[dhcwg] review of draft-ietf-dhc-sedhcpv6-02.txt

[Francis Dupont <Francis.Dupont@fdupont.fr>]

My colleague and DHC WG chair Tomasz (aka Tomek) Mrugalski asked me
to review the last version of the Secure DHCPv6 document.
First it is far better than the very first version (obviously
the recommendation to look at SeND (RFC 3971) was useful :-),
and (I checked at the last IETF meeting) there is no claimed IPR
about it.

Unfortunately it is still far from to be ready, for instance
the section 5.1 Public Key Option page 7 is fully wrong, even
in its example (a RSA public key has a second component, the
public exponent).

But my main concern is the applicability of the certificate stuff
(*public key* certificate BTW). The issue is either the node has
fully access to the PKI and a pointer (e.g., IKEv2 URI and hash)
is simpler/better, or a mechanism has to provide the trust anchor,
the certificate chain and crls, etc. It was done in SEND the (very)
hard way...

In the case of secure DHCPv6 IMHO it should be more efficient
to postpone the certificate stuff, so I propose:
 - drop the certificate option
 - adopt for the public key the DNSKEY wire format (it is known to
  work, has very similar constraint, and code already exists)
 - in the signature option, merge the HAsh and SignAture IDs
  into a single 16 bit ID taken for instance from the RRSIG.
 - add a provision for nodes without access to an UTC real clock
  (BTW SeND was written before the emergence of mobile hardware
   with very bad real clocks, cf a discussion in the PCP WG with
   some NTP people).

In the good thing to keep, timestamps (IMHO the anti-replay should
be promoted in the introduction), the leap of faith mode (oops,
replace everywhere model by mode), etc.

Regards

Francis.Dupont@fdupont.fr

PS: for the authors: I have a lot minor technical and editorial
comments in the case you want them before the next version?
(please ask at fdupont@isc.org)