Re: [dhcwg] DHCP hackathon in Prague: SeDHCPv6

Ted Lemon <mellon@fugue.com> Wed, 07 June 2017 19:26 UTC

Return-Path: <mellon@fugue.com>
X-Original-To: dhcwg@ietfa.amsl.com
Delivered-To: dhcwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2901E12948F for <dhcwg@ietfa.amsl.com>; Wed, 7 Jun 2017 12:26:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=fugue-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id avk5PdZgHVIP for <dhcwg@ietfa.amsl.com>; Wed, 7 Jun 2017 12:26:32 -0700 (PDT)
Received: from mail-qt0-x22b.google.com (mail-qt0-x22b.google.com [IPv6:2607:f8b0:400d:c0d::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BA25D127698 for <dhcwg@ietf.org>; Wed, 7 Jun 2017 12:26:32 -0700 (PDT)
Received: by mail-qt0-x22b.google.com with SMTP id u19so17880856qta.3 for <dhcwg@ietf.org>; Wed, 07 Jun 2017 12:26:32 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fugue-com.20150623.gappssmtp.com; s=20150623; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=YiQ/mtEgu91Mo+n9LA/4baaeYTvK8a0+pwuvEpQu5Ao=; b=NakyHCCByrZeHmmhtR4bjyRodRYMWOs+iAxBJaRwUUWKNj4zYfowMmbzqtyFC7pn0H vYnBA1Agra/IGBhLm9EdhXd1c/LtAwouVpAYGMdSICjjjDwuhcHRUslED1xFCZ1htDdh 6Mzk02v6AEX6PcOhIivmwXXzsU3Ltfn/LBmYCCgDr/k+SxUGwRcbGAi9D6SjkoZ01Ewc WBxEg0/EPWz0P4vC0SvfgSSpgZMLCGX7At9HRmKh+w11g1bn+szlPNO++mKg2kXKyKhe BRi/kbLd/sYNIl5U6dOHJQV3DTUn+YTfrsHqJI57hXmFGx3f9B+Vg6HK1uuFDE0xj8lb 4Ovg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=YiQ/mtEgu91Mo+n9LA/4baaeYTvK8a0+pwuvEpQu5Ao=; b=mMbVIoiuVSBJ29FuP8byRheY6nZDz/qkyq3/+l23/Tbm4AKpnKlw8l7b/PNnwl/rnv DW3toKnJMfNi1iWFhr2xda922Ag7486tuPb/0X/itgUUST6weZQ0M+Jzq1XzBmrPZuOG WsYVMGQe4CJf1k6l+hvAZW4O0fNGKIWLwLbAp2hgXg80HVOQvpaIPoBWv7beFIR7JNXK 6vatmpugBsL/6mhKLvtM5QhrNNeqlyvkrHcc3pyYV5Aa1YJsVt8HauLHVqgKsRC5z7KT j4jqBaG/73Ar27bVUzl0DLZa1thCV5D9z6e3DcS3uboYIpGj9w+gykK+FKPVYHjQg261 A1vg==
X-Gm-Message-State: AODbwcC6de215jDbff9slRdzYSck3IJka/j8LJoyLofiBhuODup0TYlB aZLHxY3J0nFm+EXt
X-Received: by 10.200.56.230 with SMTP id g35mr33704429qtc.79.1496863591831; Wed, 07 Jun 2017 12:26:31 -0700 (PDT)
Received: from [10.0.30.228] (c-73-167-64-188.hsd1.ma.comcast.net. [73.167.64.188]) by smtp.gmail.com with ESMTPSA id n35sm1632050qtc.55.2017.06.07.12.26.31 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 07 Jun 2017 12:26:31 -0700 (PDT)
From: Ted Lemon <mellon@fugue.com>
Message-Id: <345449A2-D651-421A-8695-E77606C513F1@fugue.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_7ECC46D5-08C4-4677-8344-D7F5C7A4911D"
Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\))
Date: Wed, 07 Jun 2017 15:26:30 -0400
In-Reply-To: <201706071908.v57J8lqg062133@givry.fdupont.fr>
Cc: Tomek Mrugalski <tomasz.mrugalski@gmail.com>, dhcwg@ietf.org
To: Francis Dupont <Francis.Dupont@fdupont.fr>
References: <201706071908.v57J8lqg062133@givry.fdupont.fr>
X-Mailer: Apple Mail (2.3273)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dhcwg/0dOhvIfpLbZjUY7Cl2m7fc-wD5M>
Subject: Re: [dhcwg] DHCP hackathon in Prague: SeDHCPv6
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: <dhcwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dhcwg/>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Jun 2017 19:26:34 -0000

On Jun 7, 2017, at 3:08 PM, Francis Dupont <Francis.Dupont@fdupont.fr> wrote:
> In the case of opportunistic
> IPsec/IKE it could be more DHCP features or if we are lucky some
> profiles...

Suppose I want to code up a DHCP client that uses IPsec on the Mac.   What API do I use?   Since encryption is now being done in the network stack, I don't have the option of not using an API.   AFAIK, no such API exists.   I'm choosing the Mac specifically because I haven't been able to find documentation for one there—I know I can do it on Linux.