[dhcwg] status of draft-ietf-dhc-agent-subnet-selection
Thomas Narten <narten@us.ibm.com> Tue, 08 October 2002 18:01 UTC
Received: from www1.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id OAA24201 for <dhcwg-archive@odin.ietf.org>; Tue, 8 Oct 2002 14:01:48 -0400 (EDT)
Received: (from mailnull@localhost) by www1.ietf.org (8.11.6/8.11.6) id g98I3R319938 for dhcwg-archive@odin.ietf.org; Tue, 8 Oct 2002 14:03:27 -0400
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id g98I3Rv19935 for <dhcwg-web-archive@optimus.ietf.org>; Tue, 8 Oct 2002 14:03:27 -0400
Received: from www1.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id OAA24190 for <dhcwg-web-archive@ietf.org>; Tue, 8 Oct 2002 14:01:17 -0400 (EDT)
Received: from www1.ietf.org (localhost.localdomain [127.0.0.1]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id g98I0lv19801; Tue, 8 Oct 2002 14:00:48 -0400
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id g98Hq0v19357 for <dhcwg@optimus.ietf.org>; Tue, 8 Oct 2002 13:52:00 -0400
Received: from e35.co.us.ibm.com (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id NAA23692 for <dhcwg@ietf.org>; Tue, 8 Oct 2002 13:49:50 -0400 (EDT)
Received: from westrelay03.boulder.ibm.com (westrelay03.boulder.ibm.com [9.17.194.24]) by e35.co.us.ibm.com (8.12.2/8.12.2) with ESMTP id g98Hphxf074112; Tue, 8 Oct 2002 13:51:43 -0400
Received: from rotala.raleigh.ibm.com (rotala.raleigh.ibm.com [9.27.12.14]) by westrelay03.boulder.ibm.com (8.12.3/NCO/VER6.4) with ESMTP id g98Hpgtr019142; Tue, 8 Oct 2002 11:51:42 -0600
Received: from rotala.raleigh.ibm.com (narten@localhost) by rotala.raleigh.ibm.com (8.11.6/8.11.6) with ESMTP id g98Ho1b27921; Tue, 8 Oct 2002 13:50:01 -0400
Message-Id: <200210081750.g98Ho1b27921@rotala.raleigh.ibm.com>
To: Kim Kinnear <kkinnear@cisco.com>
cc: rdroms@cisco.com, dhcwg@ietf.org
In-Reply-To: Message from Kim Kinnear <kkinnear@cisco.com> of "Mon, 07 Oct 2002 10:59:40 EDT." <4.3.2.7.2.20021007105541.058707d0@goblet.cisco.com>
Date: Tue, 08 Oct 2002 13:50:01 -0400
From: Thomas Narten <narten@us.ibm.com>
Subject: [dhcwg] status of draft-ietf-dhc-agent-subnet-selection
Sender: dhcwg-admin@ietf.org
Errors-To: dhcwg-admin@ietf.org
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Id: <dhcwg.ietf.org>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
Hi Kim. > I was trying to recover some lost ground and figure out where the > drafts which I am editing are in the process. The following mail > is the last on the subject of the subnet-selection sub-option > that I can find in my mail archives. This document is tied up in IESG unhappiness with the WGs dealing with security issues. Basically, the IESG thinks that the overall security model of relay agent option is rather inadequate (it assumes that the entire network from the relay agent to the DHC servers is trustable/secure). This is not a new issue; it was a concern back when the original relay agent option document was approved. However, the WG keeps sending new relay agent options to the IESG without also working on the security model. One thing that was pointed out was that other WGs have been told flat out "no approval until you get a realistic security story". So, the issue that was raised was why should the DHC WG be held to a lesser standard. What the IESG wants to see is a credible story for the WG will get deployable/useable DHC security. In the case of the relay agent option, the technical issues seem fairly straightforward. Because relay-agents need to be configured, and because relay agents only need to talk (securely) with DHC servers, the key distribution problem can be handled via static keys/configuration. Bottom line: the IESG wants an updated charter that has a reasonable story for getting better security, together with an indication that there is meat behind the wording (e.g., a draft, and/or a design team that includes security clueful folk, etc.) Thomas _______________________________________________ dhcwg mailing list dhcwg@ietf.org https://www1.ietf.org/mailman/listinfo/dhcwg
- [dhcwg] stalled (?) dhc WG documents Thomas Narten
- Re: [dhcwg] stalled (?) dhc WG documents Kim Kinnear
- Re: [dhcwg] stalled (?) dhc WG documents Thomas Narten
- [dhcwg] status of draft-ietf-dhc-agent-subnet-sel… Thomas Narten