Re: [dhcwg] Two approaches to DHCP privacy
Linhui Sun <lh.sunlinh@gmail.com> Wed, 11 March 2015 03:29 UTC
Return-Path: <lh.sunlinh@gmail.com>
X-Original-To: dhcwg@ietfa.amsl.com
Delivered-To: dhcwg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8C2A71AC3A1 for <dhcwg@ietfa.amsl.com>; Tue, 10 Mar 2015 20:29:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id w1JoK_QjkKQV for <dhcwg@ietfa.amsl.com>; Tue, 10 Mar 2015 20:29:27 -0700 (PDT)
Received: from mail-lb0-x22b.google.com (mail-lb0-x22b.google.com [IPv6:2a00:1450:4010:c04::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5405C1A007B for <dhcwg@ietf.org>; Tue, 10 Mar 2015 20:29:27 -0700 (PDT)
Received: by lbvp9 with SMTP id p9so6069754lbv.8 for <dhcwg@ietf.org>; Tue, 10 Mar 2015 20:29:25 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=XTATRzEQ1UruHEWnad3zEcEFUyle8MiHhiHd1eQlhdY=; b=djaivQKqPIMes5k18OFew62tR7idIS9GlzWX7/8JDg/LRfYK0ugKtGZIP9Ko4rDJpF mbBpw2ZYnDqnzYUPp6KdH2TN3FpJhrm746HXGxyaMrKUA804jBHNiWdVQAkLUeUtXPSp 0Iphja+iJQWK6+BAdG+OKW2WN+h8WiSXgzOg7TBmu0h6XGvOm8Py2SzDt/GZUBzs9XIi Fyac6xYgEMTZLeeV6dckqZY5E5xmHZIJ3ib+aTTgjaEb/+RYUHV4sOATD/lYnOPshVt8 1wHCtG2ueOnDFyenKAnJGCZexhmyxSqKZGcofF1gDPmcKq0gvhKh8al1mrG18Ata6Rw6 2/2A==
MIME-Version: 1.0
X-Received: by 10.152.219.2 with SMTP id pk2mr32432638lac.107.1426044565770; Tue, 10 Mar 2015 20:29:25 -0700 (PDT)
Received: by 10.114.200.76 with HTTP; Tue, 10 Mar 2015 20:29:25 -0700 (PDT)
In-Reply-To: <DM2PR0301MB065504641ED5B76A7915A292A8180@DM2PR0301MB0655.namprd03.prod.outlook.com>
References: <DM2PR0301MB065504641ED5B76A7915A292A8180@DM2PR0301MB0655.namprd03.prod.outlook.com>
Date: Wed, 11 Mar 2015 11:29:25 +0800
Message-ID: <CAO_YpraGWcwrJ6xOi2zTRLyNfunT0HNhuPF9eWnyfuV2WK_xcg@mail.gmail.com>
From: Linhui Sun <lh.sunlinh@gmail.com>
To: Christian Huitema <huitema@microsoft.com>
Content-Type: multipart/alternative; boundary="001a1134188cc6d7dc0510fadf61"
Archived-At: <http://mailarchive.ietf.org/arch/msg/dhcwg/9Ke4Do_tm-6nD7-_zKAQ6jPCvdQ>
Cc: dhcwg@ietf.org
Subject: Re: [dhcwg] Two approaches to DHCP privacy
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <dhcwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dhcwg/>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 11 Mar 2015 03:29:29 -0000
Hi, Christian Many thanks for pointing out the differences. Something that I want to make it clear is that the "dhcpv6-sa" design does not include encryption as a mandatory solution. The general idea is to build a trusted relationship between client and server before standard DHCPv6 process. If they agree to use encryption in the following communications, they could do. In the current version, we mentioned encryption as an optional further solution since we are not sure whether the WG has a requirement to add confidentiality to the DHCPv6 transactions. If the requirement exists, we could propose another document to define the encryption pattern. Thus, more precisely, the current "dhcpv6-sa" addresses the scenario when the client desires to find a trusted server. As for your "anonymity" design, I read it briefly and will make a thorough review later. I think minimizing data is always the best way. Here's one question, do you think it is better to separate DHCPv4 part and DHCPv6 part? Best Regards, Linhui 2015-03-11 5:22 GMT+08:00 Christian Huitema <huitema@microsoft.com>: > We know have two drafts addressing DHCP privacy: > http://www.ietf.org/internet-drafts/draft-yiu-dhc-dhcpv6-sa-00.txt and > http://www.ietf.org/internet-drafts/draft-huitema-dhc-anonymity-profile-01.txt > . > > Just in case there is confusion, I want to point out that these two drafts > are addressing different scenarios. > > The "dhcpv6-sa" draft proposes establishing a secure association between > client and DHCPv6 server; use of encryption prevents leakage of information > to third parties, and thus mitigates the corresponding privacy issues. Of > course, the secure association provides full access to the information to > both client and server. The secure association solution addresses the > scenario when the client trusts the server. > > My "anonymity" draft addresses a different scenario, when the client is > visiting an untrusted network and does not want to provide identifying data > to anyone on that network, including to the server. The solution there is > to "randomize" most of the data provided to the server, so it could not be > used to track the client. > > Two different scenarios, two solutions. > > -- Christian Huitema > > _______________________________________________ > dhcwg mailing list > dhcwg@ietf.org > https://www.ietf.org/mailman/listinfo/dhcwg >
- [dhcwg] Two approaches to DHCP privacy Christian Huitema
- Re: [dhcwg] Two approaches to DHCP privacy Linhui Sun