[dhcwg] IESG Discusses/Comments on draft-ietf-dhc-dhcpv6-subid-00.txt
"Bernie Volz \(volz\)" <volz@cisco.com> Fri, 20 January 2006 17:13 UTC
Received: from localhost.cnri.reston.va.us ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1EzzpC-0007lH-EO; Fri, 20 Jan 2006 12:13:22 -0500
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1EzzpB-0007l4-HQ; Fri, 20 Jan 2006 12:13:21 -0500
Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id MAA01392; Fri, 20 Jan 2006 12:11:53 -0500 (EST)
Received: from sj-iport-3-in.cisco.com ([171.71.176.72] helo=sj-iport-3.cisco.com) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1Ezzxx-0003er-AY; Fri, 20 Jan 2006 12:22:25 -0500
Received: from sj-core-5.cisco.com ([171.71.177.238]) by sj-iport-3.cisco.com with ESMTP; 20 Jan 2006 09:13:04 -0800
X-IronPort-AV: i="4.01,206,1136188800"; d="scan'208"; a="394261623:sNHT1441118274"
Received: from xbh-rtp-211.amer.cisco.com (xbh-rtp-211.cisco.com [64.102.31.102]) by sj-core-5.cisco.com (8.12.10/8.12.6) with ESMTP id k0KHCwkH027792; Fri, 20 Jan 2006 09:13:03 -0800 (PST)
Received: from xmb-rtp-20a.amer.cisco.com ([64.102.31.15]) by xbh-rtp-211.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.211); Fri, 20 Jan 2006 12:13:01 -0500
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Date: Fri, 20 Jan 2006 12:13:00 -0500
Message-ID: <8E296595B6471A4689555D5D725EBB21011FDFFD@xmb-rtp-20a.amer.cisco.com>
Thread-Topic: IESG Discusses/Comments on draft-ietf-dhc-dhcpv6-subid-00.txt
Thread-Index: AcYd5MPPVh291HrURnuRShdWfBNwBw==
From: "Bernie Volz (volz)" <volz@cisco.com>
To: iesg@ietf.org, dhcwg@ietf.org
X-OriginalArrivalTime: 20 Jan 2006 17:13:01.0272 (UTC) FILETIME=[C47A0D80:01C61DE4]
X-Spam-Score: 2.2 (++)
X-Scan-Signature: c83ccb5cc10e751496398f1233ca9c3a
Content-Transfer-Encoding: quoted-printable
Cc:
Subject: [dhcwg] IESG Discusses/Comments on draft-ietf-dhc-dhcpv6-subid-00.txt
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: dhcwg.ietf.org
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
Sender: dhcwg-bounces@ietf.org
Errors-To: dhcwg-bounces@ietf.org
The following DISCUSSED and COMMENTS were raised during IESG review of /draft-ietf-dhc-dhcpv6-subid-00.txt (see https://datatracker.ietf.org/public/pidtracker.cgi?command=print_ballot& ballot_id=1835&filename=draft-ietf-dhc-dhcpv6-remoteid): DISCUSSES AND COMMENTS: ====================== Brian Carpenter: Comment [2005-11-29]: I did wonder whether reference [4] shouldn't be normative. Ted Hardie: Comment [2005-11-29]: I agree with Brian that [4] is probably normative, as it is a normative reference in RFC3993, which is noted as a source document in the Acknowledgements. This seems like something that can be fixed in AUTH48, though. --- MY RESPONSE: I have no issue in moving this into the normative references (provided we keep the NVT ASCII format). --- Allison Mankin: Comment [2005-12-01]: No further objection, but I agree with Mark, this one needs highlighted security comments - not just the usual pointer to the weak security of DHCP. I think DHCP needs an a document like DNS's RFC 3833, which might stimulate some action towards work about DHCP spoof prevention which is not otherwise happening. --- MY RESPONSE: See below (Mark's comments). There was a draft on DHCP security issues that has long since expired. Perhaps the DHC WG should reactive this draft. --- Mark Townsley: Discuss [2005-11-30]: This is a "subscriber ID" used for roaming between access points, apparantly sent in the clear. It seems to me that there should be some mention in the security considerations section that if this value is snooped, it could be used to aid in hijacking service of the subscriber. --- MY RESPONSE: This option is NOT used by clients. It is used between relay agents and servers only. Thus, there is no issue regarding roaming (unless of course the relay agents and servers are in different administrative domains, but in this case there is likely some agreement between these domains and the relay would likely only forward the information to the appropriate server(s)). --- Bert Wijnen: Discuss [2005-12-01]: Again I wonder how this document (targeted at standards track) helps STANDARDIZE anything. - the semantic information in the subscriber-ID string is vendor specicic (without even a way to indicate which vendor it is coming from)?? - a relay agent MAY insert such a subscriebr-ID - a server MAY do something or nothing. And besides that, to make a subscriber-ID NVT ASCII seems very USA centric --- MY RESPONSE: Just as I proposed with draft-ietf-dhc-dhcpv6-remoteid-00.txt, we could insert the enterprise-id in the option data and thus the semantic information is enterprise specific. We could also remove the requirement to make this NVT-ASCII and leave it to the enterprise to define. However, this requirement was based on the DHCPv4 version (see RFC 3993). Perhaps we change the wording to suggest NVT-ASCII, but leave it for the enterprise to decide what is best for their needs. There is no requirement that relay agents insert these options. This is the whole idea behind options -- they are, in general, OPTIONAL. If a relay agent is configured to insert this and it has the information to insert, it will do so. As this option is for use between relay agents and servers, these are typically in the same administrative domain and thus to be useful, relay agents and servers that support this must be purchased if the domain intends to use this capability. --- - Bernie _______________________________________________ dhcwg mailing list dhcwg@ietf.org https://www1.ietf.org/mailman/listinfo/dhcwg
- [dhcwg] IESG Discusses/Comments on draft-ietf-dhc… Bernie Volz (volz)
- Re: [dhcwg] IESG Discusses/Comments on draft-ietf… Ted Lemon
- [dhcwg] RE: IESG Discusses/Comments on draft-ietf… Wijnen, Bert (Bert)
- [dhcwg] RE: IESG Discusses/Comments on draft-ietf… Bernie Volz (volz)
- RE: [dhcwg] IESG Discusses/Comments on draft-ietf… Bernie Volz (volz)
- Re: [dhcwg] IESG Discusses/Comments on draft-ietf… Ted Lemon
- [dhcwg] RE: IESG Discusses/Comments on draft-ietf… Wijnen, Bert (Bert)
- [dhcwg] RE: IESG Discusses/Comments on draft-ietf… Bernie Volz (volz)