3686 for <dhcwg@ietfa.amsl.com>; Mon, 10 Aug 2015 08:07:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.637
X-Spam-Level:
X-Spam-Status: No, score=0.637 tagged_above=-999 required=5 tests=[BAYES_40=-0.001, HELO_EQ_FR=0.35, MIME_8BIT_HEADER=0.3, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id m8h6a6t6LClz for <dhcwg@ietfa.amsl.com>; Mon, 10 Aug 2015 08:07:42 -0700 (PDT)
Received: from givry.fdupont.fr (givry.fdupont.fr [IPv6:2001:41d0:1:6d55:211:5bff:fe98:d51e]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 542FC1B367B for <dhcwg@ietf.org>; Mon, 10 Aug 2015 08:07:34 -0700 (PDT)
Received: from givry.fdupont.fr (localhost [127.0.0.1]) by givry.fdupont.fr (8.14.3/8.14.3) with ESMTP id t7AF4sxh011269; Mon, 10 Aug 2015 17:04:55 +0200 (CEST) (envelope-from dupont@givry.fdupont.fr)
Message-Id: <201508101504.t7AF4sxh011269@givry.fdupont.fr>
From: Francis Dupont <Francis.Dupont@fdupont.fr>
To: 神明達哉 <jinmei@wide.ad.jp>
In-reply-to: Your message of Tue, 28 Jul 2015 05:27:25 +0900. <CAJE_bqd_=EXU6FiozR_AWEapSxzgZBei5enKh6snNwE+Sgcy3w@mail.gmail.com>
Date: Mon, 10 Aug 2015 17:04:54 +0200
Sender: Francis.Dupont@fdupont.fr
Archived-At: <http://mailarchive.ietf.org/arch/msg/dhcwg/0UuDJDNxlyHvLg4Z7vbV50O_mbQ>
Cc: "dhcwg@ietf.org" <dhcwg@ietf.org>
Subject: Re: [dhcwg] Additional feedback on secure DHCPv6 draft
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <dhcwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dhcwg/>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 10 Aug 2015 15:07:44 -0000
In your previous mail you wrote: > At Mon, 20 Jul 2015 16:03:33 +0200, > Francis Dupont <Francis.Dupont@fdupont.fr> wrote: > > > > A big question that probably should be answered in the introduction or > > > under security considerations is "what security vulnerabilities are we > > > trying to mitigate?". > [...] > > > Given all that, what are the threats? > > > > => for me the main 2 examples is the guy which tries to get your address > > (i.e., inpersonate your application server) and the bad guy which > > releases your address (i.e., basic denial of service). > > These can be prevented with the existing RFC3315 authentication > mechanism. So we'd need to explain why we need to introduce a new > mechanism to prevent them. To that end, and in my understanding of > previous discussions, all we can say is this: => both (RFC 3315 auth and secure DHCPv6) are security mechanisms (so they can prevent the same kind of attacks) but they are not equivalent from the deployment/usage point of view. > > But in fact the goal is to raise the DHCPv6 security from its current > > level (i.e., nearly no usable security at all) to a point where it is > > not too ridiculous compared to SEND (RFC 3971). > > but unless we show how we can practically integrate PKI (or some other > way for public key distribution/sharing) with secure DHCPv6, => I believe we have today enough proofs if we put this on the secure DHCPv6 boat it won't float... > I'm not sure how we can move forward from this point. I'm pessimistic > about revising the document so it can show the integration of PKI or > more persuading scenarios of TOFU based on the history of this > document. => I am pessimistic too: I think we should keep this outside the document and address it when we'll have real world deployment/usage. Regards Francis.Dupont@fdupont.fr PS: there should be other messages about secure DHCPv6: I was on holidays 2 weeks after the IETF meeting.
- [dhcwg] Additional feedback on secure DHCPv6 draft Brian Haberman
- Re: [dhcwg] Additional feedback on secure DHCPv6 … Bernie Volz (volz)
- Re: [dhcwg] Additional feedback on secure DHCPv6 … Francis Dupont
- Re: [dhcwg] Additional feedback on secure DHCPv6 … Sheng Jiang
- Re: [dhcwg] Additional feedback on secure DHCPv6 … 神明達哉
- Re: [dhcwg] Additional feedback on secure DHCPv6 … Francis Dupont