Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-04 - Respond by Nov 3, 2014

"Templin, Fred L" <Fred.L.Templin@boeing.com> Wed, 29 October 2014 20:03 UTC

Return-Path: <Fred.L.Templin@boeing.com>
X-Original-To: dhcwg@ietfa.amsl.com
Delivered-To: dhcwg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1D9B71A8907 for <dhcwg@ietfa.amsl.com>; Wed, 29 Oct 2014 13:03:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.911
X-Spam-Level:
X-Spam-Status: No, score=-3.911 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6hHuAwA4XnM6 for <dhcwg@ietfa.amsl.com>; Wed, 29 Oct 2014 13:03:53 -0700 (PDT)
Received: from slb-mbsout-02.boeing.com (slb-mbsout-02.boeing.com [130.76.64.129]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9961E1A87AD for <dhcwg@ietf.org>; Wed, 29 Oct 2014 13:03:53 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by slb-mbsout-02.boeing.com (8.14.4/8.14.4/DOWNSTREAM_MBSOUT) with SMTP id s9TK3rKB026863; Wed, 29 Oct 2014 13:03:53 -0700
Received: from XCH-BLV-107.nw.nos.boeing.com (xch-blv-107.nw.nos.boeing.com [130.247.25.123]) by slb-mbsout-02.boeing.com (8.14.4/8.14.4/UPSTREAM_MBSOUT) with ESMTP id s9TK3gUe026757 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=OK); Wed, 29 Oct 2014 13:03:43 -0700
Received: from XCH-BLV-504.nw.nos.boeing.com ([169.254.4.66]) by XCH-BLV-107.nw.nos.boeing.com ([169.254.7.99]) with mapi id 14.03.0210.002; Wed, 29 Oct 2014 13:03:42 -0700
From: "Templin, Fred L" <Fred.L.Templin@boeing.com>
To: 神明達哉 <jinmei@wide.ad.jp>
Thread-Topic: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-04 - Respond by Nov 3, 2014
Thread-Index: AQHP86H7PwFak2fyckefZB8F6L6EcZxHfJFg
Date: Wed, 29 Oct 2014 20:03:42 +0000
Message-ID: <2134F8430051B64F815C691A62D9831832D6FD2C@XCH-BLV-504.nw.nos.boeing.com>
References: <489D13FBFA9B3E41812EA89F188F018E1B6F6882@xmb-rcd-x04.cisco.com> <2134F8430051B64F815C691A62D9831832D5B51E@XCH-BLV-504.nw.nos.boeing.com> <5D36713D8A4E7348A7E10DF7437A4B923AF6A5C0@nkgeml512-mbx.china.huawei.com> <2134F8430051B64F815C691A62D9831832D6E707@XCH-BLV-504.nw.nos.boeing.com> <CAJE_bqeLugy4UuJdT2wLYN6Kr_B-WGBnqXo5x5j0iNGAmCqNCA@mail.gmail.com>
In-Reply-To: <CAJE_bqeLugy4UuJdT2wLYN6Kr_B-WGBnqXo5x5j0iNGAmCqNCA@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [130.247.104.6]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-TM-AS-MML: disable
Archived-At: http://mailarchive.ietf.org/arch/msg/dhcwg/nYWAmY7j2a6aU1MQi7LY0k-wD-I
Cc: "dhcwg@ietf.org" <dhcwg@ietf.org>, "Bernie Volz (volz)" <volz@cisco.com>
Subject: Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-04 - Respond by Nov 3, 2014
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <dhcwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dhcwg/>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 29 Oct 2014 20:03:55 -0000

Hi,

> -----Original Message-----
> From: jinmei.tatuya@gmail.com [mailto:jinmei.tatuya@gmail.com] On Behalf Of ????
> Sent: Wednesday, October 29, 2014 10:58 AM
> To: Templin, Fred L
> Cc: Sheng Jiang; Bernie Volz (volz); dhcwg@ietf.org
> Subject: Re: [dhcwg] WGLC for draft-ietf-dhc-sedhcpv6-04 - Respond by Nov 3, 2014
> 
> At Tue, 28 Oct 2014 14:56:35 +0000,
> "Templin, Fred L" <Fred.L.Templin@boeing.com> wrote:
> 
> > > This version has provided a certificate-based mechanism for the client to authenticated by the server. It is assuming the client has
> a
> > > certificate honored by the server.
> >
> > Right, I saw that but help me out here. If the client claims a DUID is the certificate
> > proof enough that the client is the authorized owner of the DUID?
> 
> In my understanding it's not guaranteed by the described protocol: any
> client that has a valid certificate can "steal" someone else's DUID
> in a signed DHCPv6 message that will be validated.

Thanks for this useful explanation.  In my scenario, clients can trust their servers
by leap-of-faith because there is another trust basis for assuring the Client that
the server is authorized to act as a server. However, the server needs some way
of knowing that clients that pass authentication are actually authorized to receive
the resources they are asking for.

Take for example a client C1 that provides a valid certificate but includes a DUID
corresponding to client C2 in a DHCPv6 PD Request. Will the server return an
IA_PD to client C1 that includes a prefix that is intended for client C2? That is
the scenario I need to defend against.

> Enforcing it could be part of the server implementation/configuration,
> though.

Enforce by linking the client's certificate to its DUID? Something else?

Thanks - Fred
fred.l.templin@boeing.com

> --
> JINMEI, Tatuya