Re: [dhcwg] What sorts of services does DHCP configure?

Ted Lemon <ted.lemon@nominum.com> Thu, 17 October 2013 13:54 UTC

Return-Path: <Ted.Lemon@nominum.com>
X-Original-To: dhcwg@ietfa.amsl.com
Delivered-To: dhcwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DEA8021F9C4F for <dhcwg@ietfa.amsl.com>; Thu, 17 Oct 2013 06:54:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.591
X-Spam-Level:
X-Spam-Status: No, score=-106.591 tagged_above=-999 required=5 tests=[AWL=0.008, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yXym8PMvhnPt for <dhcwg@ietfa.amsl.com>; Thu, 17 Oct 2013 06:54:22 -0700 (PDT)
Received: from exprod7og102.obsmtp.com (exprod7og102.obsmtp.com [64.18.2.157]) by ietfa.amsl.com (Postfix) with ESMTP id 5B58021F9C10 for <dhcwg@ietf.org>; Thu, 17 Oct 2013 06:54:22 -0700 (PDT)
Received: from shell-too.nominum.com ([64.89.228.229]) (using TLSv1) by exprod7ob102.postini.com ([64.18.6.12]) with SMTP ID DSNKUl/sDte9iWc/mfpxzSp7YMrM4XxeCeA6@postini.com; Thu, 17 Oct 2013 06:54:22 PDT
Received: from archivist.nominum.com (archivist.nominum.com [64.89.228.108]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "*.nominum.com", Issuer "Go Daddy Secure Certification Authority" (verified OK)) by shell-too.nominum.com (Postfix) with ESMTP id E1C0A1B81D8 for <dhcwg@ietf.org>; Thu, 17 Oct 2013 06:54:18 -0700 (PDT)
Received: from webmail.nominum.com (cas-01.win.nominum.com [64.89.228.131]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (Client CN "mail.nominum.com", Issuer "Go Daddy Secure Certification Authority" (verified OK)) by archivist.nominum.com (Postfix) with ESMTPS id CF3E119005C; Thu, 17 Oct 2013 06:54:18 -0700 (PDT) (envelope-from Ted.Lemon@nominum.com)
Received: from [10.0.10.40] (192.168.1.10) by CAS-01.WIN.NOMINUM.COM (192.168.1.100) with Microsoft SMTP Server (TLS) id 14.3.158.1; Thu, 17 Oct 2013 06:54:18 -0700
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0 (Mac OS X Mail 7.0 \(1812\))
From: Ted Lemon <ted.lemon@nominum.com>
In-Reply-To: <5D36713D8A4E7348A7E10DF7437A4B923AD49A8B@nkgeml512-mbx.china.huawei.com>
Date: Thu, 17 Oct 2013 09:54:15 -0400
Content-Transfer-Encoding: quoted-printable
Message-ID: <85FE4890-3622-423E-95A8-BB528B1FA23B@nominum.com>
References: <0CAF13FF2DE695F55BFEEB8BD88E542A@thehobsons.co.uk> <489D13FBFA9B3E41812EA89F188F018E1AD1E42C@xmb-rcd-x04.cisco.com> <5D36713D8A4E7348A7E10DF7437A4B923AD49863@nkgeml512-mbx.china.huawei.com> <8E7FD62B-550F-4A71-AF31-1B2DCB53AF0F@nominum.com> <5D36713D8A4E7348A7E10DF7437A4B923AD499E3@nkgeml512-mbx.china.huawei.com> <6B818FA6-79AD-41DA-93C0-47556DFD18E7@nominum.com> <5D36713D8A4E7348A7E10DF7437A4B923AD49A8B@nkgeml512-mbx.china.huawei.com>
To: Sheng Jiang <jiangsheng@huawei.com>
X-Mailer: Apple Mail (2.1812)
X-Originating-IP: [192.168.1.10]
Cc: "dhcwg@ietf.org WG" <dhcwg@ietf.org>, "Bernie Volz \(volz\)" <volz@cisco.com>
Subject: Re: [dhcwg] What sorts of services does DHCP configure?
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: <dhcwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dhcwg>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 17 Oct 2013 13:54:29 -0000

On Oct 17, 2013, at 1:42 AM, Sheng Jiang <jiangsheng@huawei.com> wrote:
> Why DHC WG cannot say no to what should not be in DHC? If that's the case, we have no points to discuss here what should or should not be configured using DHC protocol. People will keep to "borrow" DHCP for their unsuitable purposes as long as they do not have another suitable protocol.

The DHCP Directorate, when I get around to making it happen (Bernie and Tomek have already done the hard work) will in fact do reviews of this sort.   But we really can't say "don't do this" to things that don't change the DHCP protocol itself, and even then it has to be a consensus process, not a veto.   What we can say is "that's usually going to be a bad idea, and shouldn't be done except in restricted cases, because of these security risks."