Re: [dhcwg] preliminary comments on draft-ietf-dhc-sedhcpv6-17

神明達哉 <jinmei@wide.ad.jp> Fri, 18 November 2016 19:51 UTC

MIME-Version: 1.0
Sender: jinmei.tatuya@gmail.com
In-Reply-To: <CAJ3w4Ne63cnqoeTZk=PDmAN9+i6jwzyxbK+up45wB9h+xUDSfw@mail.gmail.com>
References: <CAJE_bqebwr2WUUgaNgiYS4_8L77Gxj4Os+oPRG407B6ELMEhCQ@mail.gmail.com> <CAJ3w4Ndi5Gq63n5kZnanRhLM8nWE2wsWGh0kJJLJnq=VoXLuCg@mail.gmail.com> <CAJE_bqegh1DfWjfK2BxeC_fWa0cEk-KJNP0AT-TQuEa39w_wVQ@mail.gmail.com> <CAJ3w4NdM99nv4C19Xj=aosNme+_Ymyys=xQ3UWUfeZReZC4ckA@mail.gmail.com> <CAJE_bqdhGZnK16MooiyujDgthDNnR74EiwW0OevrN6uq4b4ANw@mail.gmail.com> <CAJE_bqfKUZe2yaW1sAq7rrib0M7wz28HHtPLqCHK=vXcN6amgg@mail.gmail.com> <CAJ3w4Nd3s+ZojjiotLkKwys6truhUgK6F-90UYjcpB9iw=fKKQ@mail.gmail.com> <m2r36nuqvn.wl%jinmei.tatuya@gmail.com> <CAJ3w4NeuNYTrX4p5rtZ6UceD5ydQ-B-vY6aqQzxWnXsrDOEFEA@mail.gmail.com> <CAJE_bqdh-bgk7BHZJnaFFBr3PDj4ZnSSGeGNdQ70F7dv91iQrA@mail.gmail.com> <CAJ3w4NfU9PrC9a+MGnJ=Es1yir_asHB3p1=9GfxZZ0iSe+At+Q@mail.gmail.com> <CAJE_bqfRBYkrniWQ+vtPULTURnvyV792QNGvr8JhhZpGQ0MSdA@mail.gmail.com> <CAJ3w4NerRzHYsRqcUAkAjHX23PYVF4Jv0wKcd33vXRRg+-0EAQ@mail.gmail.com> <CAJ3w4NekPk0TuAZW_jmTDYQHd8JP3GsrA0qrKYrnyqSSk3qwxw@mail.gmail.com> <CAJE_bqc8hkrc3dYefTPWi-mUCtZD+oYsrobCK1KjmVGRnNfMCw@mail.gmail.com> <CAJ3w4NejrFAT3RK7i0W46HkQNJjhPxbhzQiL=3fcrceidTzHNQ@mail.gmail.com> <CAJE_bqcCwZWPHuZ0UR8_jyCUsaTrYKzLD8zUKwChYaCL06yT9A@mail.gmail.com> <CAJ3w4NfS8PKOMHcP5s_Nsp5K5eWJfXWRF-vNEau_ekqTRwE=wA@mail.gmail.com> <CAJE_bqfqSXFR9R5wf1USg-zs+nvdohQFq99kQL2DiapXvUdEqA@mail.gmail.com> <CAJ3w4Ncj40JwrW6UB+TVFvymByU5Y9iFv5QroWhwUzkLrS2DTg@mail.gmail.com> <CAJE_bqd38grUh9q57a-H29GsMx5Dpv9VE0iBMO7v_-y97zZZUg@mail.gmail.com> <CAJ3w4Ne63cnqoeTZk=PDmAN9+i6jwzyxbK+up45wB9h+xUDSfw@mail.gmail.com>
From: 神明達哉 <jinmei@wide.ad.jp>
Date: Fri, 18 Nov 2016 11:51:27 -0800
Message-ID: <CAJE_bqceK7YLpMqhgjqrFQh7641a+ZRcnO0F6p6BiM8EMKmA7w@mail.gmail.com>
To: Lishan Li <lilishan48@gmail.com>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dhcwg/mVLyNjr00iDHkJchJavUcnqr4og>
Cc: "dhcwg@ietf.org" <dhcwg@ietf.org>
Subject: Re: [dhcwg] preliminary comments on draft-ietf-dhc-sedhcpv6-17
Precedence: list

At Fri, 18 Nov 2016 00:56:35 +0800,
Lishan Li <lilishan48@gmail.com> wrote:

> [LS]: Thanks a lot for your explanation.
> Then, for the next step, the transaction-id of Encrypted-Query and
> Encrypted-Response message works as identifier for the public key
> of encryption and private key for decryption.
> When receiving the first Encrypted-Query message, the server has
> to try all the private keys that it might use.
> Could you please check whether my understanding correct?

