Re: [dhcwg] WGLC on draft-ietf-dhc-sedhcpv6-21 - summary
Lishan Li <lilishan48@gmail.com> Wed, 19 April 2017 13:46 UTC
Return-Path: <lilishan48@gmail.com>
X-Original-To: dhcwg@ietfa.amsl.com
Delivered-To: dhcwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4B7211296B3; Wed, 19 Apr 2017 06:46:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.448
X-Spam-Level:
X-Spam-Status: No, score=-2.448 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id La0q-6qGXxoI; Wed, 19 Apr 2017 06:45:58 -0700 (PDT)
Received: from mail-qk0-x22d.google.com (mail-qk0-x22d.google.com [IPv6:2607:f8b0:400d:c09::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EEF4112954C; Wed, 19 Apr 2017 06:45:57 -0700 (PDT)
Received: by mail-qk0-x22d.google.com with SMTP id p68so20162748qke.1; Wed, 19 Apr 2017 06:45:57 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=yzbNwQDWtjUDE77F6QiBuFmEZf6HsmcAOFCG0sHCKkY=; b=HPzfl7G8tYaJYCUO3ZOOuDfbViKhJ6fhGK5SG/r2eabKQoTZPImqXzSzfYSC8/sCBc ldEZDo7Qs89hjZAdNkGT0Aza6dcBRGb4TbkpjhOkVYD6DfpYQOMMm+m/7u9HZUyZ4AmS 8MNHw+/wOQ413VFL72OxmVlRl8JpYxDJ43D74vMqrNz/SRuHe9b2vQnD3gIoEz+UMDuf oQUqSDjDwbdIiP6ZPEE/gR9o5lpPweUTpMA+AYmZTUhQx9JYMRaHYgtNTgNlb1lSTk1S btL5LwXRK5gkOv9kBPvUAThwGmzDjxWZaQMXpn/tzvyWhgpywEOGOfcvDf479DFEqBZz dhMQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=yzbNwQDWtjUDE77F6QiBuFmEZf6HsmcAOFCG0sHCKkY=; b=i/lWdg9ECWEkXUPTwOHoO7hBurHv+cJpG/wFjXVxAE+Bf2Vpd0jwjQedcLRUjBSDas j+8tPFRZE1u75m2bsX7OjCiMqpHNNc9ls1xoPDE5EvGqY3LxABsdWyjOV/hJwSYwa3OL iMqK/0QeRnHFBmy5RGBeKqVCtr0nUkZA94QAVOKJlzJsxGyXANTDRWDZZOp8oa3apaGU 30GGapESFdT1jgpKrO9PP4hA8HSYt+/z+F5Ga5Z+bmSzyGToYDWSj6HyQ5euXJE35X8p iIqHKyBhPPbaafjhJ1zXLUBgQU6hSTAl6at22TIXnqVsOqMAtYaM4V5mRZGys7je2Zl2 mw0g==
X-Gm-Message-State: AN3rC/60Hlr8d2PYhZ75AXoTi3t9R3mfAqNgyo1l1/wYtUR0uhTy7Ao2 b1os1NKdD5qvDWwfffnwVjLnmShL+w==
X-Received: by 10.55.102.196 with SMTP id a187mr2932795qkc.28.1492609557098; Wed, 19 Apr 2017 06:45:57 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.237.58.71 with HTTP; Wed, 19 Apr 2017 06:45:56 -0700 (PDT)
In-Reply-To: <257f4b807afa44d5841e7764859f150c@XCH15-06-08.nw.nos.boeing.com>
References: <e08be0f6-f1b4-4f57-6cdf-ddd546f8b793@gmail.com> <1380758a-b7d0-bb73-bf58-4e318e88a6d0@gmail.com> <257f4b807afa44d5841e7764859f150c@XCH15-06-08.nw.nos.boeing.com>
From: Lishan Li <lilishan48@gmail.com>
Date: Wed, 19 Apr 2017 21:45:56 +0800
Message-ID: <CAJ3w4NcCwUS2CAk=C6wfz+6vJViTPmevBQgCgiH1obbNxcxfbA@mail.gmail.com>
To: "Templin, Fred L" <Fred.L.Templin@boeing.com>
Cc: Tomek Mrugalski <tomasz.mrugalski@gmail.com>, dhcwg <dhcwg@ietf.org>, draft-ietf-dhc-sedhcpv6 authors <draft-ietf-dhc-sedhcpv6@ietf.org>
Content-Type: multipart/alternative; boundary="94eb2c055938707880054d853e49"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dhcwg/mJNJjUjEVVvFeZKRGBDx_Tls_ts>
Subject: Re: [dhcwg] WGLC on draft-ietf-dhc-sedhcpv6-21 - summary
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: <dhcwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dhcwg/>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 19 Apr 2017 13:46:00 -0000
Hi, I have considered this problem. Yes, secure DHCPv6 is incompatible with SAVI. If secure DHCPv6 is implemented, SAVI cannot work well and have to be updated. Best Regards, Lishan 在 2017年4月19日,下午9:41,Templin, Fred L <Fred.L.Templin@boeing.com> 写道: Hi, RFC7513 seems to suggest DHCP snooping, i.e., some L2 device on the link from the DHCP server or relay to the client examines the contents of DHCP messages. Unfortunately, sedhcpv6 mandates encryption making snooping impossible. Does it mean that Secure DHCPv6 will be incompatible with SAVI? Thanks - Fred fred.l.templin@boeing.com -----Original Message----- From: dhcwg [mailto:dhcwg-bounces@ietf.org] On Behalf Of Tomek Mrugalski Sent: Wednesday, April 05, 2017 