RE: [dhcwg] dhcpv6-24: using IPsec to secure relay-agent <-> serv er messages
"Bernie Volz (EUD)" <Bernie.Volz@am1.ericsson.se> Wed, 08 May 2002 16:11 UTC
Received: from optimus.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id MAA14903 for <dhcwg-archive@odin.ietf.org>; Wed, 8 May 2002 12:11:11 -0400 (EDT)
Received: (from daemon@localhost) by optimus.ietf.org (8.9.1a/8.9.1) id MAA11157 for dhcwg-archive@odin.ietf.org; Wed, 8 May 2002 12:11:18 -0400 (EDT)
Received: from optimus.ietf.org (localhost [127.0.0.1]) by optimus.ietf.org (8.9.1a/8.9.1) with ESMTP id MAA10990; Wed, 8 May 2002 12:09:46 -0400 (EDT)
Received: from ietf.org (odin [132.151.1.176]) by optimus.ietf.org (8.9.1a/8.9.1) with ESMTP id MAA10961 for <dhcwg@optimus.ietf.org>; Wed, 8 May 2002 12:09:44 -0400 (EDT)
Received: from imr2.ericy.com (imr2.ericy.com [198.24.6.3]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id MAA14741 for <dhcwg@ietf.org>; Wed, 8 May 2002 12:09:36 -0400 (EDT)
Received: from mr7.exu.ericsson.se (mr7att.ericy.com [138.85.224.158]) by imr2.ericy.com (8.11.3/8.11.3) with ESMTP id g48G9Di11262 for <dhcwg@ietf.org>; Wed, 8 May 2002 11:09:13 -0500 (CDT)
Received: from eamrcnt747.exu.ericsson.se (eamrcnt747.exu.ericsson.se [138.85.133.37]) by mr7.exu.ericsson.se (8.11.3/8.11.3) with SMTP id g48G9DE25309 for <dhcwg@ietf.org>; Wed, 8 May 2002 11:09:13 -0500 (CDT)
Received: FROM eamrcnt761.exu.ericsson.se BY eamrcnt747.exu.ericsson.se ; Wed May 08 11:09:12 2002 -0500
Received: by eamrcnt761.exu.ericsson.se with Internet Mail Service (5.5.2653.19) id <KQMFNHZL>; Wed, 8 May 2002 11:09:12 -0500
Message-ID: <66F66129A77AD411B76200508B65AC69B4D3BD@EAMBUNT705>
From: "Bernie Volz (EUD)" <Bernie.Volz@am1.ericsson.se>
To: 'Thomas Narten' <narten@us.ibm.com>, dhcwg@ietf.org
Subject: RE: [dhcwg] dhcpv6-24: using IPsec to secure relay-agent <-> serv er messages
Date: Wed, 08 May 2002 11:09:11 -0500
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.2653.19)
Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01C1F6AA.B1076690"
Sender: dhcwg-admin@ietf.org
Errors-To: dhcwg-admin@ietf.org
X-Mailman-Version: 1.0
Precedence: bulk
List-Id: <dhcwg.ietf.org>
X-BeenThere: dhcwg@ietf.org
Yeah, we probably should be clear here that IPSEC can only be used when the DHCP server addresses are preconfigured in the Relay. IPSEC can not be used if the relay is using multicast addresses (at least not until the IPSEC issues with multicast are addressed). - Bernie -----Original Message----- From: Thomas Narten [mailto:narten@us.ibm.com] Sent: Wednesday, May 08, 2002 11:12 AM To: dhcwg@ietf.org Subject: [dhcwg] dhcpv6-24: using IPsec to secure relay-agent <-> server messages > 21.2. Security of messages sent between servers and relay agents > > Relay agents and servers that choose to exchange messages securely > use the IPsec mechanisms for IPv6 [8]. The way in which IPsec > is employed by relay agents and servers is not specified in this > document. I suspect that this will not get through the IESG as is. IPsec doesn't work well with multicast. This is too underspecified. Thomas _______________________________________________ dhcwg mailing list dhcwg@ietf.org https://www1.ietf.org/mailman/listinfo/dhcwg
- RE: [dhcwg] dhcpv6-24: using IPsec to secure rela… Bernie Volz (EUD)