Re: [dhcwg] Re: Authentication of DHCP Relay Agent Options Using IPsec

Michael Richardson <mcr@sandelman.ottawa.on.ca> Wed, 12 October 2005 15:11 UTC

Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1EPiGG-0004ha-Km; Wed, 12 Oct 2005 11:11:20 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1EJuXd-0004s2-1m for dhcwg@megatron.ietf.org; Mon, 26 Sep 2005 11:05:17 -0400
Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id LAA05144 for <dhcwg@ietf.org>; Mon, 26 Sep 2005 11:05:11 -0400 (EDT)
Received: from cod.sandelman.ca ([192.139.46.139] helo=lists.sandelman.ca) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1EJueb-00006L-JW for dhcwg@ietf.org; Mon, 26 Sep 2005 11:12:31 -0400
Received: from sandelman.ottawa.on.ca (CPE0080c8d59fa8-CM0011aea1b6fc.cpe.net.cable.rogers.com [69.196.216.20]) by lists.sandelman.ca (8.11.6p3/8.11.6) with ESMTP id j8QF4jx17983 (using TLSv1/SSLv3 with cipher EDH-RSA-DES-CBC3-SHA (168 bits) verified OK); Mon, 26 Sep 2005 11:04:51 -0400 (EDT)
Received: from marajade.sandelman.ottawa.on.ca (marajade [127.0.0.1]) by sandelman.ottawa.on.ca (Postfix) with ESMTP id 1EB80E9951; Mon, 26 Sep 2005 11:04:45 -0400 (EDT)
To: Van Aken Dirk <Dirk.VanAken@thomson.net>
Subject: Re: [dhcwg] Re: Authentication of DHCP Relay Agent Options Using IPsec
In-Reply-To: Message from "Van Aken Dirk" <Dirk.VanAken@thomson.net> of "Mon, 26 Sep 2005 08:25:40 +0200." <1F5308C5923F3B4DAA51D189BF255006BC7CA3@edgmsmail01.eu.thmulti.com>
References: <1F5308C5923F3B4DAA51D189BF255006BC7CA3@edgmsmail01.eu.thmulti.com>
X-Mailer: MH-E 7.82; nmh 1.1; XEmacs 21.4 (patch 17)
Date: Mon, 26 Sep 2005 11:04:45 -0400
Message-ID: <7898.1127747085@marajade.sandelman.ottawa.on.ca>
From: Michael Richardson <mcr@sandelman.ottawa.on.ca>
X-Spam-Score: 0.1 (/)
X-Scan-Signature: 69a74e02bbee44ab4f8eafdbcedd94a1
X-Mailman-Approved-At: Wed, 12 Oct 2005 11:11:10 -0400
Cc: ipsec@ietf.org, dhcwg@ietf.org
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: dhcwg.ietf.org
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
Sender: dhcwg-bounces@ietf.org
Errors-To: dhcwg-bounces@ietf.org

-----BEGIN PGP SIGNED MESSAGE-----


{something rewrote the ipsec list to:
	   ipsec@lists.tislabs.com.cnri.reston.va.us
I'm guessing it gmane.org. Can you confirm what my message looked like
when it hit dhcwg@ietf.org? }

>>>>> "Van" == Van Aken Dirk <Dirk.VanAken@thomson.net> writes:
    Van> How do you come to the conclusion that DHCP relays are rather
    Van> "small boxes" and as a consequence don't need a full IKE
    Van> implementation ?

  You are looking at this from the wrong point of view.
 
  I'm claiming that DHCP relays *CAN* be small boxes, and so setting a
smaller footprint for what they need in terms of IKE benefits small
boxes without harming bigger boxes.

  Nothing prevents you from having a superset of what is required.

  (And what passes for a "small box" these days can be quite big)

- -- 
]       ON HUMILITY: to err is human. To moo, bovine.           |  firewalls  [
]   Michael Richardson,    Xelerance Corporation, Ottawa, ON    |net architect[
] mcr@xelerance.com      http://www.sandelman.ottawa.on.ca/mcr/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Finger me for keys

iQCVAwUBQzgOCoqHRg3pndX9AQHn6AP9F0GqCRkOHI0nvMaAYyRvc5ss+BMZfsRy
OIo/SvrPILkCsbdI8B4QX+fkpRs8m36boIIlVPQ24H8MpH4HtJD3thJhdMozF198
8kKtgNhnHUTd95GNhvCWaeZ6cOca0K1LogQxeduQhEt7y2CmRpyOYCv9+PyD1tuh
uHn3WnmqE0s=
=jZz3
-----END PGP SIGNATURE-----

_______________________________________________
dhcwg mailing list
dhcwg@ietf.org
https://www1.ietf.org/mailman/listinfo/dhcwg