IETF Logo Mail Archive

Re: [dhcwg] preliminary comments on draft-ietf-dhc-sedhcpv6-17

Lishan Li <lilishan48@gmail.com> Thu, 03 November 2016 08:36 UTC

Return-Path: <lilishan48@gmail.com>
X-Original-To: dhcwg@ietfa.amsl.com
Delivered-To: dhcwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A8766129478 for <dhcwg@ietfa.amsl.com>; Thu, 3 Nov 2016 01:36:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.449
X-Spam-Level:
X-Spam-Status: No, score=-2.449 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QLdmRol3oUZu for <dhcwg@ietfa.amsl.com>; Thu, 3 Nov 2016 01:36:48 -0700 (PDT)
Received: from mail-qk0-x22c.google.com (mail-qk0-x22c.google.com [IPv6:2607:f8b0:400d:c09::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CF6BF1204D9 for <dhcwg@ietf.org>; Thu, 3 Nov 2016 01:36:47 -0700 (PDT)
Received: by mail-qk0-x22c.google.com with SMTP id n204so37757444qke.2 for <dhcwg@ietf.org>; Thu, 03 Nov 2016 01:36:47 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=41QWqVLZUDqUrqll5stKKOeI0oIWnS23kc8YWH9VxLw=; b=HNEKLazrjTfo5rSiXIEpPS7m3hHF+xWgMDOLzxOm1g4OyLGFi7bf/+1+Nqwgfh4iym DegTFpgy2CMcf/HpYh3lBoVJT1zrQFUBXe4Vcxjg+prHsi8USWdhLmnb2q2SK+cg+9FP s2TI8ZyiSMyv8a6UGb/Lx/3+K9HQbHyu1bj0YoMAkQZrw8TW1NsPiiL2TLJMB+61MzxA Jd1O64hXr8xPDJx0vIIEhZrqB2QCuceGOBFUstyNf4Q6WGbRp9FQpwG+66RJdQQO1Nkf U0ToRhGwLn7ASDMzMtTDJvPCGJ9YDCjP7rm+QGm1l6tRCz0h60lci0nCE2bdZ5HDTEsv ii2g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=41QWqVLZUDqUrqll5stKKOeI0oIWnS23kc8YWH9VxLw=; b=LxKOL4XRx8IOVNXWSinQXhArkLdiMdUvCmHUuuZQs1Jy65rh31YxUn/9UnQHDdooh9 hCwCGKEtT+SbqXABDXDeP0UKuRsd0sX7UQSHKEZSB6G/PCq09XWW1u6dBf/C32d3B0lE e4DsFHaFngRvVsvm4QXTxSE1XBMgaxSaKTKNDUe2cCqE+9hf/0yE9+63wTUaWMv6NBKT OzRfQVmObnwD8/SjgyLQyeynQpAs3Cx51DFy/dzWWOSDpz1Vxo8MayYAjsyAhRwHEN9s w5GK0BukZ/hrovYd/9ZYwMBlS02PmYiI9jgCpr0YHPvM8AETGdLCFbPs/SKcgpOIR8l9 OkIw==
X-Gm-Message-State: ABUngvd76ObhnRHxBSO5ar4xSLR6Fgeebs86WvpR6W166pWxYa/zbwCsQ5DCbXk7GN2LHieRShYHsH522P04dg==
X-Received: by 10.55.48.72 with SMTP id w69mr7376024qkw.320.1478162206938; Thu, 03 Nov 2016 01:36:46 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.237.62.242 with HTTP; Thu, 3 Nov 2016 01:36:46 -0700 (PDT)
In-Reply-To: <CAJE_bqebwr2WUUgaNgiYS4_8L77Gxj4Os+oPRG407B6ELMEhCQ@mail.gmail.com>
References: <CAJE_bqebwr2WUUgaNgiYS4_8L77Gxj4Os+oPRG407B6ELMEhCQ@mail.gmail.com>
From: Lishan Li <lilishan48@gmail.com>
Date: Thu, 03 Nov 2016 16:36:46 +0800
Message-ID: <CAJ3w4Ndi5Gq63n5kZnanRhLM8nWE2wsWGh0kJJLJnq=VoXLuCg@mail.gmail.com>
To: 神明達哉 <jinmei@wide.ad.jp>
Content-Type: multipart/alternative; boundary="001a114908be43dd8105406175da"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dhcwg/hb-3Mi4MbxITdWzc-vY62GFgX4c>
Cc: "dhcwg@ietf.org" <dhcwg@ietf.org>
Subject: Re: [dhcwg] preliminary comments on draft-ietf-dhc-sedhcpv6-17
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: <dhcwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dhcwg/>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 03 Nov 2016 08:36:50 -0000

2016-11-02 5:52 GMT+08:00 神明達哉 <jinmei@wide.ad.jp>:

> I have a couple of higher-level comments on draft-ietf-dhc-sedhcpv6-17.
>
> 1. I still disagree with the following restriction described in
>  Section 5.4:
>
>    For the privacy consideration, we have to give up the
>    previous server selection feature.
>
>  Especially now that rfc3315bis is going to deprecate the delayed
>  authentication protocol and sedhcpv6 will become the only current
>  candidate to provide security for DHCPv6, I believe it should cover
>  all basic features of DHCPv6 including "the previous server selection
>  feature".  There is at least one way to support this feature
>  (although it's operationally restrictive): share the same
>  private/public key pairs by multiple servers that may respond to the
>  same Solicit.  As far as I can see there's nothing in this
>  specification that prohibits this operation (unlike an earlier
>  version of the spec, we don't include the server ID option in
>  the Encrypted-Query message for a Solicit).  Also the following
>  sentence in Section 10 seems to assume this operation:
>
>    It should be noted that the selected certificate may
>    correspond to multiple DHCPv6 servers.
>
[LS]: Agree to what you said. The current version does not prohibits
this operation. This sentence should be deleted.

>
> 2. Algorithm negotiation still doesn't make much sense to me.  I have
>    many questions and concerns related to this point, but instead of
>    raising each of these, I'd suggest one specific alternative to
>    consider: have the client send a list of supported algorithms in
>    the initial Information-Request, and let the server choose one set
>    of them and keep using the same set.  This way we don't have to
>    worry about an "algorithm not supported" error in the middle of a
>    DHCPv6 session (as a corollary, we don't have to worry about how to
>    return an encrypted reply when the client's preferred encryption
>    algorithm isn't supported by the server).  An obvious downside of
>    this is that it reveals some information of the client (the list of
>    supported/preferred algorithms), but IMO this is acceptable.
>
[LS]: In the current version, the server firstly sends a list of supported
algorithms through the Reply message. Then the client processes it
according to the following method:
"If the checks fails, the Reply message is dropped.  If the
hash algorithm field is zero, then it indicates that the hash
algorithm is fixed according to the corresponding signature
algorithm.  If all the algorithms are supported, then the client
selects one hash algorithm, signature algorithm and encryption
algorithm from the provided algorithms set.  And then the client also
uses the same algorithms in the return messages."
So it is not possible that the the server does not support the
acknowledged algorithms. So we also don't need to worry
about how to return an encrypted Reply when the client's
preferred encryption algorithm isn's supported by the server.
Could you please check whether my understanding correct?

Best Regards,
Lishan

v2.23.0 | Report a Bug | By Email