Hmm...I'm afraid I don't understand your understanding:-)

My understanding of where we are is that we now agree that as of
sedhcpv6-17 the server can't efficiently identify the private key to
decrypt a message in an Encrypted-Query message.

I can think of two possible next steps from here:
1. leave the inefficiency: let the server try all possible private
   keys until it can decrypt the message or conclude no key works.
2. introduce some kind of concept of "key ID" (or "key tag", in which
   case 100% uniqueness isn't required) and have the client include it
   in Encrypted-Query messages.

I personally prefer option #2, but in that case I don't like to
overload the existing transaction-id field for this purpose.

--
JINMEI, Tatuya

[dhcwg] preliminary comments on draft-ietf-dhc-se… 神明達哉
Re: [dhcwg] preliminary comments on draft-ietf-dh… Lishan Li
Re: [dhcwg] preliminary comments on draft-ietf-dh… 神明達哉
Re: [dhcwg] preliminary comments on draft-ietf-dh… Lishan Li
Re: [dhcwg] preliminary comments on draft-ietf-dh… 神明達哉
Re: [dhcwg] preliminary comments on draft-ietf-dh… 神明達哉
Re: [dhcwg] preliminary comments on draft-ietf-dh… Lishan Li
Re: [dhcwg] preliminary comments on draft-ietf-dh… Lishan Li
Re: [dhcwg] preliminary comments on draft-ietf-dh… Lishan Li
Re: [dhcwg] preliminary comments on draft-ietf-dh… JINMEI Tatuya / 神明達哉
Re: [dhcwg] preliminary comments on draft-ietf-dh… JINMEI Tatuya / 神明達哉
Re: [dhcwg] preliminary comments on draft-ietf-dh… Lishan Li
Re: [dhcwg] preliminary comments on draft-ietf-dh… 神明達哉
Re: [dhcwg] preliminary comments on draft-ietf-dh… Lishan Li
Re: [dhcwg] preliminary comments on draft-ietf-dh… 神明達哉
Re: [dhcwg] preliminary comments on draft-ietf-dh… Lishan Li
Re: [dhcwg] preliminary comments on draft-ietf-dh… Lishan Li
Re: [dhcwg] preliminary comments on draft-ietf-dh… 神明達哉
Re: [dhcwg] preliminary comments on draft-ietf-dh… Lishan Li
Re: [dhcwg] preliminary comments on draft-ietf-dh… 神明達哉
Re: [dhcwg] preliminary comments on draft-ietf-dh… Lishan Li
Re: [dhcwg] preliminary comments on draft-ietf-dh… 神明達哉
Re: [dhcwg] preliminary comments on draft-ietf-dh… Bernie Volz (volz)
Re: [dhcwg] preliminary comments on draft-ietf-dh… Lishan Li
Re: [dhcwg] preliminary comments on draft-ietf-dh… 神明達哉
Re: [dhcwg] preliminary comments on draft-ietf-dh… Lishan Li
Re: [dhcwg] preliminary comments on draft-ietf-dh… 神明達哉
Re: [dhcwg] preliminary comments on draft-ietf-dh… Lishan Li
Re: [dhcwg] preliminary comments on draft-ietf-dh… 神明達哉
Re: [dhcwg] preliminary comments on draft-ietf-dh… Lishan Li
Re: [dhcwg] preliminary comments on draft-ietf-dh… 神明達哉
Re: [dhcwg] preliminary comments on draft-ietf-dh… Lishan Li
Re: [dhcwg] preliminary comments on draft-ietf-dh… Lishan Li
Re: [dhcwg] preliminary comments on draft-ietf-dh… 神明達哉
Re: [dhcwg] preliminary comments on draft-ietf-dh… Lishan Li
Re: [dhcwg] preliminary comments on draft-ietf-dh… 神明達哉
Re: [dhcwg] preliminary comments on draft-ietf-dh… Lishan Li
Re: [dhcwg] preliminary comments on draft-ietf-dh… 神明達哉
Re: [dhcwg] preliminary comments on draft-ietf-dh… Lishan Li
Re: [dhcwg] preliminary comments on draft-ietf-dh… 神明達哉
Re: [dhcwg] preliminary comments on draft-ietf-dh… Lishan Li
Re: [dhcwg] preliminary comments on draft-ietf-dh… Ted Lemon
Re: [dhcwg] preliminary comments on draft-ietf-dh… Lishan Li