Re: [dhcwg] Re: Authentication of DHCP Relay Agent Options Using IPsec
Michael Richardson <mcr@sandelman.ottawa.on.ca> Wed, 12 October 2005 15:11 UTC
Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1EPiGG-0004ha-Km; Wed, 12 Oct 2005 11:11:20 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1EJuXd-0004s2-1m for dhcwg@megatron.ietf.org; Mon, 26 Sep 2005 11:05:17 -0400
Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id LAA05144 for <dhcwg@ietf.org>; Mon, 26 Sep 2005 11:05:11 -0400 (EDT)
Received: from cod.sandelman.ca ([192.139.46.139] helo=lists.sandelman.ca) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1EJueb-00006L-JW for dhcwg@ietf.org; Mon, 26 Sep 2005 11:12:31 -0400
Received: from sandelman.ottawa.on.ca (CPE0080c8d59fa8-CM0011aea1b6fc.cpe.net.cable.rogers.com [69.196.216.20]) by lists.sandelman.ca (8.11.6p3/8.11.6) with ESMTP id j8QF4jx17983 (using TLSv1/SSLv3 with cipher EDH-RSA-DES-CBC3-SHA (168 bits) verified OK); Mon, 26 Sep 2005 11:04:51 -0400 (EDT)
Received: from marajade.sandelman.ottawa.on.ca (marajade [127.0.0.1]) by sandelman.ottawa.on.ca (Postfix) with ESMTP id 1EB80E9951; Mon, 26 Sep 2005 11:04:45 -0400 (EDT)
To: Van Aken Dirk <Dirk.VanAken@thomson.net>
Subject: Re: [dhcwg] Re: Authentication of DHCP Relay Agent Options Using IPsec
In-Reply-To: Message from "Van Aken Dirk" <Dirk.VanAken@thomson.net> of "Mon, 26 Sep 2005 08:25:40 +0200." <1F5308C5923F3B4DAA51D189BF255006BC7CA3@edgmsmail01.eu.thmulti.com>
References: <1F5308C5923F3B4DAA51D189BF255006BC7CA3@edgmsmail01.eu.thmulti.com>
X-Mailer: MH-E 7.82; nmh 1.1; XEmacs 21.4 (patch 17)
Date: Mon, 26 Sep 2005 11:04:45 -0400
Message-ID: <7898.1127747085@marajade.sandelman.ottawa.on.ca>
From: Michael Richardson <mcr@sandelman.ottawa.on.ca>
X-Spam-Score: 0.1 (/)
X-Scan-Signature: 69a74e02bbee44ab4f8eafdbcedd94a1
X-Mailman-Approved-At: Wed, 12 Oct 2005 11:11:10 -0400
Cc: ipsec@ietf.org, dhcwg@ietf.org
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: dhcwg.ietf.org
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
Sender: dhcwg-bounces@ietf.org
Errors-To: dhcwg-bounces@ietf.org
-----BEGIN PGP SIGNED MESSAGE----- {something rewrote the ipsec list to: ipsec@lists.tislabs.com.cnri.reston.va.us I'm guessing it gmane.org. Can you confirm what my message looked like when it hit dhcwg@ietf.org? } >>>>> "Van" == Van Aken Dirk <Dirk.VanAken@thomson.net> writes: Van> How do you come to the conclusion that DHCP relays are rather Van> "small boxes" and as a consequence don't need a full IKE Van> implementation ? You are looking at this from the wrong point of view. I'm claiming that DHCP relays *CAN* be small boxes, and so setting a smaller footprint for what they need in terms of IKE benefits small boxes without harming bigger boxes. Nothing prevents you from having a superset of what is required. (And what passes for a "small box" these days can be quite big) - -- ] ON HUMILITY: to err is human. To moo, bovine. | firewalls [ ] Michael Richardson, Xelerance Corporation, Ottawa, ON |net architect[ ] mcr@xelerance.com http://www.sandelman.ottawa.on.ca/mcr/ |device driver[ ] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (GNU/Linux) Comment: Finger me for keys iQCVAwUBQzgOCoqHRg3pndX9AQHn6AP9F0GqCRkOHI0nvMaAYyRvc5ss+BMZfsRy OIo/SvrPILkCsbdI8B4QX+fkpRs8m36boIIlVPQ24H8MpH4HtJD3thJhdMozF198 8kKtgNhnHUTd95GNhvCWaeZ6cOca0K1LogQxeduQhEt7y2CmRpyOYCv9+PyD1tuh uHn3WnmqE0s= =jZz3 -----END PGP SIGNATURE----- _______________________________________________ dhcwg mailing list dhcwg@ietf.org https://www1.ietf.org/mailman/listinfo/dhcwg
- [dhcwg] Re: Authentication of DHCP Relay Agent Op… Michael Richardson
- RE: [dhcwg] Re: Authentication of DHCP Relay Agen… Van Aken Dirk
- Re: [dhcwg] Re: Authentication of DHCP Relay Agen… Michael Richardson