Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-02 - Respond by May 18
Sheng Jiang <jiangsheng@huawei.com> Tue, 06 May 2014 06:33 UTC
Return-Path: <jiangsheng@huawei.com>
X-Original-To: dhcwg@ietfa.amsl.com
Delivered-To: dhcwg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BB5991A071D for <dhcwg@ietfa.amsl.com>; Mon, 5 May 2014 23:33:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.552
X-Spam-Level:
X-Spam-Status: No, score=-4.552 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.651, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 76_xDDAL7c0Y for <dhcwg@ietfa.amsl.com>; Mon, 5 May 2014 23:33:29 -0700 (PDT)
Received: from lhrrgout.huawei.com (lhrrgout.huawei.com [194.213.3.17]) by ietfa.amsl.com (Postfix) with ESMTP id 8BE461A025A for <dhcwg@ietf.org>; Mon, 5 May 2014 23:33:28 -0700 (PDT)
Received: from 172.18.7.190 (EHLO lhreml204-edg.china.huawei.com) ([172.18.7.190]) by lhrrg02-dlp.huawei.com (MOS 4.3.7-GA FastPath queued) with ESMTP id BDW06233; Tue, 06 May 2014 06:33:22 +0000 (GMT)
Received: from LHREML406-HUB.china.huawei.com (10.201.5.243) by lhreml204-edg.china.huawei.com (172.18.7.223) with Microsoft SMTP Server (TLS) id 14.3.158.1; Tue, 6 May 2014 07:32:06 +0100
Received: from NKGEML406-HUB.china.huawei.com (10.98.56.37) by lhreml406-hub.china.huawei.com (10.201.5.243) with Microsoft SMTP Server (TLS) id 14.3.158.1; Tue, 6 May 2014 07:33:20 +0100
Received: from NKGEML512-MBX.china.huawei.com ([169.254.7.206]) by nkgeml406-hub.china.huawei.com ([10.98.56.37]) with mapi id 14.03.0158.001; Tue, 6 May 2014 14:33:14 +0800
From: Sheng Jiang <jiangsheng@huawei.com>
To: "Bernie Volz (volz)" <volz@cisco.com>, 神明達哉 <jinmei@wide.ad.jp>, Tomek Mrugalski <tomasz.mrugalski@gmail.com>
Thread-Topic: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-02 - Respond by May 18
Thread-Index: AQHPY9fqOkQX2Up+wk+VaPjsYGUK15sp5cSAgALR/YCABmmZkA==
Date: Tue, 06 May 2014 06:33:14 +0000
Message-ID: <5D36713D8A4E7348A7E10DF7437A4B923AE431E5@nkgeml512-mbx.china.huawei.com>
References: <535FEDAD.5010103@gmail.com> <CAJE_bqen37j5UCsKZj6syVyvk2Xed4V_xGp-t4xY8shjmS+H5g@mail.gmail.com> <489D13FBFA9B3E41812EA89F188F018E1B008430@xmb-rcd-x04.cisco.com>
In-Reply-To: <489D13FBFA9B3E41812EA89F188F018E1B008430@xmb-rcd-x04.cisco.com>
Accept-Language: en-GB, zh-CN, en-US
Content-Language: zh-CN
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.111.98.145]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-CFilter-Loop: Reflected
Archived-At: http://mailarchive.ietf.org/arch/msg/dhcwg/SRlWU_wTiV2N6sg00-19Rvp4cvw
Cc: dhcwg <dhcwg@ietf.org>
Subject: Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-02 - Respond by May 18
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <dhcwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dhcwg/>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 06 May 2014 06:33:31 -0000
Hi, Jinmei & Bernie, We do have a plan to extend this to DHCPv4. We are going to submit an individual 00 version before the next IETF meeting. However, the secure DHCPv6 is in our priority for now. :) Best regards, Sheng + Dacheng >-----Original Message----- >From: dhcwg [mailto:dhcwg-bounces@ietf.org] On Behalf Of Bernie Volz (volz) >Sent: Friday, May 02, 2014 8:34 PM >To: 神明達哉; Tomek Mrugalski >Cc: dhcwg >Subject: Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-02 - Respond by May >18 > >Jinmei: > >Thanks for your review and feedback. > >Regarding your first point, there's probably nothing (except the option length >limitations, though RFC 3396 handles that) that would prevent this from being >adopted for DHCPv4. But it is indeed a question of whether advancing >DHCPv4 is as important as advancing DHCPv6. Also, the DHC WG charter is >focused on DHCPv6. > >If this work does advance, and there's sufficient interest, I could well see >someone proposing the same for DHCPv4. > >- Bernie > >-----Original Message----- >From: dhcwg [mailto:dhcwg-bounces@ietf.org] On Behalf Of ???? >Sent: Wednesday, April 30, 2014 1:30 PM >To: Tomek Mrugalski >Cc: dhcwg >Subject: Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-02 - Respond by May >18 > >At Tue, 29 Apr 2014 20:21:33 +0200, >Tomek Mrugalski <tomasz.mrugalski@gmail.com> wrote: > >> Since we have upcoming holiday on May 1st (which happens to be a >> reason for extended weekend in many parts of Europe) and the topic in >> question is not trivial, this WGLC is a bit longer than usual. >> >> Please send your comments by May 18th 2014. If you do not feel this >> document should advance, please state your reasons why. > >I've read the document. I don't have a particular opinion on whether it >should advance, mainly because I'm not a security expert. I have some >comments that may hopefully be useful, though: > >Some higher level points >- (maybe already discussed before but) the concept of using public key > authentication in DHCP makes some sense to me, but I wonder why we > are discussing this specifically for DHCPv6. As far as I know > there's no such counterpart in DHCPv4 (the only related thing I can > google is draft-gupta-dhcp-auth-02.txt, which expired long ago), am > I correct? If so, is that because *v4 is just too legacy and isn't > worth improvements anymore? Or does that reflect some DHCP specific > points that make public key authentication not so viable? If it's > the latter, doesn't it also apply to this proposal? > >- The description of the draft is a bit vague (which may have to be > clarified anyway), but if I understand it correctly, it assumes that > both clients (each of them) and servers maintain their pair of > public-private keys, and a client offers and uses its own key to > authenticate messages from the client to servers. Is that correct? > If so, does this make sense? My general understanding is that > authenticating DHCP messages from clients to server is not that > critical, and it's quite unlikely that servers maintain public keys > of all possible clients so the servers would have to rely on the > leap-of-faith model. They then may have to worry about the > "resource exhaustion attacks" (although I'm not sure if this is a > big issue, see below). > >Other non editorial comments on the draft: >- Section 5.1: > Public Key A variable-length field containing public key. The > key MUST be represented as a lower-case hexadecimal > string with the most significant octet of the key > first. Typically, the length of a 2048-bit RSA > > Is there any specific reason it's represented as a string? Not > necessarily bad, but I thought more common practice