IETF Logo Mail Archive

Re: [dhcwg] Lifetime draft: refresh time should never be more than IRT_DEFAULT

Ted Lemon <Ted.Lemon@nominum.com> Tue, 09 November 2004 19:15 UTC

Received: from megatron.ietf.org (megatron.ietf.org [132.151.6.71]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id OAA02478; Tue, 9 Nov 2004 14:15:13 -0500 (EST)
Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1CRbNO-0007Eo-7Y; Tue, 09 Nov 2004 14:09:58 -0500
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1CRbI1-0006VC-7z for dhcwg@megatron.ietf.org; Tue, 09 Nov 2004 14:04:25 -0500
Received: from ietf-mx.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id OAA01573 for <dhcwg@ietf.org>; Tue, 9 Nov 2004 14:04:23 -0500 (EST)
Received: from shell-ng.nominum.com ([81.200.64.181]) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1CRbIo-0003nx-JL for dhcwg@ietf.org; Tue, 09 Nov 2004 14:05:15 -0500
Received: from [10.67.86.31] (unknown [130.129.97.45]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (Client did not present a certificate) by shell-ng.nominum.com (Postfix) with ESMTP id 481BB56856; Tue, 9 Nov 2004 11:03:52 -0800 (PST) (envelope-from mellon@nominum.com)
In-Reply-To: <20041109161546.GC28304@login.ecs.soton.ac.uk>
References: <E0AD8372-3255-11D9-AA52-000A95D6A618@nominum.com> <20041109151735.GH15501@sverresborg.uninett.no> <20041109161546.GC28304@login.ecs.soton.ac.uk>
Mime-Version: 1.0 (Apple Message framework v619)
Content-Type: text/plain; charset="US-ASCII"; format="flowed"
Message-Id: <13A8C10A-3282-11D9-AA52-000A95D6A618@nominum.com>
Content-Transfer-Encoding: 7bit
From: Ted Lemon <Ted.Lemon@nominum.com>
Subject: Re: [dhcwg] Lifetime draft: refresh time should never be more than IRT_DEFAULT
Date: Tue, 09 Nov 2004 14:03:44 -0500
To: Tim Chown <tjc@ecs.soton.ac.uk>
X-Mailer: Apple Mail (2.619)
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 7a6398bf8aaeabc7a7bb696b6b0a2aad
Content-Transfer-Encoding: 7bit
Cc: dhcwg@ietf.org
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: dhcwg.ietf.org
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
Sender: dhcwg-bounces@ietf.org
Errors-To: dhcwg-bounces@ietf.org
Content-Transfer-Encoding: 7bit

On Nov 9, 2004, at 11:15 AM, Tim Chown wrote:
> Right, but the draft can state the issues and leave it for the admin to
> make an informed choice.

That's not the problem.   The problem is that if we don't specify a 
maximum, a rogue server will be able to give the client bogus 
information and arrange for the client to retain that information until 
the next time the router is rebooted.   This could be quite a useful 
attack.   You can also do this with a DNS query, but I would argue that 
it's harder, because DNS queries are spontaneous, whereas DHCP queries 
are cyclic (particularly if you have, say, a refresh time option... :')



_______________________________________________
dhcwg mailing list
dhcwg@ietf.org
https://www1.ietf.org/mailman/listinfo/dhcwg

v2.30.2 | Report a Bug | By Email | System Status