IETF Logo Mail Archive

Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-02 - Respond by May 18

神明達哉 <jinmei@wide.ad.jp> Wed, 30 April 2014 17:29 UTC

Return-Path: <jinmei.tatuya@gmail.com>
X-Original-To: dhcwg@ietfa.amsl.com
Delivered-To: dhcwg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 347041A0922 for <dhcwg@ietfa.amsl.com>; Wed, 30 Apr 2014 10:29:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.978
X-Spam-Level:
X-Spam-Status: No, score=-0.978 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, FREEMAIL_FROM=0.001, MIME_8BIT_HEADER=0.3, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qU4YqqTwGIH0 for <dhcwg@ietfa.amsl.com>; Wed, 30 Apr 2014 10:29:50 -0700 (PDT)
Received: from mail-we0-x233.google.com (mail-we0-x233.google.com [IPv6:2a00:1450:400c:c03::233]) by ietfa.amsl.com (Postfix) with ESMTP id E0B121A0910 for <dhcwg@ietf.org>; Wed, 30 Apr 2014 10:29:49 -0700 (PDT)
Received: by mail-we0-f179.google.com with SMTP id x48so1988606wes.38 for <dhcwg@ietf.org>; Wed, 30 Apr 2014 10:29:47 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=m9M0DNlhsO774WIIGK/c6cuS0GxoIWFAE7lm2yiHsPU=; b=h1ywXd/r6HkF7H3nBOKudNFTpAG29PWI8RPiKv5GfbjZxVg7mvXRIp2AaL3yp89Bg+ VUgmhQo7TZ88ygNQwxdqDuNpO+gaM7Z1Bex35UzC9O2MPJ6oekdHYcpP+U1yL0FYjk7l h/LxrTEVHovX83y9hP9gPUrIilw5juKqt4nDQ1KKNSlJghtVYkziE4/XZoVEWwMcCGMV a6pZUps7xlGmEFMbszDXcJ7+QIv7Ej39O1ZwPCboEnueultrYPOX5/66l9FbxEjNb3/G We1GLc0xs2OHOfU5B2Sz687bdJE3i4jMnP6GJ2tsis+GcrTtm7jqE8o69MVPQyT5bO0I v9Yg==
MIME-Version: 1.0
X-Received: by 10.194.58.79 with SMTP id o15mr3542876wjq.62.1398878987845; Wed, 30 Apr 2014 10:29:47 -0700 (PDT)
Sender: jinmei.tatuya@gmail.com
Received: by 10.194.3.14 with HTTP; Wed, 30 Apr 2014 10:29:47 -0700 (PDT)
In-Reply-To: <535FEDAD.5010103@gmail.com>
References: <535FEDAD.5010103@gmail.com>
Date: Wed, 30 Apr 2014 10:29:47 -0700
X-Google-Sender-Auth: U-Y34UC_ZZqb3aSQ3PBsoU0onPc
Message-ID: <CAJE_bqen37j5UCsKZj6syVyvk2Xed4V_xGp-t4xY8shjmS+H5g@mail.gmail.com>
From: 神明達哉 <jinmei@wide.ad.jp>
To: Tomek Mrugalski <tomasz.mrugalski@gmail.com>
Content-Type: text/plain; charset="UTF-8"
Archived-At: http://mailarchive.ietf.org/arch/msg/dhcwg/UIYcI0IGh-MPcAZ7m-8LNPfbyJ4
Cc: dhcwg <dhcwg@ietf.org>
Subject: Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-02 - Respond by May 18
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <dhcwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dhcwg/>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 30 Apr 2014 17:29:51 -0000

At Tue, 29 Apr 2014 20:21:33 +0200,
Tomek Mrugalski <tomasz.mrugalski@gmail.com> wrote:

> Since we have upcoming holiday on May 1st (which happens to be a reason
> for extended weekend in many parts of Europe) and the topic in question
> is not trivial, this WGLC is a bit longer than usual.
>
> Please send your comments by May 18th 2014. If you do not feel this
> document should advance, please state your reasons why.

I've read the document.  I don't have a particular opinion on whether
it should advance, mainly because I'm not a security expert.  I have
some comments that may hopefully be useful, though:

Some higher level points
- (maybe already discussed before but) the concept of using public key
  authentication in DHCP makes some sense to me, but I wonder why we
  are discussing this specifically for DHCPv6.  As far as I know
  there's no such counterpart in DHCPv4 (the only related thing I can
  google is draft-gupta-dhcp-auth-02.txt, which expired long ago), am
  I correct?  If so, is that because *v4 is just too legacy and isn't
  worth improvements anymore?  Or does that reflect some DHCP specific
  points that make public key authentication not so viable?  If it's
  the latter, doesn't it also apply to this proposal?

- The description of the draft is a bit vague (which may have to be
  clarified anyway), but if I understand it correctly, it assumes that
  both clients (each of them) and servers maintain their pair of
  public-private keys, and a client offers and uses its own key to
  authenticate messages from the client to servers.  Is that correct?
  If so, does this make sense?  My general understanding is that
  authenticating DHCP messages from clients to server is not that
  critical, and it's quite unlikely that servers maintain public keys
  of all possible clients so the servers would have to rely on the
  leap-of-faith model.  They then may have to worry about the
  "resource exhaustion attacks" (although I'm not sure if this is a
  big issue, see below).

Other non editorial comments on the draft:
- Section 5.1:
   Public Key     A variable-length field containing public key. The
                  key MUST be represented as a lower-case hexadecimal
                  string with the most significant octet of the key
                  first. Typically, the length of a 2048-bit RSA

  Is there any specific reason it's represented as a string?  Not
  necessarily bad, but I thought more common practice here is to
  simply use the binary value of the key.  DHCP options in wire format
  are not expected to be human readable anyway, so I don't see the
  point for using a string here.

- In Section 6.2:

   On the recipient that supports the leap of faith model, the number of
   cached public keys or unverifiable certificates MUST be limited in
   order to protect against resource exhaustion attacks.  If the

  This is mainly concerned about servers, correct?  If so, I'm not
  sure how severe this "attacks" are; DHCP servers generally need to
  maintain some state for each client (unless that's stateless only
  server) and would naturally already have some limitation on that
  resource.  Shouldn't the general defense be enough for this
  particular resource, too?  (But I was also not sure if it makes
  sense to use (public key) authentication for messages from clients
  in the first place; see higher-level discussions above)

- Related, it seems some part of Section 6.2 is more specific for
  clients and some other part is more specific to servers.  So it may
  be helpful if we have separate subsections focusing on these
  particular cases.  Just a suggestion.

Editorial nits:
- Section 4.3
   they may fall back the unsecure model, if both client and server
  s/fall back the/fall back to the/
  (I found the missing 'to' of this kind in several other places in
  the draft)

- Section 4.3
   whether to accept the messages.  If the client accept the unsecure
   messages from the DHCPv6 server.  The subsequent exchanges will be in
   unsecure model.
  s/server.  The/server, the/

- Section 4.3
   on the server policy.  If the server mandidates the authentication,
  s/mandidates/mandates/

- Section 6.1
   messages, MUST contain either a the Public Key or Certificate option,
  s/a the/the/ (?)

- Section 6.2
   error status code, defined in Section 5.4, back to the client..
  s/.././

--
JINMEI, Tatuya

v2.23.0 | Report a Bug | By Email