Re: [dhcwg] IPsec for DHCPv6 client ?
Ted Lemon <Ted.Lemon@nominum.com> Tue, 10 September 2002 00:35 UTC
Received: from www1.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id UAA20616 for <dhcwg-archive@odin.ietf.org>; Mon, 9 Sep 2002 20:35:23 -0400 (EDT)
Received: (from mailnull@localhost) by www1.ietf.org (8.11.6/8.11.6) id g8A0aYO10901 for dhcwg-archive@odin.ietf.org; Mon, 9 Sep 2002 20:36:34 -0400
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id g8A0aYv10898 for <dhcwg-web-archive@optimus.ietf.org>; Mon, 9 Sep 2002 20:36:34 -0400
Received: from www1.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id UAA20589 for <dhcwg-web-archive@ietf.org>; Mon, 9 Sep 2002 20:34:53 -0400 (EDT)
Received: from www1.ietf.org (localhost.localdomain [127.0.0.1]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id g8A0Xcv10714; Mon, 9 Sep 2002 20:33:38 -0400
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id g8A0Sav10485 for <dhcwg@optimus.ietf.org>; Mon, 9 Sep 2002 20:28:36 -0400
Received: from toccata.fugue.com (toccata.fugue.com [204.152.186.142]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id UAA20288 for <dhcwg@ietf.org>; Mon, 9 Sep 2002 20:26:54 -0400 (EDT)
Received: from green.bisbee.fugue.com (dsl-64-193-175-153.telocity.com [64.193.175.153]) by toccata.fugue.com (8.11.6/8.6.11) with ESMTP id g8A0MSv11007; Mon, 9 Sep 2002 19:22:28 -0500 (CDT)
Received: from dechen (localhost [127.0.0.1]) by green.bisbee.fugue.com (8.12.2/8.6.11) with ESMTP id g8A0SPUa000436; Mon, 9 Sep 2002 20:28:25 -0400 (EDT)
Date: Mon, 09 Sep 2002 20:28:24 -0400
Subject: Re: [dhcwg] IPsec for DHCPv6 client ?
Content-Type: text/plain; charset="US-ASCII"; format="flowed"
Mime-Version: 1.0 (Apple Message framework v543)
Cc: dhcwg@ietf.org
To: Jean-Mickael Guerin <jean-mickael.guerin@6wind.com>
From: Ted Lemon <Ted.Lemon@nominum.com>
In-Reply-To: <3D7C9A23.2080701@6wind.com>
Message-Id: <37E52D8A-C454-11D6-8C0A-00039367340A@nominum.com>
Content-Transfer-Encoding: 7bit
X-Mailer: Apple Mail (2.543)
Content-Transfer-Encoding: 7bit
Sender: dhcwg-admin@ietf.org
Errors-To: dhcwg-admin@ietf.org
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Id: <dhcwg.ietf.org>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
Content-Transfer-Encoding: 7bit
Content-Transfer-Encoding: 7bit
> Why is not proposed using IPsec to secure communications between > clients and servers with the some restrictions, i.e. installation of > static keys as shared secret, in intra-domain ? Because in general we don't expect that such a security association would exist. In general, you are plugging a device into the network, and you want it to work - you don't want to have to configure it before you plug it in. If you wanted that, you wouldn't be using DHCP, right? The only plausible exception I can come up with is a cell phone, where perhaps the provider would install an IPsec key in the phone. But even then, I'm skeptical that it could be made to work the way you describe. _______________________________________________ dhcwg mailing list dhcwg@ietf.org https://www1.ietf.org/mailman/listinfo/dhcwg
- [dhcwg] IPsec for DHCPv6 client ? Jean-Mickael Guerin
- Re: [dhcwg] IPsec for DHCPv6 client ? Ted Lemon
- Re: [dhcwg] IPsec for DHCPv6 client ? Jean-Mickael Guerin
- Re: [dhcwg] IPsec for DHCPv6 client ? Ted Lemon
- RE: [dhcwg] IPsec for DHCPv6 client ? Bound, Jim