[dhcwg] Two approaches to DHCP privacy
Christian Huitema <huitema@microsoft.com> Tue, 10 March 2015 21:22 UTC
Return-Path: <huitema@microsoft.com>
X-Original-To: dhcwg@ietfa.amsl.com
Delivered-To: dhcwg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7C5301A8A4B for <dhcwg@ietfa.amsl.com>; Tue, 10 Mar 2015 14:22:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8Wp1HelSRFDo for <dhcwg@ietfa.amsl.com>; Tue, 10 Mar 2015 14:22:58 -0700 (PDT)
Received: from na01-bn1-obe.outbound.protection.outlook.com (mail-bn1on0719.outbound.protection.outlook.com [IPv6:2a01:111:f400:fc10::719]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C04301A8A5F for <dhcwg@ietf.org>; Tue, 10 Mar 2015 14:22:57 -0700 (PDT)
Received: from DM2PR0301MB0655.namprd03.prod.outlook.com (25.160.96.17) by DM2PR0301MB0654.namprd03.prod.outlook.com (25.160.96.16) with Microsoft SMTP Server (TLS) id 15.1.106.15; Tue, 10 Mar 2015 21:22:39 +0000
Received: from DM2PR0301MB0655.namprd03.prod.outlook.com ([25.160.96.17]) by DM2PR0301MB0655.namprd03.prod.outlook.com ([25.160.96.17]) with mapi id 15.01.0106.007; Tue, 10 Mar 2015 21:22:39 +0000
From: Christian Huitema <huitema@microsoft.com>
To: "dhcwg@ietf.org" <dhcwg@ietf.org>
Thread-Topic: Two approaches to DHCP privacy
Thread-Index: AdBbdqPT2paZ8PrMR46HLFo2F6GF+Q==
Date: Tue, 10 Mar 2015 21:22:39 +0000
Message-ID: <DM2PR0301MB065504641ED5B76A7915A292A8180@DM2PR0301MB0655.namprd03.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [2001:4898:80e0:ee43::5]
authentication-results: ietf.org; dkim=none (message not signed) header.d=none;
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:DM2PR0301MB0654;
x-microsoft-antispam-prvs: <DM2PR0301MB0654068194007B8DF867F49CA8180@DM2PR0301MB0654.namprd03.prod.outlook.com>
x-forefront-antispam-report: BMV:1; SFV:NSPM; SFS:(10019020)(6009001)(2501003)(2900100001)(2656002)(40100003)(102836002)(33656002)(62966003)(450100001)(74316001)(15975445007)(46102003)(110136001)(54356999)(92566002)(107886001)(99286002)(86612001)(122556002)(50986999)(2351001)(77156002)(76576001)(87936001)(229853001)(86362001)(19580395003)(3826002); DIR:OUT; SFP:1102; SCL:1; SRVR:DM2PR0301MB0654; H:DM2PR0301MB0655.namprd03.prod.outlook.com; FPR:; SPF:None; MLV:sfv; LANG:en;
x-exchange-antispam-report-test: UriScan:;
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(601004)(5005006)(5002009); SRVR:DM2PR0301MB0654; BCL:0; PCL:0; RULEID:; SRVR:DM2PR0301MB0654;
x-forefront-prvs: 051158ECBB
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: microsoft.onmicrosoft.com
X-MS-Exchange-CrossTenant-originalarrivaltime: 10 Mar 2015 21:22:39.4026 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM2PR0301MB0654
Archived-At: <http://mailarchive.ietf.org/arch/msg/dhcwg/5_JM-AJsphI_YHceHA9AOWosM1c>
Subject: [dhcwg] Two approaches to DHCP privacy
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <dhcwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dhcwg/>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Mar 2015 21:22:59 -0000
We know have two drafts addressing DHCP privacy: http://www.ietf.org/internet-drafts/draft-yiu-dhc-dhcpv6-sa-00.txt and http://www.ietf.org/internet-drafts/draft-huitema-dhc-anonymity-profile-01.txt. Just in case there is confusion, I want to point out that these two drafts are addressing different scenarios. The "dhcpv6-sa" draft proposes establishing a secure association between client and DHCPv6 server; use of encryption prevents leakage of information to third parties, and thus mitigates the corresponding privacy issues. Of course, the secure association provides full access to the information to both client and server. The secure association solution addresses the scenario when the client trusts the server. My "anonymity" draft addresses a different scenario, when the client is visiting an untrusted network and does not want to provide identifying data to anyone on that network, including to the server. The solution there is to "randomize" most of the data provided to the server, so it could not be used to track the client. Two different scenarios, two solutions. -- Christian Huitema
- [dhcwg] Two approaches to DHCP privacy Christian Huitema
- Re: [dhcwg] Two approaches to DHCP privacy Linhui Sun