[dhcwg] DHCP hackathon in Prague: SeDHCPv6

Tomek Mrugalski <tomasz.mrugalski@gmail.com> Wed, 31 May 2017 15:36 UTC

Return-Path: <tomasz.mrugalski@gmail.com>
X-Original-To: dhcwg@ietfa.amsl.com
Delivered-To: dhcwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D7174128D6F for <dhcwg@ietfa.amsl.com>; Wed, 31 May 2017 08:36:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.3
X-Spam-Level:
X-Spam-Status: No, score=-1.3 tagged_above=-999 required=5 tests=[BAYES_05=-0.5, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id z_1nFjpouA5S for <dhcwg@ietfa.amsl.com>; Wed, 31 May 2017 08:36:10 -0700 (PDT)
Received: from mail-lf0-x230.google.com (mail-lf0-x230.google.com [IPv6:2a00:1450:4010:c07::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BF7EC1243F6 for <dhcwg@ietf.org>; Wed, 31 May 2017 08:36:09 -0700 (PDT)
Received: by mail-lf0-x230.google.com with SMTP id 99so11714171lfu.1 for <dhcwg@ietf.org>; Wed, 31 May 2017 08:36:09 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:references:from:to:message-id:date:user-agent:mime-version :in-reply-to:content-language:content-transfer-encoding; bh=5TvXqHLZqJI2zmVDoXOMz5K2Er1ja95iFk77Q9FofTo=; b=RoPNvXJ17QEjOLxL1FBezqlE92Z9AGUm1v+q/q0rtGEkqwt/f88HROAVQsjzc0TC1P SFadYvn+6er1b7RbrUW09T6alj/OuV2xp3EGXpGEa3dOhyJ6YYdTPEvwu5A6+rJ/rq6u kJXHWi1fZbiGZI0PDktYZ+YL1wS1e+sjuQz9lpG3Qmrk3nzgOr2lCOm/puyvElXEu1ht XNktbW7O4YLtSvuncbdMKZe0rrERf4wUHNjbu4ydmo/UO0MvcnGs9NQW3Bk4dCIagC2/ gkxrU1vcWdV3wcHuWRyDnXA1Gzl7+GyMymyh+4l2OGtP8N+n+nU0BbLpOOkrb5CdM2fA H5Rw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:references:from:to:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=5TvXqHLZqJI2zmVDoXOMz5K2Er1ja95iFk77Q9FofTo=; b=XbQZeTtLYFgsiLQbXn3/NJxoig8ySOI7+ixswXBlZHcH38H3QDNwlTDvxIUM9H+QPR coiv/s0nfbaShLe0GYacidDvT6/ShecMXm0WFFubPi+njTKO5c1KBHYbfwSaZTE9HPQm 0h7QFdzi093SwffOt/478EGvQHknmrpOc6D0y1nxJ44LOXA66L9DO2MyD9ExMnNGz1T4 0JNtdJYAqkqIoT+P1sgL4fkkNNiNJPZnPiU6Nsj9mO3iUC10pcs2lko785GCUD+W5CbA G4twyjDFFaPvOD8a/rhdyEuYtVj5iUo0qwQ1ogTRqC5gZK0H3GxGlRTensnVhkSqZsR8 Fn0A==
X-Gm-Message-State: AODbwcC5TMcWPEpv3V2l1cZT3vul7YBOAwIvYYrVJ8/i9XoZ3kYh8lLg 0/iF+z/NQmmS20kd
X-Received: by 10.46.21.68 with SMTP id 4mr8148494ljv.50.1496244967780; Wed, 31 May 2017 08:36:07 -0700 (PDT)
Received: from [192.168.0.5] (109241207033.gdansk.vectranet.pl. [109.241.207.33]) by smtp.googlemail.com with ESMTPSA id 19sm3674003ljf.32.2017.05.31.08.36.06 for <dhcwg@ietf.org> (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 31 May 2017 08:36:06 -0700 (PDT)
References: <C526A41E-9283-4D0F-88CA-EE8F61582D9D@cisco.com>
From: Tomek Mrugalski <tomasz.mrugalski@gmail.com>
To: dhcwg <dhcwg@ietf.org>
X-Forwarded-Message-Id: <C526A41E-9283-4D0F-88CA-EE8F61582D9D@cisco.com>
Message-ID: <166ebb54-9a71-5bf9-669b-ff7be6f65ec7@gmail.com>
Date: Wed, 31 May 2017 17:36:05 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.1.1
MIME-Version: 1.0
In-Reply-To: <C526A41E-9283-4D0F-88CA-EE8F61582D9D@cisco.com>
Content-Type: text/plain; charset=utf-8
Content-Language: en-GB
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dhcwg/bZEyJwN8VXDgOQAtJOJWmUcSTv0>
Subject: [dhcwg] DHCP hackathon in Prague: SeDHCPv6
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: <dhcwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dhcwg/>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 31 May 2017 15:36:12 -0000

Folks,

As previously mentioned, we'll have a DHCP hackathon in Prague. As
usual, the hackathon will take place on the weekend immediately before
IETF (July 15-16). This time we will be focusing on SeDHCPv6. If you
somehow missed all the discussions so far, the
draft-ietf-dhc-sedhcpv6-21 defines Secure DHCPv6, an encrypted and
possibly authenticated version of DHCPv6 protocol. The goal of this
hackathon is to extend existing DHCPv6 implementations and attempt
inter-operability testing for encryption and authentication. We hope to
have the following implementations at various stages of maturity:

* WIDE - A client code is available from earlier hackathon, back in
2015: https://github.com/jinmei/wide-dhcpv6/tree/sedhcpv6.

* Cisco CNR -
http://www.cisco.com/c/en/us/products/cloud-systems-management/network-registrar/index.html.

* Kea - A server code is available form earlier hackathon, back in
2015. https://github.com/isc-projects/kea/tree/sedhcpv6a.

Other implementations are more than welcome. Also, we're looking for
volunteers to help with existing projects.

It seems plausible that some of the effort during the hackathon will
be spent on extending wireshark to be able to parse the encrypted
traffic, assuming necessary security details (keys, certs) are provided.
This work hasn't started yet, and volunteers are more than welcome.

Note that although there is existing code for some implementations, it
is based on a very old -08 draft. The recent -21 draft has changed
substantially (in particular, mandatory encryption has been added).

Here's the page for the hackathon (with links to details and
registration):
https://www.ietf.org/registration/MeetingWiki/wiki/99hackathon
Participation in the hackathon is free, but requires registration.

The best place to discuss implementation aspects would be the hackathon
list. If we discover any protocol issues, those should be discussed on
the DHC list.

Hope to see you there!

Bernie & Tomek