[dhcwg] Secure DHCPv6 Deployment Consideration - proposed text

[Sheng Jiang <jiangsheng@huawei.com>]

Hi, dhc,

During the latest AD review and security review, we have received many constructive comments. Although some general security issues are out of scope, we have integrated most of comments. One of the major concern is regarding to the deployment/applicability, particularly the PKI availability. Therefore, we have proposed the below text for a new section, deployment consideration. Your review and comments are appreciated.

Deployment Consideration

This document defines two authentication models: authentication based on public key certificates and PKI; and authentication based on leap of faith to public keys. It is worth noticing that in real deployment, the two models may be mixed together on the serve to be able to serve both stable clients and roaming clients, which may be treated with different service policies.

1. Authentication based on certificate and PKI

This model would mainly be used in the scenarios such as enterprise networks where tight security policies are applied and the clients are stable terminal devices. It would provide tighter security protection because both server and client can be authenticated based on a common trusted CA. As with this precondition, this model would require more complicated pre-configuration, particularly on the client side.

The server can always be considered to have connectivity to authorized CA and verify the clients’ certificate. Because the client may have to validate the authentication in the condition of without connectivity wider than link-local，the verification on the client devices may have to be performed locally. One or multiple certificates, which form a certification path [RFC5280], need to be deployed in the client in order to verify the certificate sent from the server and so perform the authentication. Besides the certificate used to prove the identity, the server may also need to provide additional certificates to help the client generate a certificate chain from the certificates deployed in the client to the certificate.

2.  Authentication based on leap of faith

This model would mainly be the scenarios that the security policies are loss and the clients may roam, such as public coffee shops. Therefore, the PKI could not be deployed in advance. This model requires minimum pre-configuration - server and client has a public/private key pair. A signed certificate could be an equivalent to a public key in this model.

The Leap of faith model by itself could not prevent a client to trust a malicious server or a server to trust a malicious client at the beginning of the first session. But the leap of faith mechanism guarantees the subsequent messages are sent by the same previous sender, and therefore narrows the time window that an attacker can perform attacks. Also, the message integrity is provided.

The server may constrain the resource and access rights to clients who is based on leap of faith model to avoid potential malicious attacks

Additional mechanisms to justify the trust relationship, such as requiring human intervention at the point of the leap of faith on the client or the server may run some algorithm to detect malicious behaviors from clients.

Best regards,

Sheng + Dacheng