[dhcwg] Re: Fw: New Version Notification for draft-woodworth-dhcp-dwirm-00.txt
"JW ,\\ John Woodworth" <jw@pcthink.com> Tue, 04 November 2025 23:35 UTC
Return-Path: <jw@pcthink.com>
X-Original-To: dhcwg@mail2.ietf.org
Delivered-To: dhcwg@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id B8D75830F71D; Tue, 4 Nov 2025 15:35:25 -0800 (PST)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -1.796
X-Spam-Level:
X-Spam-Status: No, score=-1.796 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=0.1, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=oxsus-vadesecure.net
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id P8oVZVEsTYW9; Tue, 4 Nov 2025 15:35:25 -0800 (PST)
Received: from mta-512a.oxsus-vadesecure.net (mta-512a.oxsus-vadesecure.net [173.45.18.120]) (using TLSv1.3 with cipher TLS_CHACHA20_POLY1305_SHA256 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id C3AF0830F715; Tue, 4 Nov 2025 15:35:24 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; d=oxsus-vadesecure.net; s=arc-202309-rsa2048; t=1762299317; cv=none; b=mzv+59lXoiasqTGB+OJZdEVfPEj+l1MWsWQYkRqYbWffn9B+prTn12mkzTbUcLsKRNkMIWCDLO1BkpR+xjeJL2NEoPqZjSJ3NmCFn9HDn8NNYwNbjGhHOk9OittuleoQ34HS4wwK51h1qlPFR0qIk1V2lb3Fn81UaZsZElvwUkgGFlD3G/UKywR3j3W+mxEKlFwKc7i2s1XlLCgV5izbuoTWpK4ixvGGeVoP++DlKiFzEtNypi13B5nEOipjIpB48Qgww9tCDyB46e5DAUqSCy8RW4zAcmalpHlcp2+5kvxPI42EFziDB3h+L5No6B8RceSdd0aX1YaaFmYAzK+vZQ==
ARC-Message-Signature: i=1; a=rsa-sha256; d=oxsus-vadesecure.net; s=arc-202309-rsa2048; t=1762299317; c=relaxed/relaxed; h=from:reply-to:subject:date:to:cc:resent-date:resent-from:resent-to:resent-cc:in-reply-to:references:list-id:list-help:list-unsubscribe:list-unsubscribe-post:list-subscribe:list-post:list-owner:list-archive; bh=M0E2IOw/GqZxe+Dm1HuDpWs3WYt9PmYR0QlOcKJLVgE=; b=dp3NF54FRZKEpgiVs59OhMWtXKtDptQrZ+38ygSPPlpeGIKy8xxX7BB8mT345DaYhezSKx152tr8mQ/+jnbQqBx0buA4aC4lMqtsTAFF/MbtCbwEXhJ5bAErtsfsRm6Eww2mYrJgFRQ48XWv2QdxplfozbKTGN7g6GBrplAntlNv0KtH0I/vTub8uBzbKMBp/Cnbf16YycUSlJAU6Dt6AuoqPR+MvbXji6MojvEyQPSPLLmNz5gpyZ6okrfqVgrWLem9anHFTgjf0YNIEHBMNpsrWdQsUaBtcp2YjIxovK5yp4ra8ZfLlRZUlBOb4cTEUnvC48S6lg0Y3j5uVVYK7Q==
ARC-Authentication-Results: i=1; oxsus-vadesecure.net; auth=pass smtp.auth=7@403421 smtp.mailfrom=jw@pcthink.com;
Authentication-Results: oxsus-vadesecure.net; auth=pass smtp.auth=7@403421 smtp.mailfrom=jw@pcthink.com;
DKIM-Signature: v=1; a=rsa-sha256; bh=M0E2IOw/GqZxe+Dm1HuDpWs3WYt9PmYR0QlOcK JLVgE=; c=relaxed/relaxed; d=oxsus-vadesecure.net; h=from:reply-to: subject:date:to:cc:resent-date:resent-from:resent-to:resent-cc: in-reply-to:references:list-id:list-help:list-unsubscribe: list-unsubscribe-post:list-subscribe:list-post:list-owner:list-archive; q=dns/txt; s=dkim-202410-rsa2048; t=1762299317; x=1762904117; b=mCAtV9i 2CMRk1rkgTuDxy5GgqumvOW5J/Lozbz4ILkDCiJXS7gadmCyZXnm6XM8D5cKU5odIk+LaxQ f/RndHPCm9t7cKBbIzRfNU3O653WZuQvQc5+wZz2XhUkTpzWN5c0cexa8WNM5mnoexmlvWm 5so98MO2b8/8a3i8qUbdAv4v/2qMPipbl5oJ4oDiGlK+qGZre7OBkhf6xPvrs87LGT9ED6e tEq1jZ9RoTTv1LprKs6GIRNmWx6Mcv9A6bUNJwtw9Pik+xPpTJ5SRHwHuG0keej5iTimq2P qqVFbk4VUtzb+Wvxohgs4Yj0eSJDJi1jegz5L+bcOyfEaMXYy1A==
Received: from proxy-8.proxy.cloudus.mci.xion.oxcs.net ([73.152.11.206]) by oxsus5nmtao02p.internal.vadesecure.com with ngmta id 540e776e-1874f1e442b6db75; Tue, 04 Nov 2025 23:35:17 +0000
SavedFromEmail: jw@pcthink.com
Date: Tue, 04 Nov 2025 18:35:15 -0500
In-Reply-To: <IA0PR02MB9702E5E7C6CBCBBA1CC6794C82C7A@IA0PR02MB9702.namprd02.prod.outlook.com>
Importance: normal
From: "JW ,\\ John Woodworth" <jw@pcthink.com>
To: "dhcwg@ietf.org" <dhcwg@ietf.org>, "int-area@ietf.org" <int-area@ietf.org>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="--_com.samsung.android.email_340326187274840"
Message-Id: <20251104233524.C3AF0830F715@mail2.ietf.org>
Message-ID-Hash: UO7L7Y2IFHWSHHDYCFSZHFVW2DPEN7SX
X-Message-ID-Hash: UO7L7Y2IFHWSHHDYCFSZHFVW2DPEN7SX
X-MailFrom: jw@pcthink.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-dhcwg.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: jw@pcthink.com, "Woodworth, John R" <John.Woodworth@lumen.com>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [dhcwg] Re: Fw: New Version Notification for draft-woodworth-dhcp-dwirm-00.txt
