Re: [dhcwg] Commentsondraft-cadar-dhc-dhcpv6-opt-email-00.txt/draft-cadar-dhc-opt-imap-00.txt
"David W. Hankins" <David_Hankins@isc.org> Thu, 10 March 2005 15:45 UTC
Received: from ietf-mx.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id KAA27143 for <dhcwg-web-archive@ietf.org>; Thu, 10 Mar 2005 10:45:40 -0500 (EST)
Received: from megatron.ietf.org ([132.151.6.71]) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1D9Ptt-0006Ph-3F for dhcwg-web-archive@ietf.org; Thu, 10 Mar 2005 10:48:38 -0500
Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1D9Pop-0004UE-NG; Thu, 10 Mar 2005 10:43:23 -0500
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1D9Poo-0004U7-89 for dhcwg@megatron.ietf.org; Thu, 10 Mar 2005 10:43:22 -0500
Received: from ietf-mx.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id KAA26829 for <dhcwg@ietf.org>; Thu, 10 Mar 2005 10:43:19 -0500 (EST)
Received: from farside.isc.org ([204.152.187.5]) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1D9Prd-0006HY-KC for dhcwg@ietf.org; Thu, 10 Mar 2005 10:46:17 -0500
Received: by farside.isc.org (Postfix, from userid 10200) id 1FD40677F8; Thu, 10 Mar 2005 15:43:21 +0000 (UTC)
Date: Thu, 10 Mar 2005 15:43:21 +0000
From: "David W. Hankins" <David_Hankins@isc.org>
To: dhcwg@ietf.org
Subject: Re: [dhcwg] Commentsondraft-cadar-dhc-dhcpv6-opt-email-00.txt/draft-cadar-dhc-opt-imap-00.txt
Message-ID: <20050310154320.GB49693@isc.org>
References: <421CB3B9B2D2F645B548D213C0A90E5501168D0C@edgmsmsg01.eu.thmulti.com> <200503082231.APQ72270@flask.cisco.com> <20050308231750.GB15202@storhaugen.uninett.no>
Mime-Version: 1.0
In-Reply-To: <20050308231750.GB15202@storhaugen.uninett.no>
User-Agent: Mutt/1.4.2.1i
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 8b30eb7682a596edff707698f4a80f7d
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: dhcwg.ietf.org
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============1301256257=="
Sender: dhcwg-bounces@ietf.org
Errors-To: dhcwg-bounces@ietf.org
X-Spam-Score: 0.0 (/)
X-Scan-Signature: f607d15ccc2bc4eaf3ade8ffa8af02a0
Before I forget... We discussed in the WG meeting (5 minutes ago) today that there are many security considerations for this draft. In addition to the obvious denial-of-service or man-in-the-middle opportunity (which one might point out is already present at a visited network, but is more pervasive since any host may respond to a DHCPINFORM containing such an option so it need not be the site's administration), a laptop visiting another network, may be offered an SMTP server that does not support SSL/TLS, or MAY require username/password authorization in order to accept mail (and the user may not realize what password they are being asked to provide). Either scenario may expose information the user would rather keep private. -- David W. Hankins "If you don't do it right the first time, Operations Engineer you'll just have to do it again." Internet Systems Consortium, Inc. -- Jack T. Hankins
_______________________________________________ dhcwg mailing list dhcwg@ietf.org https://www1.ietf.org/mailman/listinfo/dhcwg
- RE: [dhcwg] Comments ondraft-cadar-dhc-dhcpv6-opt… Van Aken Dirk
- RE: [dhcwg] Commentsondraft-cadar-dhc-dhcpv6-opt-… Bernie Volz
- Re: [dhcwg] Commentsondraft-cadar-dhc-dhcpv6-opt-… Stig Venaas
- Re: [dhcwg] Commentsondraft-cadar-dhc-dhcpv6-opt-… David W. Hankins