[dhcwg] Fw:New Version Notification for draft-cui-dhc-dhcpv6-encryption-03.txt

李丽姗 <lilishan48@gmail.com> Mon, 31 August 2015 14:59 UTC

Return-Path: <lilishan48@gmail.com>
X-Original-To: dhcwg@ietfa.amsl.com
Delivered-To: dhcwg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com []) by ietfa.amsl.com (Postfix) with ESMTP id 6045A1B491D for <dhcwg@ietfa.amsl.com>; Mon, 31 Aug 2015 07:59:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.449
X-Spam-Status: No, score=-1.449 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, MIME_8BIT_HEADER=0.3, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id TTV6fHJth-JU for <dhcwg@ietfa.amsl.com>; Mon, 31 Aug 2015 07:59:07 -0700 (PDT)
Received: from mail-lb0-x229.google.com (mail-lb0-x229.google.com [IPv6:2a00:1450:4010:c04::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3C86B1B4CEF for <dhcwg@ietf.org>; Mon, 31 Aug 2015 07:59:07 -0700 (PDT)
Received: by lbbsx3 with SMTP id sx3so62054036lbb.0 for <dhcwg@ietf.org>; Mon, 31 Aug 2015 07:59:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=vFgCxZgL9fgO3bl8G7+vUDFTj+qUg2Lv06BgvfiJn/0=; b=QmQ4jO8DTG0x6th8g9mzkJiOnEmtd4T5MzK+5ZyNHdAOOnS7FX0lDfrvIOakSG966D q7BwYleyrUEv54iuNL+zNZKA9nUX702ekdWDu4OYSqBuftfN3GYui8EyL9f5jLYVEy+D nC+SsfsNej6xrzjtiOYr6V5iov0CSql1uTyBOSGCoslMe+wbel1SvhxRROXmxkg/7Kxy e8D4FpV1lC9hQWCv/3kIkewLKjl/b+SpE/f5YRPCvDcx6kyLGzhUAG/lV4+Vxeoj12d5 zaRQbnPgGuJ1PZ64dcvU2GcDtkjt+jIG4qgLaRGiGsMJFNrCcY4Jz0l8jO2Z1cXb6ZKo RWbg==
MIME-Version: 1.0
X-Received: by with SMTP id ki19mr10651037lbb.108.1441033145609; Mon, 31 Aug 2015 07:59:05 -0700 (PDT)
Received: by with HTTP; Mon, 31 Aug 2015 07:59:05 -0700 (PDT)
Date: Mon, 31 Aug 2015 22:59:05 +0800
Message-ID: <CAJ3w4NdKzvDzFdH2jEmNHuqv9Cq9yZOKD2ixnkdxizd-DkNFxQ@mail.gmail.com>
From: 李丽姗 <lilishan48@gmail.com>
To: dhcwg@ietf.org
Content-Type: multipart/alternative; boundary="047d7bfd001ec0f35b051e9cacd5"
Archived-At: <http://mailarchive.ietf.org/arch/msg/dhcwg/NUI2upCRdRvVyYm9iSdl26WW4mY>
Subject: [dhcwg] Fw:New Version Notification for draft-cui-dhc-dhcpv6-encryption-03.txt
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <dhcwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dhcwg/>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 31 Aug 2015 14:59:09 -0000

Dear all,

we have submitted a new version of the

In this version, we add some text about the deployment consideration
according to the saag comments. We have discuss the draft on the saag mail
list (http://www.ietf.org/mail-archive/web/saag/current/threads.html).
Thanks for the constructive comments from many secure area experts,
including Stephen Farrell, Randy Bush. The most important concern is
regarding to the deployment/applicability consideration. Stephen Farrell
suggested us to use TOFU. TOFU calls for accepting and storing a
certificate associated with an asserted identity, without authenticating
that assertion. And finally we have almost reach an agreement to use TOFU.
Although there are cases such as enterprise case, the TOFU cannot work
well. But we think that it provide better assurance than we have today.

Could you please review the draft and any comments are welcome.

Best Regards,

-------- Forwarding messages --------
From: internet-drafts@ietf.org
Date: 2015-08-31 11:28:42
To:  "Jianping Wu" <jianping@cernet.edu.cn>,"Yiu Lee" <
yiu_lee@cable.comcast.com>,"Yong Cui" <yong@csnet1.cs.tsinghua.edu.cn>,"Lishan
Li" <lilishan9248@126.com>,"Jianping Wu" <jianping@cernet.edu.cn>,"Lishan
Li" <lilishan9248@126.com>,"Yiu Lee" <yiu_lee@cable.comcast.com>,"Yong Cui"
Subject: New Version Notification for draft-cui-dhc-dhcpv6-encryption-03.txt

A new version of I-D, draft-cui-dhc-dhcpv6-encryption-03.txt
has been successfully submitted by Lishan Li and posted to the
IETF repository.

Name: draft-cui-dhc-dhcpv6-encryption
Revision: 03
Title: Authentication and Encryption Mechanism for DHCPv6
Document date: 2015-08-30
Group: Individual Submission
Pages: 10

   The Dynamic Host Configuration Protocol for IPv6 (DHCPv6) enables
   DHCPv6 servers to configure network parameters.  However, due to the
   unsecured nature, various critical identifiers used in DHCPv6 are
   vulnerable to several types of attacks, particularly pervasive
   monitoring.  This document provides a mechanism to secure DHCPv6
   messages, which achieves the server authentication and encryption
   between the DHCPv6 client and server.

Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.

The IETF Secretariat