[dhcwg] seDHCPv6 update and next steps ...

"Bernie Volz (volz)" <volz@cisco.com> Wed, 12 July 2017 20:30 UTC

Return-Path: <volz@cisco.com>
X-Original-To: dhcwg@ietfa.amsl.com
Delivered-To: dhcwg@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 8973D1317B4 for <dhcwg@ietfa.amsl.com>; Wed, 12 Jul 2017 13:30:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.522
X-Spam-Status: No, score=-14.522 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id gI2u5Z5jhhv9 for <dhcwg@ietfa.amsl.com>; Wed, 12 Jul 2017 13:30:22 -0700 (PDT)
Received: from rcdn-iport-8.cisco.com (rcdn-iport-8.cisco.com []) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B9A181317B7 for <dhcwg@ietf.org>; Wed, 12 Jul 2017 13:30:22 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=10644; q=dns/txt; s=iport; t=1499891422; x=1501101022; h=from:to:subject:date:message-id:mime-version; bh=avJ4dh3Sc7+AYDFq5wKxdwElNdyUYsdVwXvR+LlZiHM=; b=G0HDsSbkC/El9f51DQTZb7EIeLAXOFldmCGM8BYykZNoG9CGOIQcNmbk lSMDUFG8wUPj53pIy4ZprFVvRiWyhjbde2YjSQsuAuQctwN7Zp+mPlaGh xkw3gq44+0LsaxEHCfMPzfNxMsV+6KmqUsfdkyXRL/NW63dd4hSDOIb35 c=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0C/AgD+hWZZ/4MNJK1eGwEBAQMBAQEJA?= =?us-ascii?q?QEBgm9rZIEbsEqFLIIRiUlBFgECAQEBAQEBAWsohUxBHQGBACYBBAEaiUNksAO?= =?us-ascii?q?LIgEBAQEBAQQBAQEBAQEigyiBYZFPBZ8oApQEghWQGYlDjA0BJQExgQp1FUmHF?= =?us-ascii?q?ohCgQ0BAQE?=
X-IronPort-AV: E=Sophos;i="5.40,351,1496102400"; d="scan'208,217";a="267399106"
Received: from alln-core-1.cisco.com ([]) by rcdn-iport-8.cisco.com with ESMTP/TLS/DHE-RSA-AES256-SHA; 12 Jul 2017 20:30:21 +0000
Received: from XCH-RCD-002.cisco.com (xch-rcd-002.cisco.com []) by alln-core-1.cisco.com (8.14.5/8.14.5) with ESMTP id v6CKULZw027014 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Wed, 12 Jul 2017 20:30:21 GMT
Received: from xch-aln-003.cisco.com ( by XCH-RCD-002.cisco.com ( with Microsoft SMTP Server (TLS) id 15.0.1210.3; Wed, 12 Jul 2017 15:30:20 -0500
Received: from xch-aln-003.cisco.com ([]) by XCH-ALN-003.cisco.com ([]) with mapi id 15.00.1210.000; Wed, 12 Jul 2017 15:30:20 -0500
From: "Bernie Volz (volz)" <volz@cisco.com>
To: "draft-ietf-dhc-sedhcpv6@tools.ietf.org" <draft-ietf-dhc-sedhcpv6@tools.ietf.org>, "dhcwg@ietf.org" <dhcwg@ietf.org>
Thread-Topic: seDHCPv6 update and next steps ...
Thread-Index: AdL7TPjzgLDuRsMjTzK32MYQ2IpqqA==
Date: Wed, 12 Jul 2017 20:30:20 +0000
Message-ID: <4775705423554cc39360724881251abe@XCH-ALN-003.cisco.com>
Accept-Language: en-US
Content-Language: en-US
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: []
Content-Type: multipart/alternative; boundary="_000_4775705423554cc39360724881251abeXCHALN003ciscocom_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/dhcwg/8OHeFc6JmR0o0ARDSmfHuNrD5Ig>
Subject: [dhcwg] seDHCPv6 update and next steps ...
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: <dhcwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dhcwg/>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 12 Jul 2017 20:30:25 -0000


There has been some discussion (most recently off the dhcwg mailing list) about the sedhcpv6 draft.

Previously, as discussed on the dhcwg mailing list a while back, there are some issues with the current draft (including the encryption issue; the key can't be used to encrypt more data than the size of the key). And, while some of the co-authors have communicated recently, others have been quiet and it is not clear what the level of interest for each is in continuing. This work has sadly had a long road with several turns already.

The discussion raised the question as to what the goals of this work should be. Some feel that we need to step back and first develop a "requirements document" to clearly detail what the goals of a securing DHCPv6 should be (for example, was the fairly recent push to add encryption appropriate?).

Thus, Tomek and I feel that it would be worth having an interested group meet before the IETF-99 DHC WG session (which is on Wednesday, 7/19 afternoon) to discuss this so that we could formulate a strategy. If you have interest, let us know. We propose to meet on Sunday at 14:00 (CEST) in Chez Louis (Hackathon) room - we can find a table there, or look for another place. (If there is remote participation interest, let us know and we'll see what we might be able to accommodate.)

We may also have extra time in the DHC WG session to discuss in detail there, but it could be helpful to have one or more proposals and, if we get the slides out quickly, give people some time to think about it before the WG session.

-          Bernie and Tomek