[dhcwg] proposed text of sedhcpv6 applicability
神明達哉 <jinmei@wide.ad.jp> Thu, 25 February 2016 19:46 UTC
Return-Path: <jinmei.tatuya@gmail.com>
X-Original-To: dhcwg@ietfa.amsl.com
Delivered-To: dhcwg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CBAC61B334E for <dhcwg@ietfa.amsl.com>; Thu, 25 Feb 2016 11:46:00 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.978
X-Spam-Level:
X-Spam-Status: No, score=-0.978 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, FREEMAIL_FROM=0.001, MIME_8BIT_HEADER=0.3, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zOY6sZ0OUczn for <dhcwg@ietfa.amsl.com>; Thu, 25 Feb 2016 11:45:59 -0800 (PST)
Received: from mail-io0-x231.google.com (mail-io0-x231.google.com [IPv6:2607:f8b0:4001:c06::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 93AA71B3338 for <dhcwg@ietf.org>; Thu, 25 Feb 2016 11:45:59 -0800 (PST)
Received: by mail-io0-x231.google.com with SMTP id g203so99698354iof.2 for <dhcwg@ietf.org>; Thu, 25 Feb 2016 11:45:59 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:date:message-id:subject:from:to; bh=YlzP0/fzdAzdtxAEW4vJVpWt4TBPgHLqmx2dtkcuOwI=; b=CXvBrz+LyzwuVY+noBkEzkw3PIyprQY/dzqDgEF9SUE2cUffneEbCm9ZiSMVT+FzMn p510QLzEihVis9i2AQNbp6f5c8WvxVy+cO9lv0TTKzolnkCJu2VZ1y/Ww4kPMl3i1BAS uwF7I7oeNnaZarI27stgl6GKQJNWLzuPXk23Of5gXaVZ3JpA9U5/eWDO53r3UNk1hYS1 96lABeRRWZlsx2tiTHThWnczd16ie6RlESgEWPGlQguckAiF9hukVREmKL0JM6tGthew AwbncAulvk+9kFPXAUq9h+ztb7PLLI+3IlzJ1F8of4U5yJqw+Fm+XpYpiwT2C7BAqD2s AgBg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:sender:date:message-id:subject:from :to; bh=YlzP0/fzdAzdtxAEW4vJVpWt4TBPgHLqmx2dtkcuOwI=; b=OM4qI766e6GcI5qdblYA2MYNCRF0jgbH5cZ31ZopzWyd0BTMx2cOtBMkfsXRYcYGLN fk423fVn0LCCJVM1bZ2/FCxK7EtQnDVym/qYRobr02IowCz7ubR9jyEBflYdZkXdWLP8 V36tyhEKflRAzzs+zOo/Q9XcMisIK2n4iSD1x8NqGBThaz9jcR+hKmcEu2M4rxFG2xAF 9XBw4G2U8dRG0ODTgEg27OJho1tgCNxq8mIOn2XulVwQ15aG9gTA4LxfmTbqQdpks0Bb NafXpd1q+2anhEjJrW1tdmnOX9vPr9T6rFrO8wjqxjvElXEOBlW7yPJT3AngQh36tEau OuYA==
X-Gm-Message-State: AG10YOSUQClcdbrj7fCuqK2N5SABA1hQu4qYdhe9wwZHOYSFX75CHy4zOg2KFYQZLsyZ13g8vwGgZLd9dXFZXw==
MIME-Version: 1.0
X-Received: by 10.107.184.135 with SMTP id i129mr5394125iof.4.1456429558990; Thu, 25 Feb 2016 11:45:58 -0800 (PST)
Sender: jinmei.tatuya@gmail.com
Received: by 10.107.169.35 with HTTP; Thu, 25 Feb 2016 11:45:58 -0800 (PST)
Date: Thu, 25 Feb 2016 11:45:58 -0800
X-Google-Sender-Auth: r6F9WLCcA2L8SXbeoFv-yMxpMCA
Message-ID: <CAJE_bqfAAnYquTkLKv72=8GuD1eDWyQGBdp+xAS5NWBsNXGgnQ@mail.gmail.com>
From: 神明達哉 <jinmei@wide.ad.jp>
To: "dhcwg@ietf.org" <dhcwg@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <http://mailarchive.ietf.org/arch/msg/dhcwg/Q6TQ48wpYkRoKRXYH7SRz8c_tP4>
Subject: [dhcwg] proposed text of sedhcpv6 applicability
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <dhcwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dhcwg/>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Feb 2016 19:46:01 -0000
This is my proposed text for the "applicability" discussion of draft-ietf-dhc-sedhcpv6-10 (Section 5.5) I promised before. It is intended to replace the entire text with the proposed text. -- JINMEI, Tatuya 5.5. Applicability In principle Secure DHCPv6 is applicable in any environment where physical security on the link is not assured and attacks on DHCPv6 are a concern. In practice, however, it will rely on some operational assumptions mainly regarding public key distribution and management, until more lessons are learned and more experiences are achieved. One feasible environment in an early deployment stage would be enterprise networks. In such networks the security policy tends to be strict and it will be easier to manage client hosts. One trivial deployment scenario is therefore to manually pre-configure client hosts with the server public key and manually register clients' public keys for the server. It may also be possible to deploy an internal PKI to make this less reliant on manual operations, although it is currently subject to future study specifically how to integrate such a PKI into the DHCPv6 service for the network. Note that this deployment scenario based on manual operation is not different very much from the existing, shared-secret based authentication mechanisms defined in [RFC3315] in terms of operational costs. However, Secure DHCPv6 is still securer than the shared-secret mechanism in that even if clients' keys stored for the server are stolen that does not mean an immediate threat as these are public keys. In addition, if some kind of PKI is used with Secure DHCPv6, even if the initial installation of the certificates is done manually, it will help reduce operational costs of revocation in case a private key (especially that of the server) is compromised. It is believed that Secure DHCPv6 could be more widely applicable with integration of generic PKI so that it will be more easily deployed. But such a deployment requires more general issues with PKI deployment be addressed, and it is currently unknown whether we can find practical deployment scenarios. It is subject to future study and experiments, and out of scope of this document.