List-Id: Dynamic Host Configuration Working Group <dhcwg.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dhcwg/gfW7ynf28ivbyGvkZN6Qeh1LFAs>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dhcwg>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Owner: <mailto:dhcwg-owner@ietf.org>
List-Post: <mailto:dhcwg@ietf.org>
List-Subscribe: <mailto:dhcwg-join@ietf.org>
List-Unsubscribe: <mailto:dhcwg-leave@ietf.org>
Good evening, fellow members,I appreciate your time and feedback during this afternoon's presentation. I will work with my co-authors to prepare another draft for the mailing lists, and look forward to more great discussion.Best,John -------- Original message --------From: "Woodworth, John R" <John.Woodworth@lumen.com> Good evening, Apologies for the delay in bringing this to the groups' attention, but I am looking forward to discussing this in the int-area session on Tuesday. I've included some feedback we received from Bernie Volz at the end of this announcement and welcome any additional feedback the group has to offer. Best, John From: internet-drafts@ietf.org <internet-drafts@ietf.org> A new version of Internet-Draft draft-woodworth-dhcp-dwirm-00.txt has been successfully submitted by John Woodworth and posted to the IETF repository. Name: draft-woodworth-dhcp-dwirm Revision: 00 Title: Defend the World from IoT Remote-threats & Malware Date: 2025-10-20 Group: Individual Submission Pages: URL: https://www.ietf.org/archive/id/draft-woodworth-dhcp-dwirm-00.txt Status: https://datatracker.ietf.org/doc/draft-woodworth-dhcp-dwirm/ HTML: https://www.ietf.org/archive/id/draft-woodworth-dhcp-dwirm-00.html HTMLized: https://datatracker.ietf.org/doc/html/draft-woodworth-dhcp-dwirm Abstract: Internet of Things (IoT) devices are commonly added to home networks without fully understanding which services (hosts, ports, protocols) are being provided or consumed for those devices to operate. As a result, they are essentially unmanaged threats with full access to that network and the internet. The Defend the World from IoT Remote- threats & Malware (DWIRM) extension to DHCP provides a framework for IoT devices to negotiate services that the local router in turn enforces as policy. The IETF Secretariat -- From: Bernie Volz <bevolz@gmail.com> Subject: Re: IETF124 presentation If you proceed with your approach, you likely should consider adding a dhcp (bootp) option that a client can send in the parameter request list to learn whether a server supports your new feature (message). That avoids these messages ever being sent on networks that don’t support the capability. Client does normal dhcp includes the option in the PRL. If server supports, it responds with option. If client receives option, it then sends new message to request the data. New option here is just a signal-no data. Refer to https://datatracker.ietf.org/doc/rfc9686/ (dhcpv6 work) as this technique is used there. You will also need to fill in more about exactly what these new messages contain and how all your data is formatted. One nice thing about the MUD option is that only URL is communicated and that can usually just be a new option that likely fits in existing packets. Also, the larger data is exchanged with http(s) and thus not limited by single packet size. But, yes it does require more infrastructure on the IoT device (though that isn’t as big an issue these days as compared to more limited devices in the past). Anyway, likely would be better to move this whole discussion to dhc wg mailing list so others can benefit. Andm they may have useful input/comments. Feel free to use my messages if you do move discussion. - Bernie This communication is the property of Lumen Technologies and may contain confidential or privileged information. Unauthorized use of this communication is strictly prohibited and may be unlawful. If you have received this communication in error, please immediately notify the sender by reply e-mail and destroy all copies of the communication and any attachments.
- [dhcwg] Re: Fw: New Version Notification for draf… JW ,\ John Woodworth