Re: [dhcwg] Comments on draft-jinmei-dhc-dhcpv6-clarify-auth-00

Stig Venaas <> Tue, 20 July 2004 15:21 UTC

Received: from ( []) by (8.9.1a/8.9.1a) with ESMTP id LAA27438; Tue, 20 Jul 2004 11:21:04 -0400 (EDT)
Received: from localhost.localdomain ([] by with esmtp (Exim 4.32) id 1BmwAa-0004e2-9L; Tue, 20 Jul 2004 11:04:40 -0400
Received: from ([] by with esmtp (Exim 4.32) id 1Bmw3H-0002QU-Km for; Tue, 20 Jul 2004 10:57:07 -0400
Received: from ( []) by (8.9.1a/8.9.1a) with ESMTP id KAA25869 for <>; Tue, 20 Jul 2004 10:57:05 -0400 (EDT)
Received: from ([]) by with esmtp (Exim 4.33) id 1Bmw3G-0001HW-BO for; Tue, 20 Jul 2004 10:57:17 -0400
Received: from ( [IPv6:2001:700:e000:0:204:75ff:fee4:423b]) by (8.12.10/8.12.10) with ESMTP id i6KEtNV0024308; Tue, 20 Jul 2004 16:55:43 +0200
Received: (from venaas@localhost) by (8.12.8/8.12.8/Submit) id i6KEt8Rn030467; Tue, 20 Jul 2004 16:55:08 +0200
X-Authentication-Warning: venaas set sender to using -f
Date: Tue, 20 Jul 2004 16:55:08 +0200
From: Stig Venaas <>
To: Christian Strauf <>
Subject: Re: [dhcwg] Comments on draft-jinmei-dhc-dhcpv6-clarify-auth-00
Message-ID: <>
References: <1090333421.11056.266.camel@localhost>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <1090333421.11056.266.camel@localhost>
User-Agent: Mutt/1.4.1i
X-Spam-Score: 0.0 (/)
X-Scan-Signature: b19722fc8d3865b147c75ae2495625f2
X-Mailman-Version: 2.1.5
Precedence: list
List-Unsubscribe: <>, <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>

One concern I have is regarding per-client state on the server. I would
like to avoid that if possible.

In 2.1 in the draft it's suggested for 21.4.5.x that:

The server MUST record the identifier of the key selected for the
client so that it can validate further Information-request
messages from the client if the client reuses the same key for the
future exchanges.

I must confess I haven't looked much at DHCP authentication, but I think
it's nice to prevent per-client state for "stateless" (RFC3736) DHCP
servers if possible.

Wouldn't it be possible to pass some sort of key id to the client,
which the client can include in future exchanges? The server could
perhaps have a fixed mapping between key id's and keys, and based
on the id, the server knows which key to use. I'm not sure if you
see what I mean, but my idea is if possible to keep the necessary
state in the clients rather than the servers. Might this be
possible? Or would there be security problems?

Using assymetric crypto one could easily have just one fixed key
for all messages sent by the client. But I guess that might make
the server vulnerable to DoS attacks.

For stateless I think it's generally enough to authenticate the DHCP
server. In most cases I don't think it's important to guard against
replay, or to authenticate the client. That could perhaps simplify
the security mechanism. It's relatively easy to guard against replay
anyway though.


dhcwg mailing list