Re: [dhcwg] Kathleen Moriarty's No Objection on draft-ietf-dhc-rfc3315bis-10: (with COMMENT)

Tomek Mrugalski <> Thu, 25 January 2018 03:39 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 9A2F712E051; Wed, 24 Jan 2018 19:39:50 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id yL1K_3Mpy86j; Wed, 24 Jan 2018 19:39:48 -0800 (PST)
Received: from ( [IPv6:2a00:1450:4010:c07::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 5BE9912E048; Wed, 24 Jan 2018 19:39:48 -0800 (PST)
Received: by with SMTP id t139so8002465lff.0; Wed, 24 Jan 2018 19:39:48 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-language:content-transfer-encoding; bh=RcO7zJNPMNz44rn1FeglAZFwiE572ueYEuESvjLu6wk=; b=HXRARdyiq8+VpSkaOzejLe2jLnD1LfRGBnj4xpvnd3Bd53VseFLgt7Gr1/NSzcEncj C1CIRzSrswtUUspoKGGKD8K1Yer7MpbawWFLl/3J3bSeuWJeR716E5e0jHCVgDjSRmhW VwWZTfFWPFOP3sUR2HkxdORxwAfKLRB7hZdlkWwYU7jDuhFAKyplZaJM4VSST+0decRp vd8t6rP5VmTbOa5Dw24xv07SRpHJTTdsY+rWcYHc7P2icJsxPPWm4RYdwvScRxoIDchS zhhbH8jksA0Xwh1PSX4RZuRyezgU7lvZn5Sh8IarwLYUB3v55VM0V7DEB6FR2aBOHbF1 jriQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=RcO7zJNPMNz44rn1FeglAZFwiE572ueYEuESvjLu6wk=; b=tyNWViamA+yMT9MP4l9GRlCCqKfJuT70Hj1UFy5CYL3A0z8NKKPzR+PUy1XvE6pQHM kyTzKURvPpOO6P64QiN78amlyWpoqDJGZraa6Xg9OS85fLHaO/la3bJckeb0mI6L1ZVC fTQRONuNki/5Zi/vWYfCsL2Ir1aJw65/qdZWywE2XnW+ppe25B4MHYygqRQAhirUr1O9 EbSttiphUYZ/RZRHg3nRwRL30RVJpXhhxZnOJAtEYukAjvMz016dy5IYz/K2lq8HUypH LXK+jJBZYtx92YOeMFxfdlQ2JVyXplQIS9dJhV202++L98DX6S927in2SrOYyxO3Z7Vf 95Og==
X-Gm-Message-State: AKwxytc5w8yM1KfQxVwqMwZ4M2Vvr8SGmuvN+1Enz4aSxZvs7SQV+NLa JQDGZgoBnirA8lVXORp2B5g3913/
X-Google-Smtp-Source: AH8x225avbbtWdd/koX7fDMToFaWSol5cp35wgQgoxRI1vey+poI3Tvz/OK5JFfNpRnYTdlkIl/0/A==
X-Received: by with SMTP id s141mr4342415lfs.15.1516851586279; Wed, 24 Jan 2018 19:39:46 -0800 (PST)
Received: from [] ( []) by with ESMTPSA id e72sm830361lfi.56.2018. (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 24 Jan 2018 19:39:45 -0800 (PST)
To: Kathleen Moriarty <>, The IESG <>
Cc:, Ralph Droms <>,,
References: <>
From: Tomek Mrugalski <>
Message-ID: <>
Date: Thu, 25 Jan 2018 04:39:42 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.5.0
MIME-Version: 1.0
In-Reply-To: <>
Content-Type: text/plain; charset=utf-8
Content-Language: en-GB
Content-Transfer-Encoding: 8bit
Archived-At: <>
Subject: Re: [dhcwg] Kathleen Moriarty's No Objection on draft-ietf-dhc-rfc3315bis-10: (with COMMENT)
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 25 Jan 2018 03:39:50 -0000

On 01/23/18 17:28, Kathleen Moriarty wrote:
> Kathleen Moriarty has entered the following ballot position for
> draft-ietf-dhc-rfc3315bis-10: No Objection
Thanks for your review and your vote. See my comments below.

> The document, along with other ballot positions, can be found here:
> ----------------------------------------------------------------------
> ----------------------------------------------------------------------
> Thanks for your work updating this draft.  I'd like to see the lack of
> encryption from client to server explicitly mentioned in the security
> considerations section.  Hijacking, tampering, and eavesdropping attacks are
> all possible as a result.
Ok. Will add appropriate text.

> I also agree with the SecDir reviewer (Kyle Rose) comments and recommendations,
> but saw your response to Eric's comments in that a draft to move from MD5 was
> dropped.  It would be good to see how we can better secure this protocol is a
> practical and deployable way.
Yes, that's most unfortunate. The sedhcpv6 draft was active since 2013.
It went through a total of 25 revisions, multiple discussions,
brainstorm sessions, an interop, a hackathon and even different teams of
authors. Sadly, in the end the WG couldn't agree on the set of problems
that are to be solved, much less how to solve them.