Re: [dhcwg] I-D Action: draft-ietf-dhc-sedhcpv6-18.txt

Lishan Li <lilishan48@gmail.com> Mon, 05 December 2016 16:02 UTC

Return-Path: <lilishan48@gmail.com>
X-Original-To: dhcwg@ietfa.amsl.com
Delivered-To: dhcwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8E6D3129B29 for <dhcwg@ietfa.amsl.com>; Mon, 5 Dec 2016 08:02:42 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.449
X-Spam-Level:
X-Spam-Status: No, score=-2.449 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0dtYqAYatq1i for <dhcwg@ietfa.amsl.com>; Mon, 5 Dec 2016 08:02:40 -0800 (PST)
Received: from mail-qk0-x233.google.com (mail-qk0-x233.google.com [IPv6:2607:f8b0:400d:c09::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 89B50129B4F for <dhcwg@ietf.org>; Mon, 5 Dec 2016 07:59:21 -0800 (PST)
Received: by mail-qk0-x233.google.com with SMTP id x190so350370647qkb.0 for <dhcwg@ietf.org>; Mon, 05 Dec 2016 07:59:21 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to; bh=hzH4E0Pxuu9HAYiWaZryS5q8WdtxXyM9tIcbv73KTeQ=; b=X9+KxKwHsm0M1Qt9roKc2i8Bn0jHva4y9Ep52397zUK9NRI+T27Ag49xhYAuSBbCl3 12i8+6AxouZf4X16MBqHwERIUPGGGyYZEQ6WtSbvJqF/9nWaHRrFrJcZrcv9+YWyscQC 7bqJ9GfAvgERP+Nyho+IwYFn18W3WzUf8UrVpolSMkkW9VRG5TEMKt3ZBkmXOxK3SFfU qcUJPtFmFEBA6fjAKXHeBLlg4Moy0/xrtl2DjddZ4eiP2NGThmtfDGT7Cre69a9jo3/Q jSo1Pfx4L5aJ+nxKE6YfT1lqFzfYfymhVRmO0ANU5nvLSquc8seuy2GAfrjTRCJroT8R xxRA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to; bh=hzH4E0Pxuu9HAYiWaZryS5q8WdtxXyM9tIcbv73KTeQ=; b=ku7t9BhcJngvC2PgvsOFhRau7rVA8yS7RKep7sjWNbqshb9nnncMUWPEG+m/OcCA7s rkEXr4g0Vw1sNnlpwscr7w/WY7Rtfu0pcoNr2PdRfBMeZxHHtdxUg+TnA2ZKbpuMO8kH wVpzAQ1HwTjvRFN0lDfjF5fhOiO/1buYschU9YcA+N3QBib+sc685/6ncIIk6KFD1tKm osSUFoWB70pIhKRdSJQ3jAPXViYOxgaSHmhgigM/45Ym5pVGOytsTTJSJU9j06b2sEpo edyPf7hp6YGO2FpRyuWxF+9EMAlhUdYYzjJQhH8ZZfGNqbIVwL48GOcsH/o3wOsI8f8D hX8Q==
X-Gm-Message-State: AKaTC01PN891IWd+fdyffzaoOylodAOwXfDuD+FPfBhlRObBrvkX0LhYVGVbDOMzX7SBk0Q1uDXseASPbm/aAg==
X-Received: by 10.55.48.72 with SMTP id w69mr57199811qkw.320.1480953560591; Mon, 05 Dec 2016 07:59:20 -0800 (PST)
MIME-Version: 1.0
Received: by 10.237.36.211 with HTTP; Mon, 5 Dec 2016 07:59:20 -0800 (PST)
In-Reply-To: <148092498114.3294.14134801279747342720.idtracker@ietfa.amsl.com>
References: <148092498114.3294.14134801279747342720.idtracker@ietfa.amsl.com>
From: Lishan Li <lilishan48@gmail.com>
Date: Mon, 5 Dec 2016 23:59:20 +0800
Message-ID: <CAJ3w4NfufMn9yzACowX728Cxxn4Rdci5pXAwVYB3d2fKDtNF2Q@mail.gmail.com>
To: dhcwg <dhcwg@ietf.org>
Content-Type: multipart/alternative; boundary=001a114908bee87fd20542eb5e36
Archived-At: <https://mailarchive.ietf.org/arch/msg/dhcwg/OSTNZWa1YZF_cXXGwrnP_1EWpM8>
Subject: Re: [dhcwg] I-D Action: draft-ietf-dhc-sedhcpv6-18.txt
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: <dhcwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dhcwg/>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 05 Dec 2016 16:02:42 -0000

Dear All,

We have submitted the new version of secure DHCPv6.
In the new version, we made the following updates:
1. Add the Algorithm option, Encryption Key Tag option;
2. Delete the AlgorithmNotSupported error status code;
3. Delete some description on that secure DHCPv6
    exchanges the server selection method;
4. Add the assumption that: For DHCPv6 client, just one
    certificate is used for the DHCPv6 configuration;
5. Add the statement that: For the first Encrypted-Query
    message, the server needs to try all the possible private
    keys and then records the relationship between the public
    key and the encryption key tag;
5. For the case where the client's certificate is missed
    and decryption fails, the server discards the received
    message.

Could you please review the current version? Looking
forward to your guidance.

Best Regards,
Lishan

2016-12-05 16:03 GMT+08:00 <internet-drafts@ietf.org>;:

>
> A New Internet-Draft is available from the on-line Internet-Drafts
> directories.
> This draft is a work item of the Dynamic Host Configuration of the IETF.
>
>         Title           : Secure DHCPv6
>         Authors         : Sheng Jiang
>                           Lishan Li
>                           Yong Cui
>                           Tatuya Jinmei
>                           Ted Lemon
>                           Dacheng Zhang
>         Filename        : draft-ietf-dhc-sedhcpv6-18.txt
>         Pages           : 30
>         Date            : 2016-12-05
>
> Abstract:
>    DHCPv6 includes no deployable security mechanism that can protect
>    end-to-end communication between DHCP clients and servers.  This
>    document describes a mechanism for using public key cryptography to
>    provide such security.  The mechanism provides encryption in all
>    cases, and can be used for authentication based on pre-sharing of
>    authorized certificates.
>
>
> The IETF datatracker status page for this draft is:
> https://datatracker.ietf.org/doc/draft-ietf-dhc-sedhcpv6/
>
> There's also a htmlized version available at:
> https://tools.ietf.org/html/draft-ietf-dhc-sedhcpv6-18
>
> A diff from the previous version is available at:
> https://www.ietf.org/rfcdiff?url2=draft-ietf-dhc-sedhcpv6-18
>
>
> Please note that it may take a couple of minutes from the time of
> submission
> until the htmlized version and diff are available at tools.ietf.org.
>
> Internet-Drafts are also available by anonymous FTP at:
> ftp://ftp.ietf.org/internet-drafts/
>
> _______________________________________________
> dhcwg mailing list
> dhcwg@ietf.org
> https://www.ietf.org/mailman/listinfo/dhcwg
>