[dhcwg] dhc WG last call on draft-ietf-dhc-v4-threat-analysis-02
Ralph Droms <rdroms@cisco.com> Wed, 11 August 2004 19:42 UTC
Received: from megatron.ietf.org (megatron.ietf.org [132.151.6.71]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id PAA02842; Wed, 11 Aug 2004 15:42:54 -0400 (EDT)
Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1BuylN-0007gZ-CY; Wed, 11 Aug 2004 15:27:53 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1BuydM-0002S2-Eg for dhcwg@megatron.ietf.org; Wed, 11 Aug 2004 15:19:36 -0400
Received: from ietf-mx.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id PAA00288 for <dhcwg@ietf.org>; Wed, 11 Aug 2004 15:19:34 -0400 (EDT)
Received: from sj-iport-2-in.cisco.com ([171.71.176.71] helo=sj-iport-2.cisco.com) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1Buyi6-0005vH-Kf for dhcwg@ietf.org; Wed, 11 Aug 2004 15:24:34 -0400
Received: from sj-core-5.cisco.com (171.71.177.238) by sj-iport-2.cisco.com with ESMTP; 11 Aug 2004 12:21:22 -0700
Received: from flask.cisco.com (IDENT:mirapoint@flask.cisco.com [161.44.122.62]) by sj-core-5.cisco.com (8.12.10/8.12.6) with ESMTP id i7BJIrK7016573 for <dhcwg@ietf.org>; Wed, 11 Aug 2004 12:18:58 -0700 (PDT)
Received: from rdroms-w2k01.cisco.com (dhcp-10-86-160-38.cisco.com [10.86.160.38]) by flask.cisco.com (MOS 3.4.6-GR) with ESMTP id AKT87658; Wed, 11 Aug 2004 15:18:52 -0400 (EDT)
Message-Id: <4.3.2.7.2.20040811151653.020898a8@flask.cisco.com>
X-Sender: rdroms@flask.cisco.com
X-Mailer: QUALCOMM Windows Eudora Version 4.3.2
Date: Wed, 11 Aug 2004 15:17:48 -0400
To: dhcwg@ietf.org
From: Ralph Droms <rdroms@cisco.com>
Subject: [dhcwg] dhc WG last call on draft-ietf-dhc-v4-threat-analysis-02
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
X-Spam-Score: 0.0 (/)
X-Scan-Signature: e1e48a527f609d1be2bc8d8a70eb76cb
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: dhcwg.ietf.org
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
Sender: dhcwg-bounces@ietf.org
Errors-To: dhcwg-bounces@ietf.org
This message announces a second WG last call on "Dynamic Host Configuration Protocol for IPv4 (DHCPv4) Threat Analysis" <draft-ietf-dhc-v4-threat-analysis-02>. There was insufficient (that is, none) response to the first WG last call. This document can not be submitted to the IESG without positive response during the WG last call. This last call will conclude at 1700 EDT, 2004-08-27. Please respond to this WG last call. If you support acceptance of the document without change, respond with a simple acknowledgment, so that support for the document can be assessed. "Dynamic Host Configuration Protocol for IPv4 (DHCPv4) Threat Analysis" provides a comprehensive threat analysis of the Dynamic Host Configuration Protocol. DHCPv4 (RFC 2131) is a stable, widely used protocol for configuration of host systems in a TCP/IPv4 network. RFC 2131 did not provide for authentication of clients and servers, nor did it provide for data confidentiality. This is reflected in the original "Security Considerations" section of RFC 2131, which identifies a few threats and leaves development of any defenses against those threats to future work. Beginning in about 1995 DHCP security began to attract attention from the Internet community, eventually resulting in the publication of RFC 3118 in 2001. Although RFC 3118 was a mandatory prerequisite for the DHCPv4 Reconfigure Extension, RFC 3203, it has had no known usage by any commercial or private implementation since its adoption. The DHC Working Group has adopted a work item to review and modify or replace RFC 3118 to afford a workable, easily deployed security mechanism for DHCPv4. This memo provides a comprehensive threat analysis of the Dynamic Host Configuration Protocol for use both as RFC 2131 advances from Draft Standard to Full Standard and to support our chartered work improving the acceptance and deployment of RFC 3118. This draft is available as http://www.ietf.org/internet-drafts/draft-ietf-dhc-v4-threat-analysis-02.txt - Ralph Droms _______________________________________________ dhcwg mailing list dhcwg@ietf.org https://www1.ietf.org/mailman/listinfo/dhcwg _______________________________________________ dhcwg mailing list dhcwg@ietf.org https://www1.ietf.org/mailman/listinfo/dhcwg
- [dhcwg] dhc WG last call on draft-ietf-dhc-v4-thr… Ralph Droms
- [dhcwg] dhc WG last call on draft-ietf-dhc-v4-thr… Ralph Droms
- RE: [dhcwg] dhc WG last call on draft-ietf-dhc-v4… Bernie Volz