12:07 PM To: dhcwg <dhcwg@ietf.org> Cc: draft-ietf-dhc-sedhcpv6 authors <draft-ietf-dhc-sedhcpv6@ietf.org> Subject: [dhcwg] WGLC on draft-ietf-dhc-sedhcpv6-21 - summary It took a little bit more than planned, but the extra time gave us a couple more comments. We did receive a number of in depth reviews with technical comments. In general, several people praised the significantly improved quality and clarity of the document. Nobody said that is opposed to this work. So from that perspective this last call is a success. However, both chair and at least one co-author feel that an important concern has not been addressed yet. There currently are no known implementations or prototypes of this draft. For a typical DHCP draft that adds an option or two that would probably be fine, but for this particular draft it is not. For two reasons: First, we feel that this is an essential piece of the whole DHCPv6 ecosystem and as such require much more scrutiny then an average draft. Second, security is a complex matter and any unclear aspects would gravely damage the interoperability. Jinmei had put it well: "I suspect the current spec still has some points that are critically unclear, which you would immediately notice once you tried to implement it." Given that, we declare that more effort is needed before this work is deemed ready for IESG. At the same time, chairs would like to strongly applaud authors' efforts to improve this work. This version is significantly better than its predecessors. Thank you for your hard work. You are doing excellent work. Please continue. Also, to address the concern of missing implementations, chairs would like to announce a DHCP hackathon in Prague. Details are TBD, but the primary goal will be to have at least two independent implementations of that draft. The hackathon will take place the weekend before IETF meeting (that's July 15-16). A separate announcement will be sent soon. That is well over 3 months away. Authors and supporters of this work, please seriously consider dedicating some of your time implementing prototypes and attending the hackathon, if you can. If you can't we will organize some means for participating remotely. Thank you to the authors and to everyone who commented. Bernie & Tomek _______________________________________________ dhcwg mailing list dhcwg@ietf.org https://www.ietf.org/mailman/listinfo/dhcwg
- Re: [dhcwg] WGLC on draft-ietf-dhc-sedhcpv6-21 - … Ted Lemon
- Re: [dhcwg] WGLC on draft-ietf-dhc-sedhcpv6-21 - … Templin, Fred L
- Re: [dhcwg] WGLC on draft-ietf-dhc-sedhcpv6-21 - … Lishan Li
- Re: [dhcwg] WGLC on draft-ietf-dhc-sedhcpv6-21 - … Templin, Fred L
- Re: [dhcwg] WGLC on draft-ietf-dhc-sedhcpv6-21 - … Lishan Li
- Re: [dhcwg] WGLC on draft-ietf-dhc-sedhcpv6-21 - … Lishan Li
- [dhcwg] WGLC on draft-ietf-dhc-sedhcpv6-21 - Resp… Tomek Mrugalski
- Re: [dhcwg] WGLC on draft-ietf-dhc-sedhcpv6-21 - … Templin, Fred L
- Re: [dhcwg] WGLC on draft-ietf-dhc-sedhcpv6-21 - … Bernie Volz (volz)
- Re: [dhcwg] WGLC on draft-ietf-dhc-sedhcpv6-21 - … Lishan Li
- Re: [dhcwg] WGLC on draft-ietf-dhc-sedhcpv6-21 - … Bernie Volz (volz)
- Re: [dhcwg] WGLC on draft-ietf-dhc-sedhcpv6-21 - … 神明達哉
- Re: [dhcwg] WGLC on draft-ietf-dhc-sedhcpv6-21 - … Lishan Li
- Re: [dhcwg] WGLC on draft-ietf-dhc-sedhcpv6-21 - … Bernie Volz (volz)
- Re: [dhcwg] WGLC on draft-ietf-dhc-sedhcpv6-21 - … Bernie Volz (volz)
- Re: [dhcwg] WGLC on draft-ietf-dhc-sedhcpv6-21 - … Ted Lemon
- Re: [dhcwg] WGLC on draft-ietf-dhc-sedhcpv6-21 - … Sten Carlsen
- Re: [dhcwg] WGLC on draft-ietf-dhc-sedhcpv6-21 - … Tomek Mrugalski
- Re: [dhcwg] WGLC on draft-ietf-dhc-sedhcpv6-21 - … 神明達哉
- Re: [dhcwg] WGLC on draft-ietf-dhc-sedhcpv6-21 - … Timothy Carlin
- [dhcwg] WGLC on draft-ietf-dhc-sedhcpv6-21 - summ… Tomek Mrugalski