here is to > simply use the binary value of the key. DHCP options in wire format > are not expected to be human readable anyway, so I don't see the > point for using a string here. > >- In Section 6.2: > > On the recipient that supports the leap of faith model, the number of > cached public keys or unverifiable certificates MUST be limited in > order to protect against resource exhaustion attacks. If the > > This is mainly concerned about servers, correct? If so, I'm not > sure how severe this "attacks" are; DHCP servers generally need to > maintain some state for each client (unless that's stateless only > server) and would naturally already have some limitation on that > resource. Shouldn't the general defense be enough for this > particular resource, too? (But I was also not sure if it makes > sense to use (public key) authentication for messages from clients > in the first place; see higher-level discussions above) > >- Related, it seems some part of Section 6.2 is more specific for > clients and some other part is more specific to servers. So it may > be helpful if we have separate subsections focusing on these > particular cases. Just a suggestion. > >Editorial nits: >- Section 4.3 > they may fall back the unsecure model, if both client and server > s/fall back the/fall back to the/ > (I found the missing 'to' of this kind in several other places in > the draft) > >- Section 4.3 > whether to accept the messages. If the client accept the unsecure > messages from the DHCPv6 server. The subsequent exchanges will be in > unsecure model. > s/server. The/server, the/ > >- Section 4.3 > on the server policy. If the server mandidates the authentication, > s/mandidates/mandates/ > >- Section 6.1 > messages, MUST contain either a the Public Key or Certificate option, > s/a the/the/ (?) > >- Section 6.2 > error status code, defined in Section 5.4, back to the client.. > s/.././ > >-- >JINMEI, Tatuya > >_______________________________________________ >dhcwg mailing list >dhcwg@ietf.org >https://www.ietf.org/mailman/listinfo/dhcwg > >_______________________________________________ >dhcwg mailing list >dhcwg@ietf.org >https://www.ietf.org/mailman/listinfo/dhcwg
- [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-02 - Res… Tomek Mrugalski
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-02 -… 神明達哉
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-02 -… Bernie Volz (volz)
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-02 -… Ralph Droms
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-02 -… 神明達哉
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-02 -… Liubing (Leo)
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-02 -… Declan Ma
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-02 -… Sheng Jiang
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-02 -… Sheng Jiang
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-02 -… Sheng Jiang
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-02 -… Bernie Volz (volz)
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-02 -… Ted Lemon
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-02 -… Ralph Droms
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-02 -… Sheng Jiang
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-02 -… Ralph Droms
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-02 -… 神明達哉
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-02 -… 神明達哉
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-02 -… Bernie Volz (volz)
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-02 -… Ted Lemon
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-02 -… Bernie Volz (volz)
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-02 -… 神明達哉
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-02 -… Ted Lemon
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-02 -… Bernie Volz (volz)
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-02 -… Ted Lemon
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-02 -… Bernie Volz (volz)
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-02 -… Ted Lemon
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-02 -… Bernie Volz (volz)
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-02 -… Ted Lemon
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-02 -… Bernie Volz (volz)
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-02 -… Ted Lemon
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-02 -… 神明達哉
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-02 -… Ted Lemon
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-02 -… Sheng Jiang
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-02 -… Sheng Jiang
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-02 -… 神明達哉
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-02 -… Ted Lemon
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-02 -… liuzilong8266
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-02 -… 神明達哉
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-02 -… Ted Lemon
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-02 -… 神明達哉
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-02 -… Sheng Jiang
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-02 -… 神明達哉
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-02 -… Ralph Droms
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-02 -… Tomek Mrugalski
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-02 -… Ted Lemon
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-02 -… Ralph Droms
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-02 -… Ted Lemon
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-02 -… Ralph Droms
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-02 -… Ted Lemon
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-02 -… 神明達哉
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-02 -… Ralph Droms
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-02 -… Ted Lemon
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-02 -… Sheng Jiang
- [dhcwg] WGLC summary for draft-ietf-dhc-sedhcpv6-… Tomek Mrugalski
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-02 -… 神明達哉
- Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-02 -… Ralph Droms
- [dhcwg] Deployment consideration for SeDHCPv6 Sheng Jiang
- Re: [dhcwg] Deployment consideration for SeDHCPv6 神明達哉
- Re: [dhcwg] Deployment consideration for SeDHCPv6 Ralph Droms
- Re: [dhcwg] Deployment consideration for SeDHCPv6 神明達哉
- Re: [dhcwg] Deployment consideration for SeDHCPv6 Sheng Jiang
- Re: [dhcwg] Deployment consideration for SeDHCPv6 Ralph Droms