IETF Logo Mail Archive

Re: [dhcwg] Re: AD review of draft-ietf-dhc-dhcpv6-opt-prefix-delegation-03.txt

Ole Troan <ot@cisco.com> Fri, 08 August 2003 15:46 UTC

Received: from optimus.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id LAA15681 for <dhcwg-archive@odin.ietf.org>; Fri, 8 Aug 2003 11:46:31 -0400 (EDT)
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 19l9RN-0002q2-Q0 for dhcwg-archive@odin.ietf.org; Fri, 08 Aug 2003 11:46:06 -0400
Received: (from exim@localhost) by www1.ietf.org (8.12.8/8.12.8/Submit) id h78Fk5jK010904 for dhcwg-archive@odin.ietf.org; Fri, 8 Aug 2003 11:46:05 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 19l9RN-0002pn-Mn for dhcwg-web-archive@optimus.ietf.org; Fri, 08 Aug 2003 11:46:05 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id LAA15615 for <dhcwg-web-archive@ietf.org>; Fri, 8 Aug 2003 11:46:00 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19l9RM-0001dB-00 for dhcwg-web-archive@ietf.org; Fri, 08 Aug 2003 11:46:04 -0400
Received: from ietf.org ([132.151.1.19] helo=optimus.ietf.org) by ietf-mx with esmtp (Exim 4.12) id 19l9RL-0001d8-00 for dhcwg-web-archive@ietf.org; Fri, 08 Aug 2003 11:46:03 -0400
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 19l9RJ-0002o3-C5; Fri, 08 Aug 2003 11:46:01 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 19l9Qs-0002ni-Or for dhcwg@optimus.ietf.org; Fri, 08 Aug 2003 11:45:36 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id LAA15602 for <dhcwg@ietf.org>; Fri, 8 Aug 2003 11:45:29 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19l9Qr-0001cx-00 for dhcwg@ietf.org; Fri, 08 Aug 2003 11:45:33 -0400
Received: from ams-iport-1.cisco.com ([144.254.74.5]) by ietf-mx with esmtp (Exim 4.12) id 19l9Qq-0001cu-00 for dhcwg@ietf.org; Fri, 08 Aug 2003 11:45:33 -0400
Received: from cisco.com (144.254.74.60) by ams-iport-1.cisco.com with ESMTP; 08 Aug 2003 17:44:35 +0200
Received: from cisco.com (localhost [127.0.0.1]) by ams-msg-core-1.cisco.com (8.12.2/8.12.6) with ESMTP id h78Fgm4o026850; Fri, 8 Aug 2003 17:42:48 +0200 (MET DST)
Received: (from otroan@localhost) by cisco.com (8.8.8/2.6/Cisco List Logging/8.8.8) id QAA00212; Fri, 8 Aug 2003 16:44:59 +0100 (BST)
X-Authentication-Warning: mrwint.cisco.com: otroan set sender to ot@cisco.com using -f
To: Thomas Narten <narten@us.ibm.com>
Cc: Ralph Droms <rdroms@cisco.com>, dhcwg@ietf.org
Subject: Re: [dhcwg] Re: AD review of draft-ietf-dhc-dhcpv6-opt-prefix-delegation-03.txt
References: <200308081526.h78FQ711011535@rotala.raleigh.ibm.com>
From: Ole Troan <ot@cisco.com>
Date: Fri, 08 Aug 2003 16:44:59 +0100
In-Reply-To: <200308081526.h78FQ711011535@rotala.raleigh.ibm.com> (Thomas Narten's message of "Fri, 08 Aug 2003 11:26:07 -0400")
Message-ID: <7t58yq48878.fsf@mrwint.cisco.com>
User-Agent: Gnus/5.1003 (Gnus v5.10.3) Emacs/21.2.95 (usg-unix-v)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Sender: dhcwg-admin@ietf.org
Errors-To: dhcwg-admin@ietf.org
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Id: <dhcwg.ietf.org>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>

Thomas,

>> two options, either we remove the below paragraph altogether, and if
>> ever DHCP with IPsec gets defined elsewhere that would also apply to
>> these options, or we change the paragraph to say that if the
>> requesting and delegated routers have configured addresses or are
>> directly connected then IPsec may be used.
>
> IPsec can be used whenever  the two nodes have addresses and  can set
> up an SA between each . I don't see why one needs to mention anything
> beyond that (e.g, saying directly connected)

agree.

>>    Because a requesting router and delegating routers must each have
>>    at least one assigned IPv6 address, the routers may be able to use
>>    IPsec for authentication of DHCPv6 messages.  The details of using
>>    IPsec for DHCPv6 are under development.
>
> I'm OK with the "may". But (as I thought I'd mentioned before), the
> words "because a RR and DR must each have at least one assigned IPv6
> address" make me nervous because I'm not sure what is meant (or if
> something is meant that I don't think is correct).

just trying to say what you've so eloquently said below.

> If they mean addresses other than LL, that is not a
> requirement. Presumably this option can be used when booting and
> obtaining addresses, i.e., as DHC is intended to be used.
>
> Can you say something like:
>
>     If the requesting router and delegating routers have addresses
>     configured that allow them to communicate directly with each
>     other, they may be able to use IPsec for authentication of DHCPv6
>     messages.  The details of using IPsec for DHCPv6 are under
>     development.

yes, well put.

cheers,
Ole

_______________________________________________
dhcwg mailing list
dhcwg@ietf.org
https://www1.ietf.org/mailman/listinfo/dhcwg

v2.23.0 | Report a Bug | By Email